Your message dated Sun, 13 Oct 2013 01:50:12 -0400
with message-id 
<CANTw=MPXDH64U==ATEmEDQ0OzNEx1Xc0Dx8gU=9qoc_zw+n...@mail.gmail.com>
and subject line 
has caused the Debian Bug report #715531,
regarding libxml2: CVE-2013-2877
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
715531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libxml2
Severity: grave
Tags: security
Justification: user security hole

http://googlechromereleases.blogspot.de/2013/07/stable-channel-update.html 
includes:

[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki 
Helin of OUSPG.

The commit in Chromium is 
http://git.chromium.org/gitweb/?p=chromium.git;a=commit;h=e5d7f7e5dc21d3ae7be3cbb949ac4d8701e06de1

The upstream commit in libxml2 is:
https://git.gnome.org/browse/libxml2/commit/parser.c?id=e50ba8164eee06461c73cd8abb9b46aa0be81869

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
version: 2.9.1+dfsg1-1

--- End Message ---

Reply via email to