[Secure-testing-commits] r37714 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 15 10:16:15 UTC 2015
Author: carnil
Date: 2015-11-15 10:16:15 +0000 (Sun, 15 Nov 2015)
New Revision: 37714
Modified:
data/CVE/list
Log:
Add note for one libxml2 issue which needs to be checked
Possibly the fix for CVE-2015-7941 introduces this issue, at least
according to upstream but.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-15 09:52:12 UTC (rev 37713)
+++ data/CVE/list 2015-11-15 10:16:15 UTC (rev 37714)
@@ -6,6 +6,7 @@
- libxml2 <unfixed>
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756263
NOTE: https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
+ NOTE: Possibly introduced by https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (fix for CVE-2015-7941)
TODO: check versions
CVE-2015-XXXX [Out-of-bounds heap read on 0xff char in xml declaration]
- libxml2 <unfixed>
More information about the Secure-testing-commits
mailing list