[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding
bugzilla at redhat.com
bugzilla at redhat.com
Fri Nov 18 08:34:38 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=724906
--- Comment #24 from Daniel Veillard <veillard at redhat.com> 2011-11-18 03:34:37 EST ---
In what version of encoding.c did you look ? Because that bug has
been around forever ... if you mean libxml as libxml version1, then yes
it's likely to not have that code, it's more than 10 years old, and I
don't think the support for iconv was plugged yet at the time of renaming
to libxml2.
But any recent version of libxml (i.e. libxml2) is affected.
Daniel
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the mingw
mailing list