oss-sec mailing list archives
Re: CVEs for libxml2 and expat internal and external XML entity expansion
From: Jakub Wilk <jwilk () jwilk net>
Date: Fri, 22 Feb 2013 16:20:44 +0100
* Florian Weimer <fweimer () redhat com>, 2013-02-22, 09:25:
Please use CVE-2013-0338 for libxml2 internal entity expansionHasn't libxml2 got countermeasures for that?
That'd be CVE-2003-1564, fixed in 2.7.0. -- Jakub Wilk
Current thread:
- CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 21)
- <Possible follow-ups>
- CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 21)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Jakub Wilk (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Tim (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)