Viewing all changes in revision 28.
- Committer: Bazaar Package Importer
- Date: 2009-08-10 16:32:39 UTC
- Revision ID: james.westby@ubuntu.com-20090810163239-qhjw7u8bap0v1xu9
* SECURITY UPDATE: denial of service via stack overflow from crafted
root XML document element DTD definition
- parser.c: validate ctxt->depth isn't too deep
- CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
Notation and Enumeration attribute types
- parser.c: use xmlFreeEnumeration before returning.
- CVE-2009-2416
root XML document element DTD definition
- parser.c: validate ctxt->depth isn't too deep
- CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
Notation and Enumeration attribute types
- parser.c: use xmlFreeEnumeration before returning.
- CVE-2009-2416
- files modified:
- debian/changelog
expand all
collapse all
added
removed
