testing libxml2 for Wheezy LTS
Hi everybody,
I uploaded version 2.8.0+dfsg1-7+wheezy11 of libxml2 to:
https://people.debian.org/~alteholz/packages/wheezy-lts/libxml2/
Please give it a try and tell me about any problems you met.
Thanks!
Thorsten
CVE-2017-16931
parser.c in libxml2 before 2.9.5 mishandles parameter-entity
references because the NEXTL macro calls the
xmlParserHandlePEReference function in the case of a '%' character
in a DTD name.
CVE-2017-16932
parser.c in libxml2 before 2.9.5 does not prevent infinite
recursion in parameter entities.
Reply to: