Summary: | <dev-libs/xerces-c-3.1.3: parser crashes on malformed input (CVE-2016-0729) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | cpp+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1312231 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 584506 | ||
Bug Blocks: |
Description
Agostino Sarubbo
![]() Should have been fixed with 3.1.3 already. commit 305cee3cfcf1b0a2a787aad8ae9c5ac854b2533d Author: David Seifert <soap@gentoo.org> Date: Sat Oct 15 11:30:09 2016 +0200 dev-libs/xerces-c: Version bump to 3.1.4 Gentoo-bug: 584506 * EAPI=6 Confirmed this is fixed in =dev-libs/xerces-c-3.1.3 GLSA request opened. This issue was resolved and addressed in GLSA 201612-46 at https://security.gentoo.org/glsa/201612-46 by GLSA coordinator Aaron Bauman (b-man). |