Debian: DSA-5142-1: libxml2 security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Felix Wilhelm reported that several buffer handling functions in libxml2, a library providing support to read, modify and write XML and HTML files, don't check for integer overflows, resulting in out-of-bounds memory writes if specially crafted, multi-gigabyte XML

Debian: DSA-5140-1: openldap security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operations when a specially crafted search filter