ALSA-2025:10698

[ALSA-2025:10698] Important: libxml2 security update

Type:

security

Severity:

important

Release date:

2025-07-10

Description:

The libxml2 library is a development toolbox providing the implementation of various XML standards.  

Security Fix(es):  

  * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
  * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
  * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	python3-libxml2-2.9.7-21.el8_10.1.aarch64.rpm	3a04740769cfeba87f40796d8e1ea74de0e0ee341b44892512d046a60cfd0e5d
aarch64	libxml2-2.9.7-21.el8_10.1.aarch64.rpm	7c8cc4348e5c6cf67d952a6741052f5f72cbc4a86cbd9137151942b4a4506de6
aarch64	libxml2-devel-2.9.7-21.el8_10.1.aarch64.rpm	96e3ceb50c32099f96b98ac2f7913705a5de7226f55e13ae97ad86b0c6f71351
i686	libxml2-devel-2.9.7-21.el8_10.1.i686.rpm	7dd925cd73b333fceb5fbb5386c693e499d350832906d49e0eefce081b4cc86c
i686	libxml2-2.9.7-21.el8_10.1.i686.rpm	dc44ad357636398890aafd529aa9f7fb97f55cf13757ea58118b2d7fc34e60f9
ppc64le	python3-libxml2-2.9.7-21.el8_10.1.ppc64le.rpm	4fcd3407897024f16399e44e3c4cf8b3370deb1ceadbc467a2de2afcbaeab311
ppc64le	libxml2-devel-2.9.7-21.el8_10.1.ppc64le.rpm	cf6b7e64904203820b2aef136cc817ec91ef794316ef3d30228e0ae590e2d7d3
ppc64le	libxml2-2.9.7-21.el8_10.1.ppc64le.rpm	e9f66f6079a02e022b1f7b887a5d3f93dfce0507aa5d06bec276a547a188961b
s390x	libxml2-devel-2.9.7-21.el8_10.1.s390x.rpm	36db982027103fe508454e2baa8342b421d5e079c721c796e25117b863fd8eb4
s390x	libxml2-2.9.7-21.el8_10.1.s390x.rpm	37b3e1ae63fea342cd2bda7011dcdf4b664b59569e8de540aeb37799c361210b
s390x	python3-libxml2-2.9.7-21.el8_10.1.s390x.rpm	42d7800eb0bb694aa5aa561b3abb54323ad6c6d08633e96b20a5c58b0b9285d6
x86_64	libxml2-devel-2.9.7-21.el8_10.1.x86_64.rpm	11e1d35578e4e695991c0b07da755d40f0cf3c81ac3632f3843666c005e3e1e4
x86_64	python3-libxml2-2.9.7-21.el8_10.1.x86_64.rpm	7d351518c736c9d2e3c070adf02e777408c621a80e2e345ba9d5fe3d3f95a06c
x86_64	libxml2-2.9.7-21.el8_10.1.x86_64.rpm	fbb1aabdd5e4deca9996a46c0145771a017ea067f592741231acf3b1decf76bd

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.