Referring to Security Advisories at https://support.symantec.com/en_US/article.SYMSA1377.html

Security Analytics 6.6, 7.0, and 7.1 are vulnerable to all CVEs.

This patch is available in Security Analytics version 7.2.2 and greater.  Only apply the patch below if you are running 7.1.x or 7.2.1.

Workaround

The fix are all patched in libxml2 2.9.1-6.atpsa1.3.

Attached is the patched build libxml2-2.9.1-6.atpsa1.3.x86_64.rpm that fixes the ibxml2 vulnerabilities.

Procedure to install the patched build,

1. SCP the rpm files to the SA appliance and place in the /tmp directory.
2. Run the command 'rpm -Uvh libxml2-2.9.1-6.atpsa1.3.x86_64.rpm'.
3. Verify the installed version using command 'yum list libxml2".
4. Reboot the appliance.