1
Candidate: CVE-2016-9181
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9181
5
https://rt.cpan.org/Public/Bug/Display.html?id=118099
6
https://bugzilla.redhat.com/show_bug.cgi?id=1379556
7
http://www.openwall.com/lists/oss-security/2016/11/02/1
9
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE)
10
was not disabled. An attacker could craft an SVG file which, when processed
11
by an application using perl-Image-Info, could cause denial of service or,
12
potentially, information disclosure.
16
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842891
21
Patches_libimage-info-perl:
22
patch: https://github.com/eserte/image-info/commit/781625b643bc05ba92127a4554de7910f3f2f8e6
23
upstream_libimage-info-perl: released (1.39-1)
24
precise_libimage-info-perl: ignored (reached end-of-life)
25
precise/esm_libimage-info-perl: DNE (precise was needs-triage)
26
trusty_libimage-info-perl: needs-triage
27
vivid/stable-phone-overlay_libimage-info-perl: DNE
28
vivid/ubuntu-core_libimage-info-perl: DNE
29
xenial_libimage-info-perl: needs-triage
30
yakkety_libimage-info-perl: ignored (reached end-of-life)
31
zesty_libimage-info-perl: ignored (reached end-of-life)
32
artful_libimage-info-perl: needs-triage
33
bionic_libimage-info-perl: needs-triage
34
devel_libimage-info-perl: needs-triage