Viewing all changes in revision 34.
- Committer: Package Import Robot
- Date: 2014-11-03 09:25:06 UTC
- Revision ID: package-import@ubuntu.com-20141103092506-w0hrbh1sjmzr8tea
* SECURITY UPDATE: denial of service via buffer overrun in encodes
function
- debian/patches/CVE-2014-4975.patch: properly calculate buffer size
in pack.c.
- CVE-2014-4975
* SECURITY UPDATE: denial of service via XML expansion
- debian/patches/CVE-2014-8080.patch: limit expansions in
lib/rexml/entity.rb, added tests to test/rexml/test_document.rb,
test/rexml/test_entity.rb.
- CVE-2014-8080
function
- debian/patches/CVE-2014-4975.patch: properly calculate buffer size
in pack.c.
- CVE-2014-4975
* SECURITY UPDATE: denial of service via XML expansion
- debian/patches/CVE-2014-8080.patch: limit expansions in
lib/rexml/entity.rb, added tests to test/rexml/test_document.rb,
test/rexml/test_entity.rb.
- CVE-2014-8080
- files added:
- .pc/CVE-2014-4975.patch
- .pc/CVE-2014-8080.patch
- .pc/CVE-2014-8080.patch/lib
- .pc/CVE-2014-8080.patch/lib/rexml
- .pc/CVE-2014-8080.patch/test
- .pc/CVE-2014-8080.patch/test/rexml
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
