[ ] libxml2-2.9.1-6.el7.5.i686.rpm 2021-10-15 14:01 654K
[ ] libxml2-2.9.1-6.el7.5.x86_64.rpm 2021-10-15 14:00 668K
Looks like it was updated on 10-15-2021, but the changelog for package has not been updated. I am assuming the new package was to address CVE-2016-4658, as RH updated and addressed the issue with this a couple days prior.
Anyone confirm it was addressed, and that the changelog on the package has not been updated?
CVE-2016-4658 on libxml2
Re: CVE-2016-4658 on libxml2
No, this looks like a missing update. The RHEL 7 copy is libxml2-2.9.1-6.el7_9.6.x86_64 and the changelog there says "Fix CVE-2016-4658 (#1966916)".
I have informed the person who builds all this lot but perhaps a bug report on bugs.centos.org would be a good thing.
I have informed the person who builds all this lot but perhaps a bug report on bugs.centos.org would be a good thing.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 2
- Joined: 2021/10/21 15:37:01