[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libxml2 issues
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 28 20:40:30 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8cfe60c5 by Salvatore Bonaccorso at 2021-04-28T21:39:53+02:00
Add Debian bug references for libxml2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -82,19 +82,19 @@ CVE-2020-36326 (PHPMailer 6.1.8 through 6.4.0 allows object injection through Ph
TODO: check
CVE-2021-3518 [use-after-free in xmlXIncludeDoProcess() in xinclude.c]
RESERVED
- - libxml2 <unfixed>
+ - libxml2 <unfixed> (bug #987737)
[buster] - libxml2 <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/237
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7
CVE-2021-3517 [heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c]
RESERVED
- - libxml2 <unfixed>
+ - libxml2 <unfixed> (bug #987738)
[buster] - libxml2 <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/235
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2
CVE-2021-3516 [use-after-free in xmlEncodeEntitiesInternal() in entities.c]
RESERVED
- - libxml2 <unfixed>
+ - libxml2 <unfixed> (bug #987739)
[buster] - libxml2 <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/230
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfe60c5ac15b4361bb004f9c0647f07ab64bf71
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cfe60c5ac15b4361bb004f9c0647f07ab64bf71
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210428/cb5d9c15/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list