Multiple use-after-free flaws were reported [1] in libxml2 2.9.0, which could be used to cause a denial of service or, possibly, the execution of arbitrary code by the privileges of the user running an application linked to libxml2. 1) A use-after-free error in the "htmlParseChunk()" function can be exploited to dereference already freed memory. 2) Two use-after-free errors in the "xmldecl_done()" function can be exploited to dereference already freed memory. These issues have been fixed in git [2]. Based on the bug report, the implication is that these flaws were introduced in version 2.9.0 (this has not yet been verified though). [1] https://bugzilla.gnome.org/show_bug.cgi?id=690202 [2] https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
Statement: This issue does not affect the version of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect version of mingw32-libxml2 as shipped with Red Hat Enterprise Linux 5 and 6.
These issues were introduced in version 2.9.0 and subsequently fixed in version 2.9.1.