Hi,
On Mon, Jun 9, 2014 at 11:22 PM, Salvatore Bonaccorso wrote:
> Hi,
>
> Not looked in detail, but if applying this patch, it would also need a
> followup patch to fix a regression.
>
> See: https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1321869
> and http://www.ubuntu.com/usn/usn-2214
Hi,
Not looked in detail, but if applying this patch, it would also need a
followup patch to fix a regression.
See: https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1321869
and http://www.ubuntu.com/usn/usn-2214-2/
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...
Package: libxml2
Version: 2.9.1+dfsg1-3
Severity: grave
Tags: security
Hi,
from oss-security. This was assigned CVE-2014-0191
| It was discovered that libxml2, a library providing support to read,
| modify and write XML files, incorrectly performs entity substituton in
| the doctype prolog, even
3 matches
Mail list logo
