[Bug 1262849] New: libxml2: Out-of-bounds memory access when parsing unclosed HTMl comment

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1262849

            Bug ID: 1262849
           Summary: libxml2: Out-of-bounds memory access when parsing
                    unclosed HTMl comment
           Product: Security Response
         Component: vulnerability
          Keywords: Security
          Severity: medium
          Priority: medium
          Assignee: security-response-t...@redhat.com
          Reporter: ama...@redhat.com
                CC: athma...@gmail.com, c.davi...@gmail.com,
                    dr...@land.ru, erik-fed...@vanpienbroek.nl,
                    fedora-mi...@lists.fedoraproject.org,
                    kti...@redhat.com, lfar...@lfarkas.org,
                    ohudl...@redhat.com, rjo...@redhat.com,
                    veill...@redhat.com



Out-of-bounds memory access vulnerability when parsing unclosed HTMl comment
was found in libxml2. By entering a unclosed html comment such as <!-- the
libxml2 parser didn't stop parsing at the end of the buffer, causing random
memory to be included in the parsed comment.

CVE request:

http://seclists.org/oss-sec/2015/q3/540

Upstream was notified, but patch is not released yet. However, a patch for
nokogiri, which uses embedded libxml2, was proposed:

https://github.com/Shopify/nokogiri/compare/1b1fcad8bd64ab70256666c38d2c998e86ade8c0...master

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug 
https://bugzilla.redhat.com/token.cgi?t=ORcMh1DqE6&a=cc_unsubscribe
_______________________________________________
mingw mailing list
mingw@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/mingw