Referring to Security Advisories at https://support.symantec.com/en_US/article.SYMSA1377.html
Security Analytics 6.6, 7.0, and 7.1 are vulnerable to all CVEs.
This patch is available in Security Analytics version 7.2.2 and greater. Only apply the patch below if you are running 7.1.x or 7.2.1.
The fix are all patched in libxml2 2.9.1-6.atpsa1.3.
Attached is the patched build libxml2-2.9.1-6.atpsa1.3.x86_64.rpm that fixes the ibxml2 vulnerabilities.
Procedure to install the patched build,