[CLSA-2026:1783095447] Fix CVE(s): CVE-2026-11979
Type:
security
Severity:
Important
Release date:
2026-07-03 16:17:43 UTC
Description:
* SECURITY UPDATE: stack buffer overflows in xmlcatalog --shell mode - debian/patches/CVE-2026-11979.patch: add bounds checks in the usershell() command-line parser in xmlcatalog.c to prevent stack buffer overflows when parsing overly long command lines - CVE-2026-11979
CVEs fixed:
Updated packages:
  • libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:16f2bffc03c0866e288ebb9b7b01fda3c194560f
  • libxml2-dev_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:c4f77e8be297a033349b3beac9d4ce0a7061949c
  • libxml2-doc_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_all.deb
    sha:933eb5e9f1723df6b908dc4b9cd5a9f49b682c2f
  • libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:45422af20795a150e31274e17f11f5c805d43b53
  • python-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:73bb1510bfe17a6732a2fdd4b4135ca3cc7de589
  • python3-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:c1b821f07eb679785cc3907575d0ab2131b173ea
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.