Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 4 Nov 2016 03:05:16 -0400
From: <cve-assign@...re.org>
To: <dmoppert@...hat.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: CVE request:  XXE in perl Image::Info and XML::Twig

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>> XML-Twig: expand_external_ents fails to work as documented

> https://rt.cpan.org/Public/Bug/Display.html?id=118097
> https://bugzilla.redhat.com/show_bug.cgi?id=1379553

> This option (which defaults to 0) is supposed to control XXE parsing
> documents with XML::Twig, but it has no effect and XXE always takes
> place.

Use CVE-2016-9180.


>> Image-Info: XXE in SVG files

> https://rt.cpan.org/Public/Bug/Display.html?id=118099
> https://bugzilla.redhat.com/show_bug.cgi?id=1379556
> 
> This was promptly fixed in 1.38_50 / 1.39.

Use CVE-2016-9181.

118099 suggests that this was exploitable only when XML::LibXML was installed,
but the CVE is for Image::Info::SVG, not for XML::LibXML.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYHDIEAAoJEHb/MwWLVhi2cowP/3KQY1byhquXjsu4Nem8qz4H
Tb7YWpeCUxIKbrqA60DEVfPKY0ges1vQ1JCzYlElU3/VAMe7ZWrTAnuxwangQCZI
RZcVMDOcdJJGSjOyPUhdr2MLbCwl0U8U6z2ZeLGJh1aN6DqcE4XZtmNbjPNU7ea/
uvEzHZEh5SL0tyM30fCrSsPARqYtlbMt0o6uPbfg9wi71Pkcmz+451CF8BhM8bdl
mLd7EWQHxHnF4Y3kSCYkLsAULDTgGEzu97i+m68nkwPII8EpwjKF1wXbRKgU2fjA
bgTYC7j/em9VYHAjVzPKTwIJ0MiAsqS+HDywyoqc6uCgV0OQ8qaKvBu4v3d28tbt
HyBKWK/cMwYSGg6hiOsfrGU8mSk3mKD9NFgdHjllnS12Xo6QHln9BXfUnhZDRzMt
PuOtBeq7jWsSCp1C0dbwMpPD2zCHlaHmSwBabk2s1F7GQtgZogM5bZZxO1099b1D
Lq+BOpDRwezSOKcu1ITRO1qUJ63ECtvUK1K/9Lv/AWFkXVANoBEv0tlABmsj2WUB
zIy0bOQo7a8n8lRY/ECJvK/C3HLQU2RPdE0lXw2bldr+MSNhV1zNoQypJgzxwxtT
5TFsQXMwrJ91vJmRH2gjNykX74ItPcOppL+ws2yAv1ZVTaxDbUk5yhSj7JFbkuUQ
rpHTnlXvLA8UmaYREUnj
=M28z
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ