[Bug 1281930] New: libxml2: Out-of-bounds heap read on 0xff char in xml declaration
bugzilla at redhat.com
bugzilla at redhat.com
Fri Nov 13 20:50:12 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1281930
Bug ID: 1281930
Summary: libxml2: Out-of-bounds heap read on 0xff char in xml
declaration
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team at redhat.com
Reporter: amaris at redhat.com
CC: athmanem at gmail.com, c.david86 at gmail.com,
erik-fedora at vanpienbroek.nl,
fedora-mingw at lists.fedoraproject.org,
ktietz at redhat.com, lfarkas at lfarkas.org,
ohudlick at redhat.com, rjones at redhat.com,
veillard at redhat.com
An out-of-bounds heap read in xmlParseXMLDecl happens when a file containing
unfinished xml declaration, e.g. <?xml versionencoding="ISO88598", is followed
by 0xff byte.
Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=751631
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=RtnuYLKA2T&a=cc_unsubscribe
More information about the mingw
mailing list