| Summary: | <dev-libs/libxml2-2.9.4-r1: null pointer dereference | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | gnome |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://git.gnome.org/browse/libxml2/commit/?id=e905f08123e4a6e7731549e6f09dadff4cab65bd | ||
| Whiteboard: | A3 [glsa blocked] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 597116 | ||
| Bug Blocks: | |||
Patch not present in 2.9.4 release. Will need to backport or await upstream inclusion. (In reply to Aaron Bauman from comment #1) > Patch not present in 2.9.4 release. Will need to backport or await upstream > inclusion. My apologies, but backport is the wrong terminology. Patch not present in 2.9.4. Will require addition in tree or await upstream inclusion. This issue was resolved and addressed in GLSA 201701-37 at https://security.gentoo.org/glsa/201701-37 by GLSA coordinator Thomas Deutschmann (whissi). |
From ${URL} : Fix more NULL pointer derefs in xpointer.c Found with afl-fuzz. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.