oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

3 libxml2 issues

From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 25 May 2016 12:29:04 +0530
Hi All,

The following issues were reported to us:

1. CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName

https://bugzilla.redhat.com/show_bug.cgi?id=1338686

2. CVE-2016-4448 libxml2: Format string vulnerability

https://bugzilla.redhat.com/show_bug.cgi?id=1338700

3. CVE-2016-4449 libxml2: Inappropriate fetch of entities content

https://bugzilla.redhat.com/show_bug.cgi?id=1338701


Each of the Red Hat bugs , contain links to the commits which fix these
issues. (The upstream bugs are currently private)


-- 
Huzaifa Sidhpurwala / Red Hat Product Security Team
Previous By Date Next
Previous By Thread Next

Current thread: