date:20151124

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281756



--- Comment #19 from Fedora Update System  ---
libpng10-1.0.64-1.fc21 has been pushed to the Fedora 21 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=m6pW50hDR2=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281756



--- Comment #18 from Fedora Update System  ---
libpng10-1.0.64-1.fc22 has been pushed to the Fedora 22 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=YnnV6vBtxS=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281756



--- Comment #17 from Fedora Update System  ---
libpng10-1.0.64-1.fc23 has been pushed to the Fedora 23 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=f0jTItLPGJ=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281756
Bug 1281756 depends on bug 1282039, which changed state.

Bug 1282039 Summary: CVE-2015-8126 libpng10: libpng: Buffer overflow 
vulnerabilities in png_get_PLTE/png_set_PLTE functions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1282039

   What|Removed |Added

 Status|MODIFIED|CLOSED
 Resolution|--- |ERRATA



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=c1lVPHKYf3=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

unsubscribe

2015-11-24 Thread Kevin Kelley

 

___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1213957] libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1213957

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=nPDhGxXajN=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281930] CVE-2015-8317 libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281930

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=nUZw8uavXm=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1277146] CVE-2015-8035 libxml2: DoS when parsing specially crafted XML document if XZ support is enabled

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1277146

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=3D2xvZ6x55=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281936] CVE-2015-8241 libxml2: Buffer overread with XML parser in xmlNextChar

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281936

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=ikCekFwXZv=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Blocks||1274223



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=dzdB5jVr6X=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1276297] CVE-2015-7942 libxml2: heap-based buffer overflow in xmlParseConditionalSections()

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1276297

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=B9nm24Dp8g=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281930] CVE-2015-8317 libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281930

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=IWxDe3XUHZ=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281936] CVE-2015-8241 libxml2: Buffer overread with XML parser in xmlNextChar

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281936

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=gpumSo6yFa=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1274222] CVE-2015-7941 libxml2: Out-of-bounds memory access

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1274222

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=0yfUzkCyjq=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1213957] libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1213957

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=SZlHtEWnAD=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281950

Huzaifa S. Sidhpurwala  changed:

   What|Removed |Added

 Depends On||1284794



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=SZLOxPqaiD=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=787067

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
   |0221,reported=20120116,sour |0221,reported=20120116,sour
   |ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
   |N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
   |l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
   |/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
   |bxml2=notaffected,rhel-6/mi |bxml2=affected,rhel-6/mingw
   |ngw32-libxml2=notaffected,f |32-libxml2=notaffected,fedo
   |edora-all/libxml2=affected, |ra-all/libxml2=affected,fed
   |fedora-all/mingw32-libxml2= |ora-all/mingw32-libxml2=aff
   |affected,epel-5/mingw32-lib |ected,epel-5/mingw32-libxml
   |xml2=affected,cwe=CWE-407   |2=affected,cwe=CWE-407



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=fmDBa1FoQv=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 835863] CVE-2012-2807 libxml2 (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=835863

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
   |0626,reported=20120627,sour |0626,reported=20120627,sour
   |ce=cve,cvss2=5.1/AV:N/AC:H/ |ce=cve,cvss2=5.1/AV:N/AC:H/
   |Au:N/C:P/I:P/A:P,rhel-5/lib |Au:N/C:P/I:P/A:P,rhel-5/lib
   |xml2=affected,rhel-6/libxml |xml2=affected,rhel-6/libxml
   |2=notaffected,openshift-1/l |2=affected,openshift-1/libx
   |ibxml2=notaffected,fedora-a |ml2=notaffected,fedora-all/
   |ll/libxml2=affected,fedora- |libxml2=affected,fedora-all
   |all/libxml=notaffected,rhel |/libxml=notaffected,rhel-6/
   |-6/mingw32-libxml2=notaffec |mingw32-libxml2=notaffected
   |ted,epel-5/mingw32-libxml2= |,epel-5/mingw32-libxml2=aff
   |affected,fedora-all/mingw32 |ected,fedora-all/mingw32-li
   |-libxml2=affected   |bxml2=affected



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=ncwHMLWTlq=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1281756

Petr Hracek  changed:

   What|Removed |Added

 CC||scorn...@redhat.com
  Flags||needinfo?(scorneli@redhat.c
   ||om)



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=AHXZvKfFmR=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=724906

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=low,public=20110720, |impact=low,public=20110720,
   |reported=20110721,source=cv |reported=20110721,source=cv
   |e,cvss2=5.1/AV:N/AC:H/Au:N/ |e,cvss2=5.1/AV:N/AC:H/Au:N/
   |C:P/I:P/A:P,fedora-all/libx |C:P/I:P/A:P,fedora-all/libx
   |ml=notaffected,fedora-all/l |ml=notaffected,fedora-all/l
   |ibxml2=affected,fedora-all/ |ibxml2=affected,fedora-all/
   |mingw32-libxml2=affected,rh |mingw32-libxml2=affected,rh
   |el-4/libxml2=affected,rhel- |el-4/libxml2=affected,rhel-
   |5/libxml2=affected,rhel-6/l |5/libxml2=affected,rhel-6/l
   |ibxml2=affected,rhel-6/ming |ibxml2=affected,rhel-6/ming
   |w32-libxml2=notaffected |w32-libxml2=affected



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=5OFjsJHXJS=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=787067

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
   |0221,reported=20120116,sour |0221,reported=20120116,sour
   |ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
   |N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
   |l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
   |/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
   |bxml2=affected,rhel-6/mingw |bxml2=notaffected,rhel-6/mi
   |32-libxml2=notaffected,fedo |ngw32-libxml2=affected,fedo
   |ra-all/libxml2=affected,fed |ra-all/libxml2=affected,fed
   |ora-all/mingw32-libxml2=aff |ora-all/mingw32-libxml2=aff
   |ected,epel-5/mingw32-libxml |ected,epel-5/mingw32-libxml
   |2=affected,cwe=CWE-407  |2=affected,cwe=CWE-407



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=Qg4nCPvjSr=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=890088

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=important,public=201 |impact=important,public=201
   |21215,reported=20121224,sou |21215,reported=20121224,sou
   |rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N
   |/AC:M/Au:N/C:P/I:P/A:P,rhel |/AC:M/Au:N/C:P/I:P/A:P,rhel
   |-5/freetype=affected,rhel-6 |-5/freetype=affected,rhel-6
   |/freetype=notaffected,fedor |/freetype=affected,fedora-a
   |a-all/freetype=affected,fed |ll/freetype=affected,fedora
   |ora-all/mingw-freetype=affe |-all/mingw-freetype=affecte
   |cted|d



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=YTnyuzZ7gb=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

2015-11-24 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=787067

Ján Rusnačko  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
   |0221,reported=20120116,sour |0221,reported=20120116,sour
   |ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
   |N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
   |l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
   |/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
   |bxml2=notaffected,rhel-6/mi |bxml2=affected,rhel-6/mingw
   |ngw32-libxml2=affected,fedo |32-libxml2=affected,fedora-
   |ra-all/libxml2=affected,fed |all/libxml2=affected,fedora
   |ora-all/mingw32-libxml2=aff |-all/mingw32-libxml2=affect
   |ected,epel-5/mingw32-libxml |ed,epel-5/mingw32-libxml2=a
   |2=affected,cwe=CWE-407  |ffected,cwe=CWE-407



-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=pIV87pBs4P=cc_unsubscribe
___
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

unsubscribe

[Bug 1213957] libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

[Bug 1281930] CVE-2015-8317 libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration

[Bug 1277146] CVE-2015-8035 libxml2: DoS when parsing specially crafted XML document if XZ support is enabled

[Bug 1281936] CVE-2015-8241 libxml2: Buffer overread with XML parser in xmlNextChar

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

[Bug 1276297] CVE-2015-7942 libxml2: heap-based buffer overflow in xmlParseConditionalSections()

[Bug 1281930] CVE-2015-8317 libxml2: Out-of-bounds heap read when parsing file with unfinished xml declaration

[Bug 1281936] CVE-2015-8241 libxml2: Buffer overread with XML parser in xmlNextChar

[Bug 1274222] CVE-2015-7941 libxml2: Out-of-bounds memory access

[Bug 1213957] libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

[Bug 1281950] CVE-2015-8242 libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

[Bug 835863] CVE-2012-2807 libxml2 (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact

[Bug 1281756] CVE-2015-8126 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

23 matches

Site Navigation

Mail list logo

Footer information