[Secure-testing-commits] r37531 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Nov 3 20:01:42 UTC 2015


Author: carnil
Date: 2015-11-03 20:01:42 +0000 (Tue, 03 Nov 2015)
New Revision: 37531

Modified:
   data/CVE/list
Log:
Wrap long note line

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-03 19:04:13 UTC (rev 37530)
+++ data/CVE/list	2015-11-03 20:01:42 UTC (rev 37531)
@@ -12,7 +12,10 @@
 	[squeeze] - libxml2 <not-affected> (No LZMA/XZ support in version 2.7.8)
 	NOTE: Upstream patch: https://git.gnome.org/browse/libxml2/commit/?id=f0709e3ca8f8947f2d91ed34e92e38a4c23eae63
 	NOTE: You can use "xmllint --version" to verify if libxml2 is compiled with "Lzma" support.
-	NOTE: sid's 2.9.2+zdfsg1-4 claims to have "Lzma" support but it's broken in fact... so it barfs on the problematic file (parser error : Start tag expected, '<' not found) even though it does not have the fix yet. The next upstream release will fix this issue and will restore XZ support.
+	NOTE: sid's 2.9.2+zdfsg1-4 claims to have "Lzma" support but it's broken in fact...
+	NOTE: so it barfs on the problematic file (parser error : Start tag expected,
+	NOTE: '<' not found) even though it does not have the fix yet. The next upstream
+	NOTE: release will fix this issue and will restore XZ support.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/02/2
 CVE-2015-XXXX [Multiple CSRF Vulnerabilities]
 	- php-horde 5.2.8+debian0-1 (bug #803641)




More information about the Secure-testing-commits mailing list