Several security issues were fixed in libxml2 ...
Several security issues were fixed in libxml2 ...
Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files A remote attacker
could provide a specially crafted XML or HTML file that, when processed
by an application using libxml2, would cause a denial-of-service against
the application, information leaks, or potentially, the execu ...
Debian Bug report logs -
#870865
libxml2: CVE-2017-7376: Incorrect limit used for port values
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 5 Aug 2017 20:39:02 UTC
Severity: im ...
Debian Bug report logs -
#863022
libxml2: CVE-2017-9047: stack overflow in validc
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:36:02 UTC
Severity: important
Tag ...
Debian Bug report logs -
#870867
libxml2: CVE-2017-7375: Missing validation for external entities in xmlParsePEReference
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 5 Aug 2017 ...
Debian Bug report logs -
#870870
libxml2: CVE-2017-0663: Heap buffer overflow in xmlAddID
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 5 Aug 2017 21:03:01 UTC
Severity: import ...
Debian Bug report logs -
#863019
libxml2: CVE-2017-9049: heap-based buffer overflow in xmlDictComputeFastKey
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:12:01 UT ...
Debian Bug report logs -
#863022
libxml2: CVE-2017-9047: stack overflow in validc
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:36:02 UTC
Severity: important
Tag ...
Debian Bug report logs -
#863021
libxml2: CVE-2017-9048: another stack overflow in validc
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:24:01 UTC
Severity: impor ...
Debian Bug report logs -
#863018
libxml2: CVE-2017-9050: heap-based buffer overflow in xmlDictAddString
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:03:02 UTC
Se ...
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (ie, when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes) Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and exp ...