[xml/sgml-pkgs] Bug#823414: libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file
Salvatore Bonaccorso
carnil at debian.org
Wed May 4 14:04:05 UTC 2016
Source: libxml2
Version: 2.8.0+dfsg1-1
Severity: important
Tags: security upstream patch
Forwarded: https://bugzilla.gnome.org/show_bug.cgi?id=765207
Hi,
the following vulnerability was published for libxml2.
CVE-2016-3705[0]:
stack overflow before detecting invalid XML file
No patch commited upstream but SuSE has a proposed patch.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-3705
[1] https://bugzilla.gnome.org/show_bug.cgi?id=765207
[2] https://bugzilla.novell.com/show_bug.cgi?id=975947
Regards,
Salvatore
More information about the debian-xml-sgml-pkgs
mailing list