libxml2: Multiple vulnerabilities Multiple vulnerabilities have been found in libxml2, the worst of which could lead to the execution of arbitrary code. libxml2 2017-01-16 2017-01-16 564776 566374 572878 573820 577998 582538 582540 583888 589816 597112 597114 597116 remote 2.9.4-r1 2.9.4-r1

libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project.

Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user or automated system to process a specially crafted XML document, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

There is no known workaround at this time.

All libxml2 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1" CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8242 CVE-2015-8806 CVE-2016-1836 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4483 CVE-2016-4658 CVE-2016-5131 b-man b-man