2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw October 2015

mingw@lists.fedoraproject.org

2 participants
49 discussions

Start a nNew thread

[Bug 1090976] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1090976 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0506,reported=20140417,sour |0506,reported=20140417,sour |ce=redhat,cvss2=4.3/AV:N/AC |ce=redhat,cvss2=4.3/AV:N/AC |:M/Au:N/C:N/I:N/A:P,rhel-5/ |:M/Au:N/C:N/I:N/A:P,rhel-5/ |libxml2=defer,rhel-6/libxml |libxml2=defer,rhel-6/libxml |2=affected,rhel-7/libxml2=a |2=notaffected,rhel-7/libxml |ffected,rhel-6/mingw32-libx |2=affected,rhel-6/mingw32-l |ml2=wontfix,fedora-all/libx |ibxml2=wontfix,fedora-all/l |ml2=affected,fedora-all/min |ibxml2=affected,fedora-all/ |gw-libxml2=affected,epel-7/ |mingw-libxml2=affected,epel |mingw-libxml2=affected,cwe= |-7/mingw-libxml2=affected,c |CWE-611 |we=CWE-611 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ILSENhxAsK&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013 |1112,reported=20131114,sour |1112,reported=20131114,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel- |5/libjpeg=notaffected,rhel- |5/libjpeg=notaffected,rhel- |6/libjpeg-turbo=affected,rh |6/libjpeg-turbo=notaffected |ev-h/libjpeg=affected,fedor |,rhev-h/libjpeg=affected,fe |a-all/libjpeg-turbo=affecte |dora-all/libjpeg-turbo=affe |d,rhel-7/libjpeg-turbo=nota |cted,rhel-7/libjpeg-turbo=n |ffected,fedora-all/mingw-li |otaffected,fedora-all/mingw |bjpeg-turbo=affected,epel-5 |-libjpeg-turbo=affected,epe |/mingw32-libjpeg=affected,c |l-5/mingw32-libjpeg=affecte |we=CWE-456 |d,cwe=CWE-456 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=1vj7Qu6bDX&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031734 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013 |1112,reported=20131114,sour |1112,reported=20131114,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel- |5/libjpeg=affected,rhel-6/l |5/libjpeg=affected,rhel-6/l |ibjpeg-turbo=affected,rhev- |ibjpeg-turbo=notaffected,rh |h/libjpeg=affected,fedora-a |ev-h/libjpeg=affected,fedor |ll/libjpeg-turbo=affected,r |a-all/libjpeg-turbo=affecte |hel-7/libjpeg-turbo=notaffe |d,rhel-7/libjpeg-turbo=nota |cted,fedora-all/mingw-libjp |ffected,fedora-all/mingw-li |eg-turbo=affected,epel-5/mi |bjpeg-turbo=affected,epel-5 |ngw32-libjpeg=affected,rhel |/mingw32-libjpeg=affected,r |-5/java-1.5.0-ibm=notaffect |hel-5/java-1.5.0-ibm=notaff |ed,rhel-6/java-1.5.0-ibm=no |ected,rhel-6/java-1.5.0-ibm |taffected,rhel-5/java-1.6.0 |=notaffected,rhel-5/java-1. |-ibm=affected,rhel-6/java-1 |6.0-ibm=affected,rhel-6/jav |.6.0-ibm=affected,rhel-5/ja |a-1.6.0-ibm=affected,rhel-5 |va-1.7.0-ibm=affected,rhel- |/java-1.7.0-ibm=affected,rh |6/java-1.7.0-ibm=affected,c |el-6/java-1.7.0-ibm=affecte |we=CWE-456 |d,cwe=CWE-456 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=PbMt9znS60&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=890088 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=important,public=201 |impact=important,public=201 |21215,reported=20121224,sou |21215,reported=20121224,sou |rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N |/AC:M/Au:N/C:P/I:P/A:P,rhel |/AC:M/Au:N/C:P/I:P/A:P,rhel |-5/freetype=affected,rhel-6 |-5/freetype=affected,rhel-6 |/freetype=affected,fedora-a |/freetype=notaffected,fedor |ll/freetype=affected,fedora |a-all/freetype=affected,fed |-all/mingw-freetype=affecte |ora-all/mingw-freetype=affe |d |cted -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=G7MWVLA2WM&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=880466 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=important,public=201 |impact=important,public=201 |21127,reported=20121126,sou |21127,reported=20121126,sou |rce=google,cvss2=6.8/AV:N/A |rce=google,cvss2=6.8/AV:N/A |C:M/Au:N/C:P/I:P/A:P,rhel-5 |C:M/Au:N/C:P/I:P/A:P,rhel-5 |/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li |bxml2=affected,rhel-6/mingw |bxml2=affected,rhel-6/mingw |32-libxml2=affected,fedora- |32-libxml2=notaffected,fedo |all/libxml2=affected,fedora |ra-all/libxml2=affected,fed |-all/mingw32-libxml2=affect |ora-all/mingw32-libxml2=aff |ed |ected -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ONbOobkMkr&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 835863] CVE-2012-2807 libxml2 (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=835863 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012 |0626,reported=20120627,sour |0626,reported=20120627,sour |ce=cve,cvss2=5.1/AV:N/AC:H/ |ce=cve,cvss2=5.1/AV:N/AC:H/ |Au:N/C:P/I:P/A:P,rhel-5/lib |Au:N/C:P/I:P/A:P,rhel-5/lib |xml2=affected,rhel-6/libxml |xml2=affected,rhel-6/libxml |2=affected,openshift-1/libx |2=notaffected,openshift-1/l |ml2=notaffected,fedora-all/ |ibxml2=notaffected,fedora-a |libxml2=affected,fedora-all |ll/libxml2=affected,fedora- |/libxml=notaffected,rhel-6/ |all/libxml=notaffected,rhel |mingw32-libxml2=notaffected |-6/mingw32-libxml2=notaffec |,epel-5/mingw32-libxml2=aff |ted,epel-5/mingw32-libxml2= |ected,fedora-all/mingw32-li |affected,fedora-all/mingw32 |bxml2=affected |-libxml2=affected -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qf3dFgDQXk&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=787067 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012 |0221,reported=20120116,sour |0221,reported=20120116,sour |ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV: |N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe |l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5 |/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li |bxml2=affected,rhel-6/mingw |bxml2=notaffected,rhel-6/mi |32-libxml2=affected,fedora- |ngw32-libxml2=notaffected,f |all/libxml2=affected,fedora |edora-all/libxml2=affected, |-all/mingw32-libxml2=affect |fedora-all/mingw32-libxml2= |ed,epel-5/mingw32-libxml2=a |affected,epel-5/mingw32-lib |ffected,cwe=CWE-407 |xml2=affected,cwe=CWE-407 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=yR6dtKl5w2&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=724906 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20110720, |impact=low,public=20110720, |reported=20110721,source=cv |reported=20110721,source=cv |e,cvss2=5.1/AV:N/AC:H/Au:N/ |e,cvss2=5.1/AV:N/AC:H/Au:N/ |C:P/I:P/A:P,fedora-all/libx |C:P/I:P/A:P,fedora-all/libx |ml=notaffected,fedora-all/l |ml=notaffected,fedora-all/l |ibxml2=affected,fedora-all/ |ibxml2=affected,fedora-all/ |mingw32-libxml2=affected,rh |mingw32-libxml2=affected,rh |el-4/libxml2=affected,rhel- |el-4/libxml2=affected,rhel- |5/libxml2=affected,rhel-6/l |5/libxml2=affected,rhel-6/l |ibxml2=affected,rhel-6/ming |ibxml2=affected,rhel-6/ming |w32-libxml2=affected |w32-libxml2=notaffected -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=nUJ0nUH2Jn&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=608644 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|public=20100625,reported=20 |public=20100625,reported=20 |100626,source=internet,rhel |100626,source=internet,rhel |-3/libpng=affected/impact=l |-3/libpng=affected/impact=l |ow/cvss2=4.3/AV:N/AC:M/Au:N |ow/cvss2=4.3/AV:N/AC:M/Au:N |/C:N/I:N/A:P/,rhel-4/libpng |/C:N/I:N/A:P/,rhel-4/libpng |=affected/impact=low/cvss2= |=affected/impact=low/cvss2= |4.3/AV:N/AC:M/Au:N/C:N/I:N/ |4.3/AV:N/AC:M/Au:N/C:N/I:N/ |A:P/,rhel-5/libpng=affected |A:P/,rhel-5/libpng=affected |/impact=low/cvss2=4.3/AV:N/ |/impact=low/cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:N/A:P/,rhel |AC:M/Au:N/C:N/I:N/A:P/,rhel |-6/libpng=affected/impact=l |-6/libpng=notaffected/impac |ow/cvss2=4.3/AV:N/AC:M/Au:N |t=low/cvss2=4.3/AV:N/AC:M/A |/C:N/I:N/A:P/,fedora-all/li |u:N/C:N/I:N/A:P/,fedora-all |bpng=affected/impact=low/cv |/libpng=affected/impact=low |ss2=4.3/AV:N/AC:M/Au:N/C:N/ |/cvss2=4.3/AV:N/AC:M/Au:N/C |I:N/A:P/,fedora-all/mingw32 |:N/I:N/A:P/,fedora-all/ming |-libpng=affected/impact=low |w32-libpng=affected/impact= |/cvss2=4.3/AV:N/AC:M/Au:N/C |low/cvss2=4.3/AV:N/AC:M/Au: |:N/I:N/A:P/,fedora-all/libp |N/C:N/I:N/A:P/,fedora-all/l |ng10=affected/impact=low/cv |ibpng10=affected/impact=low |ss2=4.3/AV:N/AC:M/Au:N/C:N/ |/cvss2=4.3/AV:N/AC:M/Au:N/C |I:N/A:P/,rhel-3/libpng10=af |:N/I:N/A:P/,rhel-3/libpng10 |fected/impact=low/cvss2=4.3 |=affected/impact=low/cvss2= |/AV:N/AC:M/Au:N/C:N/I:N/A:P |4.3/AV:N/AC:M/Au:N/C:N/I:N/ |/,rhel-4/libpng10=affected/ |A:P/,rhel-4/libpng10=affect |impact=low/cvss2=4.3/AV:N/A |ed/impact=low/cvss2=4.3/AV: |C:M/Au:N/C:N/I:N/A:P/ |N/AC:M/Au:N/C:N/I:N/A:P/ -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=DGh72V6qcj&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0

[Bug 1077023] CVE-2014-2524 readline: insecure temporary file use in _rl_tropen()

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1077023 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20140314, |impact=low,public=20140314, |reported=20140314,source=os |reported=20140314,source=os |s-security,cvss2=2.1/AV:L/A |s-security,cvss2=2.1/AV:L/A |C:L/Au:N/C:N/I:P/A:N,rhel-5 |C:L/Au:N/C:N/I:P/A:N,rhel-5 |/readline=notaffected,rhel- |/readline=notaffected,rhel- |6/readline=wontfix,rhel-7/r |6/readline=wontfix,rhel-7/r |eadline=affected,fedora-all |eadline=notaffected,fedora- |/readline=affected,rhel-5/c |all/readline=affected,rhel- |ompat-readline43=notaffecte |5/compat-readline43=notaffe |d,rhel-6/compat-readline5=n |cted,rhel-6/compat-readline |otaffected,fedora-all/compa |5=notaffected,fedora-all/co |t-readline5=notaffected,rhe |mpat-readline5=notaffected, |l-6/mingw32-readline=notaff |rhel-6/mingw32-readline=not |ected,fedora-all/mingw-read |affected,fedora-all/mingw-r |line=affected,epel-5/mingw3 |eadline=affected,epel-5/min |2-readline=notaffected,cwe= |gw32-readline=notaffected,c |CWE-377 |we=CWE-377 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=TEFzcKqGax&a=cc_unsubscribe

8 years, 6 months

1
0
0 / 0