Security update for libxml2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:1524-1 Final 1 1 2021-05-05T16:25:33Z current 2021-05-05T16:25:33Z 2021-05-05T16:25:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libxml2 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408). - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410). - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle12.5/sles12sp5:latest-2021-1524,Container suse/sles12sp3:latest-2021-1524,Container suse/sles12sp4:latest-2021-1524,Container suse/sles12sp5:latest-2021-1524,Image SLES12-SP5-Azure-BYOS-2021-1524,Image SLES12-SP5-Azure-Basic-On-Demand-2021-1524,Image SLES12-SP5-Azure-HPC-BYOS-2021-1524,Image SLES12-SP5-Azure-HPC-On-Demand-2021-1524,Image SLES12-SP5-Azure-SAP-BYOS-2021-1524,Image SLES12-SP5-Azure-SAP-On-Demand-2021-1524,Image SLES12-SP5-Azure-Standard-On-Demand-2021-1524,Image SLES12-SP5-EC2-BYOS-2021-1524,Image SLES12-SP5-EC2-ECS-On-Demand-2021-1524,Image SLES12-SP5-EC2-On-Demand-2021-1524,Image SLES12-SP5-EC2-SAP-BYOS-2021-1524,Image SLES12-SP5-EC2-SAP-On-Demand-2021-1524,Image SLES12-SP5-GCE-BYOS-2021-1524,Image SLES12-SP5-GCE-On-Demand-2021-1524,Image SLES12-SP5-GCE-SAP-BYOS-2021-1524,Image SLES12-SP5-GCE-SAP-On-Demand-2021-1524,Image SLES12-SP5-OCI-BYOS-BYOS-2021-1524,Image SLES12-SP5-OCI-BYOS-SAP-BYOS-2021-1524,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2021-1524,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2021-1524,SUSE-2021-1524,SUSE-SLE-SDK-12-SP5-2021-1524,SUSE-SLE-SERVER-12-SP5-2021-1524 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20211524-1/ Link for SUSE-SU-2021:1524-1 https://lists.suse.com/pipermail/sle-security-updates/2021-May/008741.html E-Mail link for SUSE-SU-2021:1524-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1185408 SUSE Bug 1185408 https://bugzilla.suse.com/1185409 SUSE Bug 1185409 https://bugzilla.suse.com/1185410 SUSE Bug 1185410 https://www.suse.com/security/cve/CVE-2021-3516/ SUSE CVE CVE-2021-3516 page https://www.suse.com/security/cve/CVE-2021-3517/ SUSE CVE CVE-2021-3517 page https://www.suse.com/security/cve/CVE-2021-3518/ SUSE CVE CVE-2021-3518 page Container suse/ltss/sle12.5/sles12sp5:latest Container suse/sles12sp3:latest Container suse/sles12sp4:latest Container suse/sles12sp5:latest Image SLES12-SP5-Azure-BYOS Image SLES12-SP5-Azure-Basic-On-Demand Image SLES12-SP5-Azure-HPC-BYOS Image SLES12-SP5-Azure-HPC-On-Demand Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-Azure-Standard-On-Demand Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-ECS-On-Demand Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-BYOS Image SLES12-SP5-GCE-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-OCI-BYOS-BYOS Image SLES12-SP5-OCI-BYOS-SAP-BYOS Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 libxml2-2-2.9.4-46.40.1 libxml2-tools-2.9.4-46.40.1 libxml2-2-32bit-2.9.4-46.40.1 libxml2-2-64bit-2.9.4-46.40.1 libxml2-devel-2.9.4-46.40.1 libxml2-devel-32bit-2.9.4-46.40.1 libxml2-devel-64bit-2.9.4-46.40.1 libxml2-doc-2.9.4-46.40.1 python-libxml2-2.9.4-46.40.1 libxml2-2-2.9.4-46.40.1 as a component of Container suse/ltss/sle12.5/sles12sp5:latest libxml2-2-2.9.4-46.40.1 as a component of Container suse/sles12sp3:latest libxml2-2-2.9.4-46.40.1 as a component of Container suse/sles12sp4:latest libxml2-2-2.9.4-46.40.1 as a component of Container suse/sles12sp5:latest libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-Basic-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-HPC-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-HPC-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-Azure-Standard-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-ECS-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-OCI-BYOS-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-OCI-BYOS-SAP-BYOS libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libxml2-2-2.9.4-46.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libxml2-2-32bit-2.9.4-46.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libxml2-tools-2.9.4-46.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libxml2-2-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server 12 SP5 libxml2-2-32bit-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server 12 SP5 libxml2-doc-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server 12 SP5 libxml2-tools-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server 12 SP5 python-libxml2-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server 12 SP5 libxml2-2-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libxml2-2-32bit-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libxml2-doc-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libxml2-tools-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 python-libxml2-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libxml2-devel-2.9.4-46.40.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. CVE-2021-3516 Container suse/ltss/sle12.5/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp3:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp4:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-Basic-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-Standard-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-ECS-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-32bit-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libxml2-devel-2.9.4-46.40.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211524-1/ https://www.suse.com/security/cve/CVE-2021-3516.html CVE-2021-3516 https://bugzilla.suse.com/1185409 SUSE Bug 1185409 https://bugzilla.suse.com/1191860 SUSE Bug 1191860 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. CVE-2021-3517 Container suse/ltss/sle12.5/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp3:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp4:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-Basic-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-Standard-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-ECS-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-32bit-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libxml2-devel-2.9.4-46.40.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211524-1/ https://www.suse.com/security/cve/CVE-2021-3517.html CVE-2021-3517 https://bugzilla.suse.com/1185410 SUSE Bug 1185410 https://bugzilla.suse.com/1191860 SUSE Bug 1191860 https://bugzilla.suse.com/1194438 SUSE Bug 1194438 https://bugzilla.suse.com/1196383 SUSE Bug 1196383 There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. CVE-2021-3518 Container suse/ltss/sle12.5/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp3:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp4:latest:libxml2-2-2.9.4-46.40.1 Container suse/sles12sp5:latest:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-Basic-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-HPC-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-Azure-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-Azure-Standard-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-ECS-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-BYOS:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-GCE-SAP-On-Demand:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-2-32bit-2.9.4-46.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-2-32bit-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-doc-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libxml2-tools-2.9.4-46.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-libxml2-2.9.4-46.40.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libxml2-devel-2.9.4-46.40.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211524-1/ https://www.suse.com/security/cve/CVE-2021-3518.html CVE-2021-3518 https://bugzilla.suse.com/1185408 SUSE Bug 1185408 https://bugzilla.suse.com/1191860 SUSE Bug 1191860