[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-05-17 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950



--- Comment #16 from errata-xmlrpc  ---
This issue has been addressed in the following products:



Via RHSA-2016:1089 https://rhn.redhat.com/errata/RHSA-2016-1089.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-05-06 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950


--- Doc Text *updated* by Martin Prpic  ---
A denial of service flaw was found in libxml2. A remote attacker could provide 
a specially crafted XML or HTML file that, when processed by an application 
using libxml2, would cause that application to leak potentially sensitive 
information.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-04-18 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950


--- Doc Text *updated* by Timothy Walsh  ---
A stack-based buffer over-read flaw was found in libxml2 in the xmlSAX2TextNode 
function in SAX2.c that allows context-dependent attackers to cause a denial of 
service or obtain sensitive information via crafted XML data.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-03-31 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Timothy Walsh  changed:

   What|Removed |Added

 Whiteboard|impact=low,public=20151011, |impact=low,public=20151011,
   |reported=20151113,source=re |reported=20151113,source=re
   |dhat,cvss2=4.3/AV:N/AC:M/Au |dhat,cvss2=4.3/AV:N/AC:M/Au
   |:N/C:P/I:N/A:N,rhel-5/libxm |:N/C:P/I:N/A:N,rhel-5/libxm
   |l2=affected,rhel-6/libxml2= |l2=affected,rhel-6/libxml2=
   |affected,rhel-7/libxml2=aff |affected,rhel-7/libxml2=aff
   |ected,jboss/libxml2=affecte |ected,jboss/libxml2=affecte
   |d,fedora-all/libxml2=affect |d,jbews-2/libxml2=wontfix,j
   |ed,fedora-all/mingw-libxml2 |bews-3/libxml2=affected,fed
   |=affected,epel-7/mingw-libx |ora-all/libxml2=affected,fe
   |ml2=affected|dora-all/mingw-libxml2=affe
   ||cted,epel-7/mingw-libxml2=a
   ||ffected



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-02-24 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950
Bug 1281950 depends on bug 1281953, which changed state.

Bug 1281953 Summary: mingw-libxml2: libxml2: Buffer overread with HTML parser 
in push mode in xmlSAX2TextNode [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1281953

   What|Removed |Added

 Status|ON_QA   |CLOSED
 Resolution|--- |ERRATA



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2016-02-16 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950
Bug 1281950 depends on bug 1281952, which changed state.

Bug 1281952 Summary: mingw-libxml2: libxml2: Buffer overread with HTML parser 
in push mode in xmlSAX2TextNode [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1281952

   What|Removed |Added

 Status|ON_QA   |CLOSED
 Resolution|--- |ERRATA



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-12-07 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950



--- Comment #11 from errata-xmlrpc  ---
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:2549 https://rhn.redhat.com/errata/RHSA-2015-2549.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=GJolZaf5NF=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-12-07 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950



--- Comment #12 from errata-xmlrpc  ---
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:2550 https://rhn.redhat.com/errata/RHSA-2015-2550.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=fcfLoJ4Iu9=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-12-02 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Martin Cermak  changed:

   What|Removed |Added

 CC||mcer...@redhat.com
  Flags||needinfo?(veillard@redhat.c
   ||om)



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=oEbKDlWIke=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-24 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=dzdB5jVr6X=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-24 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=SZLOxPqaiD=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-23 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950



--- Comment #5 from Adam Mariš  ---
Upstream patch:

https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=sQu0esPXnX=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-19 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Adam Mariš  changed:

   What|Removed |Added

Summary|libxml2: Buffer overread|CVE-2015-8242 libxml2:
   |with HTML parser in push|Buffer overread with HTML
   |mode in xmlSAX2TextNode |parser in push mode in
   ||xmlSAX2TextNode
  Alias||CVE-2015-8242



--- Comment #4 from Adam Mariš  ---
CVE assignment:

http://openwall.com/lists/oss-security/2015/11/18/23

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=8nSaRVMzjG=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org