libxml 2.9.3 fixes a large number of security issues. The release notes mention 10 CVEs (and I'm aware of at least two more issues I reported myself that didn't get CVEs yet).
Note that a good load of these are already fixed in 2.9.2-r4.
[master d8a8b05] dev-libs/libxml2: Version bump
2 files changed, 216 insertions(+)
create mode 100644 dev-libs/libxml2/libxml2-2.9.3.ebuild
This issue was resolved and addressed in
GLSA 201701-37 at https://security.gentoo.org/glsa/201701-37
by GLSA coordinator Thomas Deutschmann (whissi).