From ${URL} : Security: More format string warnings with possible format string vulnerability (David Kilzer), Avoid building recursive entities (Daniel Veillard), Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde), Heap-based buffer-underreads due to xmlParseName (David Kilzer), Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde), Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde), Fix some format string warnings with possible format string vulnerability (David Kilzer), Detect change of encoding when parsing HTML names (Hugh Davenport), Fix inappropriate fetch of entities content (Daniel Veillard), Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde), Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde), Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer), Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde), Add missing increments of recursion depth counter to XML parser. (Peter Simons) @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Bug https://bugzilla.gnome.org/show_bug.cgi?id=759398 is CVE-2016-1836. Bug https://bugzilla.gnome.org/show_bug.cgi?id=758605 is CVE-2016-1839 handled by bug 573820. Bug https://bugzilla.gnome.org/show_bug.cgi?id=758588 is CVE-2016-1838. Bug https://bugzilla.gnome.org/show_bug.cgi?id=757711 is CVE-2016-1840. Each vulnerability was fixed by v2.9.4. v2.9.4 landed in Gentoo repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-libs/libxml2?id=b68f9389191396b4febff3e7b61f939189364426 @ Security: Please vote!
This issue was resolved and addressed in GLSA 201701-37 at https://security.gentoo.org/glsa/201701-37 by GLSA coordinator Thomas Deutschmann (whissi).