Date: Mon, 9 May 2016 19:28:12 +0200 From: Gustavo Grieco <gustavo.grieco@...il.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-2099: use-after-free in Xerces 3.1.3 Hi, We found a use-after-free in Xerces 3.1.3 parsing an xml file (also affecting older versions). Technical details and a patch are available here: https://issues.apache.org/jira/browse/XERCESC-2066 Regards, Gustavo.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ