Incomplete fix for CVE-2015-7942/libxml2?
Hi
While checking the issues of libxml2 for wheezy, jessie and unstable I
noticed that the squeeze-lts version already addressing CVE-2015-7942
misses one bit.
https://git.gnome.org/browse/libxml2/commit/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d
was applied, but not
https://git.gnome.org/browse/libxml2/commit/?id=41ac9049a27f52e7a1f3b341f8714149fc88d450
So a next libxml2 update for squeeze-lts might need the second commit
as well.
HTH,
Regards,
Salvatore
Reply to: