[xml/sgml-pkgs] Bug#705722: libxml2: CVE-2013-1969

Salvatore Bonaccorso carnil at debian.org
Fri Apr 19 04:51:05 UTC 2013

Package: libxml2
Severity: grave
Tags: security patch upstream


the following vulnerability was published for libxml2.

se-after-free error in "htmlParseChunk()" and "xmldecl_done()"

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

A patch commited in git upstream repo is at [1].

For further information see:

[0] http://security-tracker.debian.org/tracker/CVE-2013-1969
[1] https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f

Please adjust the affected versions in the BTS as needed.


More information about the debian-xml-sgml-pkgs mailing list