[ubuntu/trusty-security] libxml2 2.9.1+dfsg1-3ubuntu4.7 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jan 19 20:53:08 UTC 2016
libxml2 (2.9.1+dfsg1-3ubuntu4.7) trusty-security; urgency=medium
* SECURITY UPDATE: incomplete fix for out of bounds read in xmlGROW
(LP: #1525996)
- add extra commits to this previously-fixed CVE
- debian/patches/CVE-2015-7499-3.patch: reuse xmlHaltParser() where it
makes sense in parser.c.
- debian/patches/CVE-2015-7499-4.patch: do not print error context when
there is none in error.c.
- CVE-2015-7499
* SECURITY UPDATE: out of bounds memory access via unclosed html comment
- debian/patches/CVE-2015-8710.patch: fix parsing short unclosed
comment uninitialized access in HTMLparser.c.
- CVE-2015-8710
Date: 2016-01-14 18:54:12.478932+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list