[Secure-testing-commits] r42019 - data/CVE

Salvatore Bonaccorso Wed, 25 May 2016 09:06:55 -0700

Author: carnil
Date: 2016-05-25 16:06:21 +0000 (Wed, 25 May 2016)
New Revision: 42019


Modified:
   data/CVE/list
Log:
Update status for CVE-2016-1836

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-25 15:57:54 UTC (rev 42018)
+++ data/CVE/list       2016-05-25 16:06:21 UTC (rev 42019)
@@ -9360,9 +9360,11 @@
        TODO: check versions
 CVE-2016-1836 (libxml2, as used in Apple iOS before 9.3.2, OS X before 
10.11.5, tvOS ...)
        - libxml2 <unfixed>
-       NOTE: 
https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0
 (v2.9.4)
+       [wheezy] - libxml2 <not-affected> (Vulnerable code not present)
+       NOTE: Fixed by: 
https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0
 (v2.9.4)
+       NOTE: Introduced by: 
https://git.gnome.org/browse/libxml2/commit/?id=dcc19503193c71596278a252064a8ce66331b3cd
 (v2.9.2)
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759398
-       TODO: check versions
+       NOTE: Regression applies to Jessie, since fix backported as 
0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
 CVE-2016-1835 (libxml2, as used in Apple iOS before 9.3.2 and OS X before 
10.11.5, ...)
        - libxml2 <unfixed>
        NOTE: 
https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb
 (v2.9.4)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r42019 - data/CVE

Reply via email to