[Bug 1090976] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1090976
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014
|0506,reported=20140417,sour |0506,reported=20140417,sour
|ce=redhat,cvss2=4.3/AV:N/AC |ce=redhat,cvss2=4.3/AV:N/AC
|:M/Au:N/C:N/I:N/A:P,rhel-5/ |:M/Au:N/C:N/I:N/A:P,rhel-5/
|libxml2=defer,rhel-6/libxml |libxml2=defer,rhel-6/libxml
|2=affected,rhel-7/libxml2=a |2=notaffected,rhel-7/libxml
|ffected,rhel-6/mingw32-libx |2=affected,rhel-6/mingw32-l
|ml2=wontfix,fedora-all/libx |ibxml2=wontfix,fedora-all/l
|ml2=affected,fedora-all/min |ibxml2=affected,fedora-all/
|gw-libxml2=affected,epel-7/ |mingw-libxml2=affected,epel
|mingw-libxml2=affected,cwe= |-7/mingw-libxml2=affected,c
|CWE-611 |we=CWE-611
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ILSENhxAsK&a=cc_unsubscribe
8 years, 6 months
[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1031749
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013
|1112,reported=20131114,sour |1112,reported=20131114,sour
|ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/
|AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel-
|5/libjpeg=notaffected,rhel- |5/libjpeg=notaffected,rhel-
|6/libjpeg-turbo=affected,rh |6/libjpeg-turbo=notaffected
|ev-h/libjpeg=affected,fedor |,rhev-h/libjpeg=affected,fe
|a-all/libjpeg-turbo=affecte |dora-all/libjpeg-turbo=affe
|d,rhel-7/libjpeg-turbo=nota |cted,rhel-7/libjpeg-turbo=n
|ffected,fedora-all/mingw-li |otaffected,fedora-all/mingw
|bjpeg-turbo=affected,epel-5 |-libjpeg-turbo=affected,epe
|/mingw32-libjpeg=affected,c |l-5/mingw32-libjpeg=affecte
|we=CWE-456 |d,cwe=CWE-456
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=1vj7Qu6bDX&a=cc_unsubscribe
8 years, 6 months
[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1031734
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013
|1112,reported=20131114,sour |1112,reported=20131114,sour
|ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/
|AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel-
|5/libjpeg=affected,rhel-6/l |5/libjpeg=affected,rhel-6/l
|ibjpeg-turbo=affected,rhev- |ibjpeg-turbo=notaffected,rh
|h/libjpeg=affected,fedora-a |ev-h/libjpeg=affected,fedor
|ll/libjpeg-turbo=affected,r |a-all/libjpeg-turbo=affecte
|hel-7/libjpeg-turbo=notaffe |d,rhel-7/libjpeg-turbo=nota
|cted,fedora-all/mingw-libjp |ffected,fedora-all/mingw-li
|eg-turbo=affected,epel-5/mi |bjpeg-turbo=affected,epel-5
|ngw32-libjpeg=affected,rhel |/mingw32-libjpeg=affected,r
|-5/java-1.5.0-ibm=notaffect |hel-5/java-1.5.0-ibm=notaff
|ed,rhel-6/java-1.5.0-ibm=no |ected,rhel-6/java-1.5.0-ibm
|taffected,rhel-5/java-1.6.0 |=notaffected,rhel-5/java-1.
|-ibm=affected,rhel-6/java-1 |6.0-ibm=affected,rhel-6/jav
|.6.0-ibm=affected,rhel-5/ja |a-1.6.0-ibm=affected,rhel-5
|va-1.7.0-ibm=affected,rhel- |/java-1.7.0-ibm=affected,rh
|6/java-1.7.0-ibm=affected,c |el-6/java-1.7.0-ibm=affecte
|we=CWE-456 |d,cwe=CWE-456
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=PbMt9znS60&a=cc_unsubscribe
8 years, 6 months
[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=890088
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|21215,reported=20121224,sou |21215,reported=20121224,sou
|rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N
|/AC:M/Au:N/C:P/I:P/A:P,rhel |/AC:M/Au:N/C:P/I:P/A:P,rhel
|-5/freetype=affected,rhel-6 |-5/freetype=affected,rhel-6
|/freetype=affected,fedora-a |/freetype=notaffected,fedor
|ll/freetype=affected,fedora |a-all/freetype=affected,fed
|-all/mingw-freetype=affecte |ora-all/mingw-freetype=affe
|d |cted
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=G7MWVLA2WM&a=cc_unsubscribe
8 years, 6 months
[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=880466
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|21127,reported=20121126,sou |21127,reported=20121126,sou
|rce=google,cvss2=6.8/AV:N/A |rce=google,cvss2=6.8/AV:N/A
|C:M/Au:N/C:P/I:P/A:P,rhel-5 |C:M/Au:N/C:P/I:P/A:P,rhel-5
|/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
|bxml2=affected,rhel-6/mingw |bxml2=affected,rhel-6/mingw
|32-libxml2=affected,fedora- |32-libxml2=notaffected,fedo
|all/libxml2=affected,fedora |ra-all/libxml2=affected,fed
|-all/mingw32-libxml2=affect |ora-all/mingw32-libxml2=aff
|ed |ected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ONbOobkMkr&a=cc_unsubscribe
8 years, 6 months
[Bug 835863] CVE-2012-2807 libxml2 (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=835863
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
|0626,reported=20120627,sour |0626,reported=20120627,sour
|ce=cve,cvss2=5.1/AV:N/AC:H/ |ce=cve,cvss2=5.1/AV:N/AC:H/
|Au:N/C:P/I:P/A:P,rhel-5/lib |Au:N/C:P/I:P/A:P,rhel-5/lib
|xml2=affected,rhel-6/libxml |xml2=affected,rhel-6/libxml
|2=affected,openshift-1/libx |2=notaffected,openshift-1/l
|ml2=notaffected,fedora-all/ |ibxml2=notaffected,fedora-a
|libxml2=affected,fedora-all |ll/libxml2=affected,fedora-
|/libxml=notaffected,rhel-6/ |all/libxml=notaffected,rhel
|mingw32-libxml2=notaffected |-6/mingw32-libxml2=notaffec
|,epel-5/mingw32-libxml2=aff |ted,epel-5/mingw32-libxml2=
|ected,fedora-all/mingw32-li |affected,fedora-all/mingw32
|bxml2=affected |-libxml2=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qf3dFgDQXk&a=cc_unsubscribe
8 years, 6 months
[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=787067
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
|0221,reported=20120116,sour |0221,reported=20120116,sour
|ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
|N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
|l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
|/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
|bxml2=affected,rhel-6/mingw |bxml2=notaffected,rhel-6/mi
|32-libxml2=affected,fedora- |ngw32-libxml2=notaffected,f
|all/libxml2=affected,fedora |edora-all/libxml2=affected,
|-all/mingw32-libxml2=affect |fedora-all/mingw32-libxml2=
|ed,epel-5/mingw32-libxml2=a |affected,epel-5/mingw32-lib
|ffected,cwe=CWE-407 |xml2=affected,cwe=CWE-407
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=yR6dtKl5w2&a=cc_unsubscribe
8 years, 6 months
[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=724906
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=low,public=20110720, |impact=low,public=20110720,
|reported=20110721,source=cv |reported=20110721,source=cv
|e,cvss2=5.1/AV:N/AC:H/Au:N/ |e,cvss2=5.1/AV:N/AC:H/Au:N/
|C:P/I:P/A:P,fedora-all/libx |C:P/I:P/A:P,fedora-all/libx
|ml=notaffected,fedora-all/l |ml=notaffected,fedora-all/l
|ibxml2=affected,fedora-all/ |ibxml2=affected,fedora-all/
|mingw32-libxml2=affected,rh |mingw32-libxml2=affected,rh
|el-4/libxml2=affected,rhel- |el-4/libxml2=affected,rhel-
|5/libxml2=affected,rhel-6/l |5/libxml2=affected,rhel-6/l
|ibxml2=affected,rhel-6/ming |ibxml2=affected,rhel-6/ming
|w32-libxml2=affected |w32-libxml2=notaffected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=nUJ0nUH2Jn&a=cc_unsubscribe
8 years, 6 months
[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=608644
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|public=20100625,reported=20 |public=20100625,reported=20
|100626,source=internet,rhel |100626,source=internet,rhel
|-3/libpng=affected/impact=l |-3/libpng=affected/impact=l
|ow/cvss2=4.3/AV:N/AC:M/Au:N |ow/cvss2=4.3/AV:N/AC:M/Au:N
|/C:N/I:N/A:P/,rhel-4/libpng |/C:N/I:N/A:P/,rhel-4/libpng
|=affected/impact=low/cvss2= |=affected/impact=low/cvss2=
|4.3/AV:N/AC:M/Au:N/C:N/I:N/ |4.3/AV:N/AC:M/Au:N/C:N/I:N/
|A:P/,rhel-5/libpng=affected |A:P/,rhel-5/libpng=affected
|/impact=low/cvss2=4.3/AV:N/ |/impact=low/cvss2=4.3/AV:N/
|AC:M/Au:N/C:N/I:N/A:P/,rhel |AC:M/Au:N/C:N/I:N/A:P/,rhel
|-6/libpng=affected/impact=l |-6/libpng=notaffected/impac
|ow/cvss2=4.3/AV:N/AC:M/Au:N |t=low/cvss2=4.3/AV:N/AC:M/A
|/C:N/I:N/A:P/,fedora-all/li |u:N/C:N/I:N/A:P/,fedora-all
|bpng=affected/impact=low/cv |/libpng=affected/impact=low
|ss2=4.3/AV:N/AC:M/Au:N/C:N/ |/cvss2=4.3/AV:N/AC:M/Au:N/C
|I:N/A:P/,fedora-all/mingw32 |:N/I:N/A:P/,fedora-all/ming
|-libpng=affected/impact=low |w32-libpng=affected/impact=
|/cvss2=4.3/AV:N/AC:M/Au:N/C |low/cvss2=4.3/AV:N/AC:M/Au:
|:N/I:N/A:P/,fedora-all/libp |N/C:N/I:N/A:P/,fedora-all/l
|ng10=affected/impact=low/cv |ibpng10=affected/impact=low
|ss2=4.3/AV:N/AC:M/Au:N/C:N/ |/cvss2=4.3/AV:N/AC:M/Au:N/C
|I:N/A:P/,rhel-3/libpng10=af |:N/I:N/A:P/,rhel-3/libpng10
|fected/impact=low/cvss2=4.3 |=affected/impact=low/cvss2=
|/AV:N/AC:M/Au:N/C:N/I:N/A:P |4.3/AV:N/AC:M/Au:N/C:N/I:N/
|/,rhel-4/libpng10=affected/ |A:P/,rhel-4/libpng10=affect
|impact=low/cvss2=4.3/AV:N/A |ed/impact=low/cvss2=4.3/AV:
|C:M/Au:N/C:N/I:N/A:P/ |N/AC:M/Au:N/C:N/I:N/A:P/
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=DGh72V6qcj&a=cc_unsubscribe
8 years, 6 months
[Bug 1077023] CVE-2014-2524 readline: insecure temporary file use in _rl_tropen()
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1077023
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=low,public=20140314, |impact=low,public=20140314,
|reported=20140314,source=os |reported=20140314,source=os
|s-security,cvss2=2.1/AV:L/A |s-security,cvss2=2.1/AV:L/A
|C:L/Au:N/C:N/I:P/A:N,rhel-5 |C:L/Au:N/C:N/I:P/A:N,rhel-5
|/readline=notaffected,rhel- |/readline=notaffected,rhel-
|6/readline=wontfix,rhel-7/r |6/readline=wontfix,rhel-7/r
|eadline=affected,fedora-all |eadline=notaffected,fedora-
|/readline=affected,rhel-5/c |all/readline=affected,rhel-
|ompat-readline43=notaffecte |5/compat-readline43=notaffe
|d,rhel-6/compat-readline5=n |cted,rhel-6/compat-readline
|otaffected,fedora-all/compa |5=notaffected,fedora-all/co
|t-readline5=notaffected,rhe |mpat-readline5=notaffected,
|l-6/mingw32-readline=notaff |rhel-6/mingw32-readline=not
|ected,fedora-all/mingw-read |affected,fedora-all/mingw-r
|line=affected,epel-5/mingw3 |eadline=affected,epel-5/min
|2-readline=notaffected,cwe= |gw32-readline=notaffected,c
|CWE-377 |we=CWE-377
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=TEFzcKqGax&a=cc_unsubscribe
8 years, 6 months