[xml/sgml-pkgs] Bug#988603: Technical details of CVE-2021-3541

Sebastian Pipping sebastian at pipping.org
Sun May 16 21:34:35 BST 2021

Previous message (by thread): [xml/sgml-pkgs] Bug#988603: libxml2: CVE-2021-3541: Exponential entity expansion attack bypasses all existing protection mechanisms
Next message (by thread): [xml/sgml-pkgs] Bug#988603: libxml2: diff for NMU version 2.9.10+dfsg-6.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> Technical details for the vulnerability are unfortunately not public,

I have blogged about the technical details of CVE-2021-3541 at:
https://blog.hartwork.org/posts/cve-2021-3541-parameter-laughs-fixed-in-libxml2-2-9-11/
.

Best, Sebastian

Previous message (by thread): [xml/sgml-pkgs] Bug#988603: libxml2: CVE-2021-3541: Exponential entity expansion attack bypasses all existing protection mechanisms
Next message (by thread): [xml/sgml-pkgs] Bug#988603: libxml2: diff for NMU version 2.9.10+dfsg-6.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the debian-xml-sgml-pkgs mailing list