FS#75515 - [libxml2] [security] double-free, integer overflows, use-after-free

Attached to Project: Arch Linux
Opened by T.J. Townsend (blakkheim) - Thursday, 04 August 2022, 20:48 GMT
Last edited by Toolybird (Toolybird) - Monday, 29 August 2022, 21:13 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Jan Alexander Steffens (heftig)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No
This task depends upon

Closed by  Toolybird (Toolybird)
Monday, 29 August 2022, 21:13 GMT
Reason for closing:  Fixed
Additional comments about closing:  libxml2 2.10.2-1
Comment by T.J. Townsend (blakkheim) - Saturday, 20 August 2022, 21:04 GMT
Ping for consideration
Comment by T.J. Townsend (blakkheim) - Wednesday, 24 August 2022, 20:04 GMT
All the cited issues were fixed in v2.10.0, which came out a week ago.

CVE-2022-2309 has been assigned to the xmlCtxtReset one.