[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

testing libxml2 for Wheezy LTS



Hi everybody,

I uploaded version 2.8.0+dfsg1-7+wheezy11 of libxml2 to:

https://people.debian.org/~alteholz/packages/wheezy-lts/libxml2/

Please give it a try and tell me about any problems you met.

Thanks!
 Thorsten


CVE-2017-16931
     parser.c in libxml2 before 2.9.5 mishandles parameter-entity
     references because the NEXTL macro calls the
     xmlParserHandlePEReference function in the case of a '%' character
     in a DTD name.

CVE-2017-16932
     parser.c in libxml2 before 2.9.5 does not prevent infinite
     recursion in parameter entities.



Reply to: