Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 13 Feb 2017 06:45:33 +0200
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE-2017-5969: Null pointer derefence parsing xml file using libxml
 2.9.4 (in recover mode)

> Where did this one ever go?  Is there a CVE?  Is there a patch?

CVE-2017-5969 has been assigned to this issue by MITRE with their comments
attached to the bug report.

Upstream bug report: https://bugzilla.gnome.org/show_bug.cgi?id=778519

Debian is going to publish DSA for libxml.

-- 
Henri Salo

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ