Synopsis: Moderate: libxml2 security and bug fix update Advisory ID: SLSA-2020:3996-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-7595 CVE-2019-20388 CVE-2019-19956 -- Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) -- SL7 x86_64 libxml2-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm - Scientific Linux Development Team