[xml/sgml-pkgs] Bug#705722: libxml2: CVE-2013-1969
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 19 04:51:05 UTC 2013
Package: libxml2
Severity: grave
Tags: security patch upstream
Hi,
the following vulnerability was published for libxml2.
CVE-2013-1969[0]:
se-after-free error in "htmlParseChunk()" and "xmldecl_done()"
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
A patch commited in git upstream repo is at [1].
For further information see:
[0] http://security-tracker.debian.org/tracker/CVE-2013-1969
[1] https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the debian-xml-sgml-pkgs
mailing list