csaf_suse - suse-ru-2016:2413-1

Vulnerability from csaf_suse

Published

2016-09-29 11:13

Modified

2016-09-29 11:13

Summary

Recommended update for libxml2

Notes

Title of the patch

Recommended update for libxml2

Description of the patch

This update for libxml2 fixes an issue when processing external entities introduced with the fix for CVE-2014-0191.

Patchnames

sdksp4-libxml2-12765,slessp4-libxml2-12765

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Recommended update for libxml2",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\nThis update for libxml2 fixes an issue when processing external entities introduced\nwith the fix for CVE-2014-0191.\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "sdksp4-libxml2-12765,slessp4-libxml2-12765",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2016_2413-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-RU-2016:2413-1",
            url: "https://www.suse.com/support/update/announcement//suse-ru-20162413-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-RU-2016:2413-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2016-September/005205.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 996079",
            url: "https://bugzilla.suse.com/996079",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2014-0191 page",
            url: "https://www.suse.com/security/cve/CVE-2014-0191/",
         },
      ],
      title: "Recommended update for libxml2",
      tracking: {
         current_release_date: "2016-09-29T11:13:48Z",
         generator: {
            date: "2016-09-29T11:13:48Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-RU-2016:2413-1",
         initial_release_date: "2016-09-29T11:13:48Z",
         revision_history: [
            {
               date: "2016-09-29T11:13:48Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libxml2-devel-2.7.6-0.47.1.i586",
                        product: {
                           name: "libxml2-devel-2.7.6-0.47.1.i586",
                           product_id: "libxml2-devel-2.7.6-0.47.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-2.7.6-0.47.1.i586",
                        product: {
                           name: "libxml2-2.7.6-0.47.1.i586",
                           product_id: "libxml2-2.7.6-0.47.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-doc-2.7.6-0.47.1.i586",
                        product: {
                           name: "libxml2-doc-2.7.6-0.47.1.i586",
                           product_id: "libxml2-doc-2.7.6-0.47.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-python-2.7.6-0.47.3.i586",
                        product: {
                           name: "libxml2-python-2.7.6-0.47.3.i586",
                           product_id: "libxml2-python-2.7.6-0.47.3.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libxml2-devel-2.7.6-0.47.1.ia64",
                        product: {
                           name: "libxml2-devel-2.7.6-0.47.1.ia64",
                           product_id: "libxml2-devel-2.7.6-0.47.1.ia64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-2.7.6-0.47.1.ia64",
                        product: {
                           name: "libxml2-2.7.6-0.47.1.ia64",
                           product_id: "libxml2-2.7.6-0.47.1.ia64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-doc-2.7.6-0.47.1.ia64",
                        product: {
                           name: "libxml2-doc-2.7.6-0.47.1.ia64",
                           product_id: "libxml2-doc-2.7.6-0.47.1.ia64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-python-2.7.6-0.47.3.ia64",
                        product: {
                           name: "libxml2-python-2.7.6-0.47.3.ia64",
                           product_id: "libxml2-python-2.7.6-0.47.3.ia64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-x86-2.7.6-0.47.1.ia64",
                        product: {
                           name: "libxml2-x86-2.7.6-0.47.1.ia64",
                           product_id: "libxml2-x86-2.7.6-0.47.1.ia64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ia64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libxml2-devel-2.7.6-0.47.1.ppc64",
                        product: {
                           name: "libxml2-devel-2.7.6-0.47.1.ppc64",
                           product_id: "libxml2-devel-2.7.6-0.47.1.ppc64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
                        product: {
                           name: "libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
                           product_id: "libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-2.7.6-0.47.1.ppc64",
                        product: {
                           name: "libxml2-2.7.6-0.47.1.ppc64",
                           product_id: "libxml2-2.7.6-0.47.1.ppc64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-32bit-2.7.6-0.47.1.ppc64",
                        product: {
                           name: "libxml2-32bit-2.7.6-0.47.1.ppc64",
                           product_id: "libxml2-32bit-2.7.6-0.47.1.ppc64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-doc-2.7.6-0.47.1.ppc64",
                        product: {
                           name: "libxml2-doc-2.7.6-0.47.1.ppc64",
                           product_id: "libxml2-doc-2.7.6-0.47.1.ppc64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-python-2.7.6-0.47.3.ppc64",
                        product: {
                           name: "libxml2-python-2.7.6-0.47.3.ppc64",
                           product_id: "libxml2-python-2.7.6-0.47.3.ppc64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libxml2-devel-2.7.6-0.47.1.s390x",
                        product: {
                           name: "libxml2-devel-2.7.6-0.47.1.s390x",
                           product_id: "libxml2-devel-2.7.6-0.47.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-devel-32bit-2.7.6-0.47.1.s390x",
                        product: {
                           name: "libxml2-devel-32bit-2.7.6-0.47.1.s390x",
                           product_id: "libxml2-devel-32bit-2.7.6-0.47.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-2.7.6-0.47.1.s390x",
                        product: {
                           name: "libxml2-2.7.6-0.47.1.s390x",
                           product_id: "libxml2-2.7.6-0.47.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-32bit-2.7.6-0.47.1.s390x",
                        product: {
                           name: "libxml2-32bit-2.7.6-0.47.1.s390x",
                           product_id: "libxml2-32bit-2.7.6-0.47.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-doc-2.7.6-0.47.1.s390x",
                        product: {
                           name: "libxml2-doc-2.7.6-0.47.1.s390x",
                           product_id: "libxml2-doc-2.7.6-0.47.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-python-2.7.6-0.47.3.s390x",
                        product: {
                           name: "libxml2-python-2.7.6-0.47.3.s390x",
                           product_id: "libxml2-python-2.7.6-0.47.3.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libxml2-devel-2.7.6-0.47.1.x86_64",
                        product: {
                           name: "libxml2-devel-2.7.6-0.47.1.x86_64",
                           product_id: "libxml2-devel-2.7.6-0.47.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
                        product: {
                           name: "libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
                           product_id: "libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-2.7.6-0.47.1.x86_64",
                        product: {
                           name: "libxml2-2.7.6-0.47.1.x86_64",
                           product_id: "libxml2-2.7.6-0.47.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-32bit-2.7.6-0.47.1.x86_64",
                        product: {
                           name: "libxml2-32bit-2.7.6-0.47.1.x86_64",
                           product_id: "libxml2-32bit-2.7.6-0.47.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-doc-2.7.6-0.47.1.x86_64",
                        product: {
                           name: "libxml2-doc-2.7.6-0.47.1.x86_64",
                           product_id: "libxml2-doc-2.7.6-0.47.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libxml2-python-2.7.6-0.47.3.x86_64",
                        product: {
                           name: "libxml2-python-2.7.6-0.47.3.x86_64",
                           product_id: "libxml2-python-2.7.6-0.47.3.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Software Development Kit 11 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Software Development Kit 11 SP4",
                           product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/a:suse:sle-sdk:11:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 11 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Server 11 SP4",
                           product_id: "SUSE Linux Enterprise Server 11 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse_sles:11:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:11:sp4",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-2.7.6-0.47.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.i586",
            },
            product_reference: "libxml2-devel-2.7.6-0.47.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-devel-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-devel-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-devel-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-devel-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-32bit-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-32bit-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-devel-32bit-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-devel-32bit-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
               product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.i586",
            },
            product_reference: "libxml2-2.7.6-0.47.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.i586 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.s390x as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-x86-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
               product_id: "SUSE Linux Enterprise Server 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-x86-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.i586",
            },
            product_reference: "libxml2-2.7.6-0.47.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-32bit-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-32bit-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-doc-2.7.6-0.47.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
            },
            product_reference: "libxml2-doc-2.7.6-0.47.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.ppc64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-python-2.7.6-0.47.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
            },
            product_reference: "libxml2-python-2.7.6-0.47.3.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libxml2-x86-2.7.6-0.47.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
            },
            product_reference: "libxml2-x86-2.7.6-0.47.1.ia64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2014-0191",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2014-0191",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.i586",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
               "SUSE Linux Enterprise Server 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.i586",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.i586",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ia64",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.x86_64",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.s390x",
               "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2014-0191",
               url: "https://www.suse.com/security/cve/CVE-2014-0191",
            },
            {
               category: "external",
               summary: "SUSE Bug 1014873 for CVE-2014-0191",
               url: "https://bugzilla.suse.com/1014873",
            },
            {
               category: "external",
               summary: "SUSE Bug 1123919 for CVE-2014-0191",
               url: "https://bugzilla.suse.com/1123919",
            },
            {
               category: "external",
               summary: "SUSE Bug 876652 for CVE-2014-0191",
               url: "https://bugzilla.suse.com/876652",
            },
            {
               category: "external",
               summary: "SUSE Bug 877506 for CVE-2014-0191",
               url: "https://bugzilla.suse.com/877506",
            },
            {
               category: "external",
               summary: "SUSE Bug 996079 for CVE-2014-0191",
               url: "https://bugzilla.suse.com/996079",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.i586",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
                  "SUSE Linux Enterprise Server 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.i586",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-32bit-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.i586",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-doc-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.i586",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ia64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.ppc64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-python-2.7.6-0.47.3.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libxml2-x86-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.i586",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ia64",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-2.7.6-0.47.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.ppc64",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.s390x",
                  "SUSE Linux Enterprise Software Development Kit 11 SP4:libxml2-devel-32bit-2.7.6-0.47.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2016-09-29T11:13:48Z",
               details: "important",
            },
         ],
         title: "CVE-2014-0191",
      },
   ],
}

cve-2014-0191

Vulnerability from cvelistv5

Published

2015-01-21 02:00

Modified

2024-08-06 09:05

Severity ?

Summary

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1090976	x_refsource_CONFIRM
	https://support.apple.com/kb/HT205030	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/67233	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	x_refsource_CONFIRM
	http://xmlsoft.org/news.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2015-0749.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/93092	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21678183	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html	vendor-advisory, x_refsource_SUSE
	https://support.apple.com/kb/HT205031	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T09:05:39.238Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1090976",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT205030",
               },
               {
                  name: "67233",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/67233",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://xmlsoft.org/news.html",
               },
               {
                  name: "RHSA-2015:0749",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-0749.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df",
               },
               {
                  name: "libxml2-cve20140191-dos(93092)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/93092",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678183",
               },
               {
                  name: "APPLE-SA-2015-08-13-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
               },
               {
                  name: "APPLE-SA-2015-08-13-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html",
               },
               {
                  name: "openSUSE-SU-2015:2372",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT205031",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-05-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-08-28T12:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1090976",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/kb/HT205030",
            },
            {
               name: "67233",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/67233",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://xmlsoft.org/news.html",
            },
            {
               name: "RHSA-2015:0749",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-0749.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df",
            },
            {
               name: "libxml2-cve20140191-dos(93092)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/93092",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678183",
            },
            {
               name: "APPLE-SA-2015-08-13-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
            },
            {
               name: "APPLE-SA-2015-08-13-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html",
            },
            {
               name: "openSUSE-SU-2015:2372",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/kb/HT205031",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2014-0191",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1090976",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1090976",
                  },
                  {
                     name: "https://support.apple.com/kb/HT205030",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/kb/HT205030",
                  },
                  {
                     name: "67233",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/67233",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
                  },
                  {
                     name: "http://xmlsoft.org/news.html",
                     refsource: "CONFIRM",
                     url: "http://xmlsoft.org/news.html",
                  },
                  {
                     name: "RHSA-2015:0749",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2015-0749.html",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                  },
                  {
                     name: "https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df",
                     refsource: "CONFIRM",
                     url: "https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df",
                  },
                  {
                     name: "libxml2-cve20140191-dos(93092)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/93092",
                  },
                  {
                     name: "http://www-01.ibm.com/support/docview.wss?uid=swg21678183",
                     refsource: "CONFIRM",
                     url: "http://www-01.ibm.com/support/docview.wss?uid=swg21678183",
                  },
                  {
                     name: "APPLE-SA-2015-08-13-2",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
                  },
                  {
                     name: "APPLE-SA-2015-08-13-3",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html",
                  },
                  {
                     name: "openSUSE-SU-2015:2372",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html",
                  },
                  {
                     name: "https://support.apple.com/kb/HT205031",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/kb/HT205031",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2014-0191",
      datePublished: "2015-01-21T02:00:00",
      dateReserved: "2013-12-03T00:00:00",
      dateUpdated: "2024-08-06T09:05:39.238Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

cve-2014-0191

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature