[Secure-testing-commits] r33043 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 22 09:20:28 UTC 2015
Author: carnil
Date: 2015-03-22 09:20:28 +0000 (Sun, 22 Mar 2015)
New Revision: 33043
Modified:
data/CVE/list
Log:
Reference PoC for batik
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-22 09:10:23 UTC (rev 33042)
+++ data/CVE/list 2015-03-22 09:20:28 UTC (rev 33043)
@@ -8006,6 +8006,7 @@
NOTE: https://issues.apache.org/jira/browse/BATIK-1018
NOTE: https://issues.apache.org/jira/browse/BATIK-1113
NOTE: Commit disabling external xml entities: https://svn.apache.org/viewvc/xmlgraphics/batik/trunk/sources/org/apache/batik/dom/util/SAXDocumentFactory.java?r1=662304&r2=1664335&diff_format=h
+ NOTE: PoC: https://www.ernw.de/download/xxe_batik.tar.xz
CVE-2015-0249
RESERVED
CVE-2015-0248
More information about the Secure-testing-commits
mailing list