libxml 2.9.3 fixes a large number of security issues. The release notes mention 10 CVEs (and I'm aware of at least two more issues I reported myself that didn't get CVEs yet). Please update.
Note that a good load of these are already fixed in 2.9.2-r4.
[master d8a8b05] dev-libs/libxml2: Version bump 2 files changed, 216 insertions(+) create mode 100644 dev-libs/libxml2/libxml2-2.9.3.ebuild
This issue was resolved and addressed in GLSA 201701-37 at https://security.gentoo.org/glsa/201701-37 by GLSA coordinator Thomas Deutschmann (whissi).