Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 25 May 2016 12:29:04 +0530
From: Huzaifa Sidhpurwala <>
Subject: 3 libxml2 issues

Hi All,

The following issues were reported to us:

1. CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName

2. CVE-2016-4448 libxml2: Format string vulnerability

3. CVE-2016-4449 libxml2: Inappropriate fetch of entities content

Each of the Red Hat bugs , contain links to the commits which fix these
issues. (The upstream bugs are currently private)

Huzaifa Sidhpurwala / Red Hat Product Security Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ