Updated libxml2 packages that fix one security issue are now available forRed Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having Moderate securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

The libxml2 library is a development toolbox providing the implementationof various XML standards.It was discovered that libxml2 loaded external parameter entities even whenentity substitution was disabled. A remote attacker able to provide aspecially crafted XML file to an application linked against libxml2 coulduse this flaw to conduct XML External Entity (XXE) attacks, possiblyresulting in a denial of service or an information leak on the system.(CVE-2014-0191)The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat.All libxml2 users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. The desktop must berestarted (log out, then log back in) for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
libxml2-2.9.1-5.el7_1.2.src.rpm
    MD5: eb857f91ae2a682ecd03ee083255b457SHA-256: 9925fc8f4097ef295500f3bd7a2fb9924e00869d8baf3488c4966aeeb7218a2d
 
x86_64:
libxml2-2.9.1-5.el7_1.2.i686.rpm
    MD5: cafaf8558aedd9be05f43c7cda682e89SHA-256: 038a2d7778e12b957dd3b7dad615346534ac7cf7c65f75bcd87de1e737394cd2
libxml2-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 74d385603e86828e8c17f809a6a7b83fSHA-256: 663ef57259f02af294eac4a0a213cc55b720fe83cbbcd0d3d6cf01d706b0e95e
libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm
    MD5: 87c2fccb924d8c9fbb7ccb2da7d2bab4SHA-256: 61a8cdcb786b8ad58c742187562b15d515f380188a8436f2cae93393530e15fe
libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 2aada6246d19ddc510b0423c0a068566SHA-256: 25dae9824f70935c3a53ad0d7f1146e935ca07c2516f9660b2785ed8e43a195a
libxml2-devel-2.9.1-5.el7_1.2.i686.rpm
    MD5: 41bd53755a1473f39f4b22b86743cbc9SHA-256: 64b7ca9cd184233e49c24ed9dc01cff8719360ff6456c9e5b8d1d6cb250ad510
libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 6e1655e07052f7c7795894b5351f6296SHA-256: e6b5085cd3c46f88efcacb9abef71481a2578a66984c1c2b3af58dba25fc75f5
libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 27109e9e3dda6304aa3e9ab05e86cda8SHA-256: 44d0166e8ebdb35c2ec0b2a493f6ab562fa268a1cba7830ebacf3b7884612e9c
libxml2-static-2.9.1-5.el7_1.2.i686.rpm
    MD5: 0b1cfef1eccd78504f3c27147e9ad0b8SHA-256: 8409d69f0bbe275a193bed42e5a8f62f1dcbc383c060f424ce3406f8b92e66e3
libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: f699b7a298dd9aa91c1370b1e519cd6dSHA-256: 8668e8941c9f0ffd3cd6da2e58c79f05c74cc89819f89d70651ec58b34bae1c6
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
libxml2-2.9.1-5.el7_1.2.src.rpm
    MD5: eb857f91ae2a682ecd03ee083255b457SHA-256: 9925fc8f4097ef295500f3bd7a2fb9924e00869d8baf3488c4966aeeb7218a2d
 
x86_64:
libxml2-2.9.1-5.el7_1.2.i686.rpm
    MD5: cafaf8558aedd9be05f43c7cda682e89SHA-256: 038a2d7778e12b957dd3b7dad615346534ac7cf7c65f75bcd87de1e737394cd2
libxml2-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 74d385603e86828e8c17f809a6a7b83fSHA-256: 663ef57259f02af294eac4a0a213cc55b720fe83cbbcd0d3d6cf01d706b0e95e
libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm
    MD5: 87c2fccb924d8c9fbb7ccb2da7d2bab4SHA-256: 61a8cdcb786b8ad58c742187562b15d515f380188a8436f2cae93393530e15fe
libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 2aada6246d19ddc510b0423c0a068566SHA-256: 25dae9824f70935c3a53ad0d7f1146e935ca07c2516f9660b2785ed8e43a195a
libxml2-devel-2.9.1-5.el7_1.2.i686.rpm
    MD5: 41bd53755a1473f39f4b22b86743cbc9SHA-256: 64b7ca9cd184233e49c24ed9dc01cff8719360ff6456c9e5b8d1d6cb250ad510
libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 6e1655e07052f7c7795894b5351f6296SHA-256: e6b5085cd3c46f88efcacb9abef71481a2578a66984c1c2b3af58dba25fc75f5
libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 27109e9e3dda6304aa3e9ab05e86cda8SHA-256: 44d0166e8ebdb35c2ec0b2a493f6ab562fa268a1cba7830ebacf3b7884612e9c
libxml2-static-2.9.1-5.el7_1.2.i686.rpm
    MD5: 0b1cfef1eccd78504f3c27147e9ad0b8SHA-256: 8409d69f0bbe275a193bed42e5a8f62f1dcbc383c060f424ce3406f8b92e66e3
libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: f699b7a298dd9aa91c1370b1e519cd6dSHA-256: 8668e8941c9f0ffd3cd6da2e58c79f05c74cc89819f89d70651ec58b34bae1c6
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
libxml2-2.9.1-5.el7_1.2.src.rpm
    MD5: eb857f91ae2a682ecd03ee083255b457SHA-256: 9925fc8f4097ef295500f3bd7a2fb9924e00869d8baf3488c4966aeeb7218a2d
 
PPC:
libxml2-2.9.1-5.el7_1.2.ppc.rpm
    MD5: 4bffbff6dd6aa03a8886e8a4818ca968SHA-256: 51dc24883d951e2a0858125bde910eace76c585d2125346da3ef5404cb238fb5
libxml2-2.9.1-5.el7_1.2.ppc64.rpm
    MD5: d51325453f9be0be0fdee68a9d47f5f1SHA-256: fb9bd1f921c7c16012658dab5a0a2821ddf1c4fd1b4d6e6dc3a9bbdd8bd2d91f
libxml2-debuginfo-2.9.1-5.el7_1.2.ppc.rpm
    MD5: fc013989563d020f35c4cb14525c0abaSHA-256: b3028d5f4818466992b5b2226419bdb87dc985f0033ec37d1a7830e892a4799e
libxml2-debuginfo-2.9.1-5.el7_1.2.ppc64.rpm
    MD5: 265770d9b394d59eca57d4abd9304293SHA-256: 89c1da975aa18eb735d9a0a04c2ca06f691ed1f7159404de7dfaca13d95dcf23
libxml2-devel-2.9.1-5.el7_1.2.ppc.rpm
    MD5: ca91af5c0f670d31318e861452050e83SHA-256: 18fd6e13438a1849a9e17ee60b95e4358744f9c68e701c2ec5c4dd6cb69f356f
libxml2-devel-2.9.1-5.el7_1.2.ppc64.rpm
    MD5: 18b5475cca280a8b82cd879d1eed20faSHA-256: 69b8ff00652c2640cbdd56af42ab570ec520254c3a5682b9a23816c3b77c0598
libxml2-python-2.9.1-5.el7_1.2.ppc64.rpm
    MD5: 46f3c916511aef8a28c0ae4ddfee3138SHA-256: 59e75128303b422b1a51ffba9d8c0c33a9bf0cb642e3593cba1d792c7a2d291b
libxml2-static-2.9.1-5.el7_1.2.ppc.rpm
    MD5: de3d4985ff78b246b2ddbbde6c80e510SHA-256: 92b5c9612a02291d4d87129f5f26116a61105ee8110271a54614ab34a24e5c10
libxml2-static-2.9.1-5.el7_1.2.ppc64.rpm
    MD5: 15d6562e2d5a2898529fc8466ce8ee52SHA-256: 35f8b30b20cd9a8bcdc584a3b7e672be7986d2ec39c14c32c624aadfee8aaeb5
 
s390x:
libxml2-2.9.1-5.el7_1.2.s390.rpm
    MD5: 328a422c84997dbbf84e94b82c982f80SHA-256: 55295a3581940f8e24a19cbb5e103f3ab4a74601995d0527920f566d86bd4b40
libxml2-2.9.1-5.el7_1.2.s390x.rpm
    MD5: e8ad0774e09308d6178d20c716228374SHA-256: ab057bc70da25306fcedf15cda09c0e48cf5577bce090890de9646f81dd549ad
libxml2-debuginfo-2.9.1-5.el7_1.2.s390.rpm
    MD5: fd78db585d6211c88104c08ad3b820abSHA-256: c9e2da3b408a9b7bfd0ba64a75cc2aafac225577fad9537dd4e919796af3a71e
libxml2-debuginfo-2.9.1-5.el7_1.2.s390x.rpm
    MD5: 7b11c858b0068e0a7c5b342d4dc1bc92SHA-256: 4567e7895d25483452f9299328ebe43c2ff07da5ef649f6b1e020ea80618801d
libxml2-devel-2.9.1-5.el7_1.2.s390.rpm
    MD5: b4e1f06a48dcd26c2d5daf04da630fa9SHA-256: b5f6575a802e62ead3366d79bad762fdfb860f9af8aa6ce59ae7ff17e764d6cd
libxml2-devel-2.9.1-5.el7_1.2.s390x.rpm
    MD5: fd71cd0cbcb57c1fe311c1b71fc31164SHA-256: af04a75f869bb84cffbaad27faabb2d640eda7a1335c5c256d31f340ce7c7b5d
libxml2-python-2.9.1-5.el7_1.2.s390x.rpm
    MD5: 483c9f5cb2f722a70160dbdddfd1b2dcSHA-256: f8d6c231e750d4cb85fce0af5d0e8148c516e989b1c563806186b81966dacaa4
libxml2-static-2.9.1-5.el7_1.2.s390.rpm
    MD5: 3046583e4f9fc0a3455da90af7c55aecSHA-256: e7795d3bcd031903a5f1efbf9c7ead81f79b0a1c2a1062993d576b1382f81876
libxml2-static-2.9.1-5.el7_1.2.s390x.rpm
    MD5: d122435a7b720be9ad34e453d2526063SHA-256: ba34a7070e0b817eb17d847d0dc5cf7977e703dd26d3c08752b86f9488809bde
 
x86_64:
libxml2-2.9.1-5.el7_1.2.i686.rpm
    MD5: cafaf8558aedd9be05f43c7cda682e89SHA-256: 038a2d7778e12b957dd3b7dad615346534ac7cf7c65f75bcd87de1e737394cd2
libxml2-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 74d385603e86828e8c17f809a6a7b83fSHA-256: 663ef57259f02af294eac4a0a213cc55b720fe83cbbcd0d3d6cf01d706b0e95e
libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm
    MD5: 87c2fccb924d8c9fbb7ccb2da7d2bab4SHA-256: 61a8cdcb786b8ad58c742187562b15d515f380188a8436f2cae93393530e15fe
libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 2aada6246d19ddc510b0423c0a068566SHA-256: 25dae9824f70935c3a53ad0d7f1146e935ca07c2516f9660b2785ed8e43a195a
libxml2-devel-2.9.1-5.el7_1.2.i686.rpm
    MD5: 41bd53755a1473f39f4b22b86743cbc9SHA-256: 64b7ca9cd184233e49c24ed9dc01cff8719360ff6456c9e5b8d1d6cb250ad510
libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 6e1655e07052f7c7795894b5351f6296SHA-256: e6b5085cd3c46f88efcacb9abef71481a2578a66984c1c2b3af58dba25fc75f5
libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 27109e9e3dda6304aa3e9ab05e86cda8SHA-256: 44d0166e8ebdb35c2ec0b2a493f6ab562fa268a1cba7830ebacf3b7884612e9c
libxml2-static-2.9.1-5.el7_1.2.i686.rpm
    MD5: 0b1cfef1eccd78504f3c27147e9ad0b8SHA-256: 8409d69f0bbe275a193bed42e5a8f62f1dcbc383c060f424ce3406f8b92e66e3
libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: f699b7a298dd9aa91c1370b1e519cd6dSHA-256: 8668e8941c9f0ffd3cd6da2e58c79f05c74cc89819f89d70651ec58b34bae1c6
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
libxml2-2.9.1-5.el7_1.2.src.rpm
    MD5: eb857f91ae2a682ecd03ee083255b457SHA-256: 9925fc8f4097ef295500f3bd7a2fb9924e00869d8baf3488c4966aeeb7218a2d
 
x86_64:
libxml2-2.9.1-5.el7_1.2.i686.rpm
    MD5: cafaf8558aedd9be05f43c7cda682e89SHA-256: 038a2d7778e12b957dd3b7dad615346534ac7cf7c65f75bcd87de1e737394cd2
libxml2-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 74d385603e86828e8c17f809a6a7b83fSHA-256: 663ef57259f02af294eac4a0a213cc55b720fe83cbbcd0d3d6cf01d706b0e95e
libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm
    MD5: 87c2fccb924d8c9fbb7ccb2da7d2bab4SHA-256: 61a8cdcb786b8ad58c742187562b15d515f380188a8436f2cae93393530e15fe
libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 2aada6246d19ddc510b0423c0a068566SHA-256: 25dae9824f70935c3a53ad0d7f1146e935ca07c2516f9660b2785ed8e43a195a
libxml2-devel-2.9.1-5.el7_1.2.i686.rpm
    MD5: 41bd53755a1473f39f4b22b86743cbc9SHA-256: 64b7ca9cd184233e49c24ed9dc01cff8719360ff6456c9e5b8d1d6cb250ad510
libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 6e1655e07052f7c7795894b5351f6296SHA-256: e6b5085cd3c46f88efcacb9abef71481a2578a66984c1c2b3af58dba25fc75f5
libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: 27109e9e3dda6304aa3e9ab05e86cda8SHA-256: 44d0166e8ebdb35c2ec0b2a493f6ab562fa268a1cba7830ebacf3b7884612e9c
libxml2-static-2.9.1-5.el7_1.2.i686.rpm
    MD5: 0b1cfef1eccd78504f3c27147e9ad0b8SHA-256: 8409d69f0bbe275a193bed42e5a8f62f1dcbc383c060f424ce3406f8b92e66e3
libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm
    MD5: f699b7a298dd9aa91c1370b1e519cd6dSHA-256: 8668e8941c9f0ffd3cd6da2e58c79f05c74cc89819f89d70651ec58b34bae1c6
 
(The unlinked packages above are only available from the Red Hat Network)
1090976 – CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply