Bug#685584: xml-light: CVE-2012-3514

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#685584: xml-light: CVE-2012-3514
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 22 Aug 2012 08:23:46 +0200
Message-id: <[🔎] 20120822062346.7258.67125.reportbug@m25s06.vlinux.de>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 685584@bugs.debian.org

Package: xml-light
Severity: grave
Tags: security
Justification: user security hole

This was posted to oss-security:

--
Xml-Light has been moved to google code SVN here :
http://ocamllibs.googlecode.com/svn/trunk/xml-light/

I've applied a fix in r234 by using String Map instead of Hashtbl for
DTD proof.

Best,
Nicolas

Please use CVE-2012-3514 for this issue.
--

Cheers,
        Moritz

Reply to:

Prev by Date: coq_8.4dfsg-1_amd64.changes ACCEPTED into experimental
Next by Date: Bug#685632: liquidsoap: missing versioned depend on libcamomile-ocaml-data
Previous by thread: coq_8.4dfsg-1_amd64.changes ACCEPTED into experimental
Next by thread: Bug#685632: liquidsoap: missing versioned depend on libcamomile-ocaml-data
Index(es):
- Date
- Thread