This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
libxml2 was updated to fix security issues and a regression from the
last version update.
Security issues fixed :
- CVE-2016-3627: Fixed stack exhaustion while parsing
certain XML files in recovery mode (bnc#972335).
- CVE-2016-3705: Improved protection against the Billion
Laughs Attack (bnc#975947).
Regression fixed :
- Fixed XML push parser that fails with bogus UTF-8
encoding error when multi-byte character in large CDATA
section is split across buffer [bnc#962796]
See also :
Update the affected libxml2 packages.
Risk factor :
Medium / CVSS Base Score : 5.0