Security update for libxml2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:0049-1 Final 1 1 2016-01-07T12:52:24Z current 2016-01-07T12:52:24Z 2016-01-07T12:52:24Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libxml2 - security update: This update fixes the following security issues: * CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193] * CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734] * CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735] * CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018] * CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021] * CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260] * CVE-2015-5312 Fix another entity expansion issue [bnc#957105] * CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106] * CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107] * CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109] * CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260] * CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429] * CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110] The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2016-38,SUSE-SLE-DESKTOP-12-SP1-2016-38,SUSE-SLE-SDK-12-2016-38,SUSE-SLE-SDK-12-SP1-2016-38,SUSE-SLE-SERVER-12-2016-38,SUSE-SLE-SERVER-12-SP1-2016-38 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ Link for SUSE-SU-2016:0049-1 https://lists.suse.com/pipermail/sle-security-updates/2016-January/001788.html E-Mail link for SUSE-SU-2016:0049-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/928193 SUSE Bug 928193 https://bugzilla.suse.com/951734 SUSE Bug 951734 https://bugzilla.suse.com/951735 SUSE Bug 951735 https://bugzilla.suse.com/954429 SUSE Bug 954429 https://bugzilla.suse.com/956018 SUSE Bug 956018 https://bugzilla.suse.com/956021 SUSE Bug 956021 https://bugzilla.suse.com/956260 SUSE Bug 956260 https://bugzilla.suse.com/957105 SUSE Bug 957105 https://bugzilla.suse.com/957106 SUSE Bug 957106 https://bugzilla.suse.com/957107 SUSE Bug 957107 https://bugzilla.suse.com/957109 SUSE Bug 957109 https://bugzilla.suse.com/957110 SUSE Bug 957110 https://www.suse.com/security/cve/CVE-2015-1819/ SUSE CVE CVE-2015-1819 page https://www.suse.com/security/cve/CVE-2015-5312/ SUSE CVE CVE-2015-5312 page https://www.suse.com/security/cve/CVE-2015-7497/ SUSE CVE CVE-2015-7497 page https://www.suse.com/security/cve/CVE-2015-7498/ SUSE CVE CVE-2015-7498 page https://www.suse.com/security/cve/CVE-2015-7499/ SUSE CVE CVE-2015-7499 page https://www.suse.com/security/cve/CVE-2015-7500/ SUSE CVE CVE-2015-7500 page https://www.suse.com/security/cve/CVE-2015-7941/ SUSE CVE CVE-2015-7941 page https://www.suse.com/security/cve/CVE-2015-7942/ SUSE CVE CVE-2015-7942 page https://www.suse.com/security/cve/CVE-2015-8035/ SUSE CVE CVE-2015-8035 page https://www.suse.com/security/cve/CVE-2015-8241/ SUSE CVE CVE-2015-8241 page https://www.suse.com/security/cve/CVE-2015-8242/ SUSE CVE CVE-2015-8242 page https://www.suse.com/security/cve/CVE-2015-8317/ SUSE CVE CVE-2015-8317 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 libxml2-2-2.9.1-13.1 libxml2-2-32bit-2.9.1-13.1 libxml2-tools-2.9.1-13.1 python-libxml2-2.9.1-13.1 libxml2-devel-2.9.1-13.1 libxml2-doc-2.9.1-13.1 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 libxml2-doc-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 SP1 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 SP1 libxml2-doc-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 SP1 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 SP1 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server 12 SP1 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libxml2-doc-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libxml2-2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libxml2-2-32bit-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libxml2-doc-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libxml2-tools-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 python-libxml2-2.9.1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libxml2-devel-2.9.1-13.1 as a component of SUSE Linux Enterprise Software Development Kit 12 libxml2-devel-2.9.1-13.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. CVE-2015-1819 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-1819.html CVE-2015-1819 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/928193 SUSE Bug 928193 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. CVE-2015-5312 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-5312.html CVE-2015-5312 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/957105 SUSE Bug 957105 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors. CVE-2015-7497 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7497.html CVE-2015-7497 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/957106 SUSE Bug 957106 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure. CVE-2015-7498 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7498.html CVE-2015-7498 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/957107 SUSE Bug 957107 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. CVE-2015-7499 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7499.html CVE-2015-7499 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/957109 SUSE Bug 957109 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. CVE-2015-7500 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7500.html CVE-2015-7500 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/957110 SUSE Bug 957110 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities. CVE-2015-7941 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7941.html CVE-2015-7941 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/951734 SUSE Bug 951734 https://bugzilla.suse.com/951735 SUSE Bug 951735 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941. CVE-2015-7942 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-7942.html CVE-2015-7942 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/951735 SUSE Bug 951735 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. CVE-2015-8035 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-8035.html CVE-2015-8035 https://bugzilla.suse.com/1088279 SUSE Bug 1088279 https://bugzilla.suse.com/1105166 SUSE Bug 1105166 https://bugzilla.suse.com/954429 SUSE Bug 954429 The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. CVE-2015-8241 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-8241.html CVE-2015-8241 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/956018 SUSE Bug 956018 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. CVE-2015-8242 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-8242.html CVE-2015-8242 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/956021 SUSE Bug 956021 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769 The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read. CVE-2015-8317 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Desktop 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-2-32bit-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-doc-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:libxml2-tools-2.9.1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:python-libxml2-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libxml2-devel-2.9.1-13.1 SUSE Linux Enterprise Software Development Kit 12:libxml2-devel-2.9.1-13.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/ https://www.suse.com/security/cve/CVE-2015-8317.html CVE-2015-8317 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/956260 SUSE Bug 956260 https://bugzilla.suse.com/959469 SUSE Bug 959469 https://bugzilla.suse.com/969769 SUSE Bug 969769