https://bugzilla.redhat.com/show_bug.cgi?id=1304636
Bug ID: 1304636 Summary: CVE-2015-8806 libxml2: heap-buffer overread in dict.c Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: anemec@redhat.com CC: athmanem@gmail.com, c.david86@gmail.com, erik-fedora@vanpienbroek.nl, fedora-mingw@lists.fedoraproject.org, ktietz@redhat.com, lfarkas@lfarkas.org, ohudlick@redhat.com, rjones@redhat.com, veillard@redhat.com
A heap-buffer overread vulnerability was found in libxml2. A specially crafted file can cause the application to crash.
External bugzilla report with reproducer:
https://bugzilla.gnome.org/show_bug.cgi?id=749115
CVE assignment:
http://seclists.org/oss-sec/2016/q1/277