[Secure-testing-commits] r41752 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon May 16 05:26:02 UTC 2016


Author: carnil
Date: 2016-05-16 05:26:02 +0000 (Mon, 16 May 2016)
New Revision: 41752

Modified:
   data/CVE/list
Log:
CVE-2016-1762/libxml2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-16 05:20:36 UTC (rev 41751)
+++ data/CVE/list	2016-05-16 05:26:02 UTC (rev 41752)
@@ -2218,12 +2218,6 @@
 	NOTE: https://github.com/weidai11/cryptopp/issues/146
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
 	NOTE: Initial upload in 5.6.3-5 was incomplete
-CVE-2016-XXXX [Heap-based buffer overread in xmlNextChar]
-	- libxml2 <unfixed>
-	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
-	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
-	TODO: check versions, upstream but not yet public open but referenced in commit
-	TODO: vtk6, paraview, opencollada, xdmf, gettext appear to include the affected code
 CVE-2016-3994 [GIF loader: out-of-bounds read]
 	RESERVED
 	{DSA-3555-1}
@@ -8966,7 +8960,10 @@
 	TODO: check
 CVE-2016-1762 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before ...)
 	- libxml2 <unfixed>
-	TODO: check
+	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
+	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
+	TODO: check versions, upstream bug not yet public open but referenced in commit
+	TODO: vtk6, paraview, opencollada, xdmf, gettext appear to include the affected code
 CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS ...)
 	- libxml2 <unfixed>
 	TODO: check




More information about the Secure-testing-commits mailing list