Date: Wed, 25 May 2016 12:29:04 +0530 From: Huzaifa Sidhpurwala <huzaifas@...hat.com> To: oss-security@...ts.openwall.com Subject: 3 libxml2 issues Hi All, The following issues were reported to us: 1. CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName https://bugzilla.redhat.com/show_bug.cgi?id=1338686 2. CVE-2016-4448 libxml2: Format string vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1338700 3. CVE-2016-4449 libxml2: Inappropriate fetch of entities content https://bugzilla.redhat.com/show_bug.cgi?id=1338701 Each of the Red Hat bugs , contain links to the commits which fix these issues. (The upstream bugs are currently private) -- Huzaifa Sidhpurwala / Red Hat Product Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.