Release date:
2026-07-02 15:27:30 UTC
Description:
* SECURITY UPDATE: stack-based buffer overflows in the xmlcatalog utility
interactive --shell mode
- debian/patches/CVE-2026-11979.patch: Add bounds checks in usershell() in
xmlcatalog.c so the command, arg and argv fixed-size stack buffers are not
overflowed by an overly long --shell input line
- CVE-2026-11979
Updated packages:
-
libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_amd64.deb
sha:4232b925ed9700f58526b61b6d5efef3b2d776ab
-
libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_amd64.deb
sha:aa1de8f62992e7a83c481613c6f2b57e54e20f0a
-
libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_all.deb
sha:1c082df01ec620ec619adfbf945647eacc40e40a
-
libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_amd64.deb
sha:060c9d028d18e0123a36e553f741e1f021f3c41b
-
python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_amd64.deb
sha:e88a9be879830588bd9de793391433747d1fffae
-
python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els8_amd64.deb
sha:8c02e92eca31bd08b6ce48ece1b7f67e625c2264
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.