ALSA-2025:10630

[ALSA-2025:10630] Important: libxml2 security update

Type:

security

Severity:

important

Release date:

2025-07-10

Description:

The libxml2 library is a development toolbox providing the implementation of various XML standards.  

Security Fix(es):  

  * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
  * libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795)
  * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
  * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libxml2-static-2.12.5-7.el10_0.aarch64.rpm	57fe82c9e135c4b210e542dda1f78393b3b28a116dad2cb36ddaaccdc9355683
aarch64	python3-libxml2-2.12.5-7.el10_0.aarch64.rpm	753862f6cb31c3bf1542110168bedaae386018ce1b4b745b4e8a6ff8b43e1351
aarch64	libxml2-2.12.5-7.el10_0.aarch64.rpm	becf914a31e39c592aaa97c7263b4b5274c27f7c9d42a40f3346d41df264b6fa
aarch64	libxml2-devel-2.12.5-7.el10_0.aarch64.rpm	e2932fb2333a64be2ddadae0ccb11d7b27ff78ee9c7559ef437c6be78f0a9ec6
ppc64le	python3-libxml2-2.12.5-7.el10_0.ppc64le.rpm	1342a4ae0603f9bace7afaf6f47cc32d08bffc03bf378cbb3b265438aab7c839
ppc64le	libxml2-devel-2.12.5-7.el10_0.ppc64le.rpm	35c68000663c7a4ec9b0e0712192a37212e1bd387fcd932c773c364751149380
ppc64le	libxml2-2.12.5-7.el10_0.ppc64le.rpm	900b89e2a553f7c769c4db96fcf0bcadc5d97854b1638575026f625e2ef32b7c
ppc64le	libxml2-static-2.12.5-7.el10_0.ppc64le.rpm	e882fc02d0adfa947d1bce9b53f7db26c70e28bded6b950af8a43b9d3bd0bcdf
s390x	libxml2-devel-2.12.5-7.el10_0.s390x.rpm	0a6b6e50aa085c78d45418266f408bab78fedf6724f8bb91b2c2af6ddf7fd0a4
s390x	libxml2-static-2.12.5-7.el10_0.s390x.rpm	126d188c87556eb68a85c3662992e360ed6dfbf98bbfe797d6f183784ddd8dd2
s390x	libxml2-2.12.5-7.el10_0.s390x.rpm	2ba90cea759ad0557b9062b1276ac460d3108ad81f6286c95d51cc83071d7506
s390x	python3-libxml2-2.12.5-7.el10_0.s390x.rpm	95cc0a35d042fb01ed416862120f5e1c13eb96ba87815f22155a0633a1bda467
x86_64	libxml2-static-2.12.5-7.el10_0.x86_64.rpm	5599f8d99defe787480af5a1d9d1a75584c0851c9057e43c8aebdb550850cd6b
x86_64	libxml2-2.12.5-7.el10_0.x86_64.rpm	5a2ab55aa419854af4c09fef4e58c9962a8c5ac96c1e0ccacada2ce2765fd866
x86_64	libxml2-devel-2.12.5-7.el10_0.x86_64.rpm	6ab8041b45212ee9991914a2f898e8acbbf3339b0d68b6fcab3d8d7d9131f52d
x86_64	python3-libxml2-2.12.5-7.el10_0.x86_64.rpm	713c15351ea8895a6d8961822dde2b3955b85e255bf759b985ca274c0637f6d4
x86_64_v2	libxml2-devel-2.12.5-7.el10_0.x86_64_v2.rpm	1c209bf845cf0450a7ed720a59b75cc40e6d70f9615001fde03268fd1fb1af83
x86_64_v2	libxml2-2.12.5-7.el10_0.x86_64_v2.rpm	3c4e7230cb827ff612cc7e079503b7b932e6e94d2a1b68847e16e8c0a835e603
x86_64_v2	python3-libxml2-2.12.5-7.el10_0.x86_64_v2.rpm	3e62a63f4d221a3004d9e35911c6291e045895af81a5a74a0472d30e53d728cc
x86_64_v2	libxml2-static-2.12.5-7.el10_0.x86_64_v2.rpm	b3a744aadbe94d14daa8874275d4008c605df43bc787d443d950a8b03249f439

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.