On 23 January 2018 at 17:04, <mcatanzaro(a)gnome.org> wrote:
[..]
> Strange only is that looks like this bug already is known more
than year!
Looks like two years... I followed the chain of links in the Red Hat bugs,
which claim this is already reported as
https://bugzilla.gnome.org/show_bug.cgi?id=762100 and fixed by
https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab653....
If that's correct (a big "if" ;) then our libxml2 package should not be
vulnerable.
(I had an issue with reset password)
Just opened
https://bugzilla.gnome.org/show_bug.cgi?id=792840
kloczek
--
Tomasz Kłoczko | LinkedIn:
http://lnkd.in/FXPWxH