[CLSA-2026:1783076452] Fix CVE(s): CVE-2026-11979
Type:
security
Severity:
Important
Release date:
2026-07-03 11:01:08 UTC
Description:
* SECURITY UPDATE: buffer overflow in xmlcatalog --shell interactive mode - debian/patches/CVE-2026-11979.patch: add overflow checks for large commands, args and argv in usershell() in xmlcatalog.c - CVE-2026-11979
CVEs fixed:
Updated packages:
  • libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els14_amd64.deb
    sha:fc8a5ad767ec3a964944e26cb95ebce64589aa93
  • libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els14_amd64.deb
    sha:67906c5398e2b00e5c8994a7e0ee6f2202aefe60
  • libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els14_all.deb
    sha:e146bf094d4b6c45fa7d8fd8d640f0bd21c05026
  • libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els14_amd64.deb
    sha:b48e71626af8fbff016b4b5574119afe07209ea3
  • python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els14_amd64.deb
    sha:a29c150384a0fe8bb7cb11e73b09ae16ffd5c1fa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.