https://bugzilla.redhat.com/show_bug.cgi?id=1281952
Bug ID: 1281952
Summary: mingw-libxml2: libxml2: Buffer overread with HTML
parser in push mode in xmlSAX2TextNode [fedora-all]
Product: Fedora
Version: 23
Component: mingw-libxml2
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: rjones(a)redhat.com
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com, veillard(a)redhat.com
Blocks: 1281950
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1281950
[Bug 1281950] libxml2: Buffer overread with HTML parser in push mode in
xmlSAX2TextNode
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=onjZDgIxYw&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1277149
Bug ID: 1277149
Summary: mingw-libxml2: libxml2: DoS when parsing specially
crafted XML document if XZ support is enabled
[fedora-all]
Product: Fedora
Version: 22
Component: mingw-libxml2
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com, veillard(a)redhat.com
Blocks: 1277146
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1277146
[Bug 1277146] libxml2: DoS when parsing specially crafted XML document if
XZ support is enabled
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=6QqISaRX8I&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1276299
Bug ID: 1276299
Summary: CVE-2015-7942 mingw-libxml2: libxml2: heap-based
buffer overflow in xmlParseConditionalSections()
[fedora-all]
Product: Fedora
Version: 22
Component: mingw-libxml2
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: mprpic(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com, veillard(a)redhat.com
Blocks: 1276297 (CVE-2015-7942)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1276297
[Bug 1276297] CVE-2015-7942 libxml2: heap-based buffer overflow in
xmlParseConditionalSections()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fZhozt3A5i&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1274225
Bug ID: 1274225
Summary: mingw-libxml2: libxml2: Out-of-bounds memory access
[fedora-all]
Product: Fedora
Version: 22
Component: mingw-libxml2
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: rjones(a)redhat.com
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com, veillard(a)redhat.com
Blocks: 1274222
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1274222
[Bug 1274222] libxml2: Out-of-bounds memory access
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=wUyBa6ppBZ&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1262853
Bug ID: 1262853
Summary: mingw-libxml2: libxml2: Out-of-bounds memory access
when parsing unclosed HTMl comment [fedora-all]
Product: Fedora
Version: 22
Component: mingw-libxml2
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com, veillard(a)redhat.com
Blocks: 1262849
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1262849
[Bug 1262849] libxml2: Out-of-bounds memory access when parsing unclosed
HTMl comment
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=LE5Z3j5KiV&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1291312
Bug ID: 1291312
Summary: CVE-2015-8540 libpng: underflow read in
png_check_keyword()
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mprpic(a)redhat.com
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
paul(a)city-fan.org, phracek(a)redhat.com,
rdieter(a)math.unl.edu, rjones(a)redhat.com
An underflow read was found in png_check_keyword in pngwutil.c in
libpng-1.2.54:
If the data of "key" is only ' ' (0x20), it will read a byte before the buffer
in line 1288.
This issue impacts upstream versions 1.2.55, 1.0.65, 1.4.18, and 1.5.25 of
libpng.
An attacker could possibly use this flaw to cause an out-of-bounds read by
tricking an unsuspecting user into processing a specially crafted PNG image.
CVE assignment:
http://seclists.org/oss-sec/2015/q4/469
Upstream issue:
http://sourceforge.net/p/libpng/bugs/244/
Upstream patch:
http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qQrX6Dct1p&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1291317
Bug ID: 1291317
Summary: CVE-2015-8540 mingw-libpng: libpng: underflow read in
png_check_keyword() [fedora-all]
Product: Fedora
Version: 23
Component: mingw-libpng
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: mprpic(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com
Blocks: 1291312 (CVE-2015-8540)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1291312
[Bug 1291312] CVE-2015-8540 libpng: underflow read in png_check_keyword()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=9P0jjEHGyb&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1291319
Bug ID: 1291319
Summary: CVE-2015-8540 mingw-libpng: libpng: underflow read in
png_check_keyword() [epel-7]
Product: Fedora EPEL
Version: epel7
Component: mingw-libpng
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: mprpic(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com
Blocks: 1291312 (CVE-2015-8540)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7 tracking bug for mingw-libpng: see blocks bug list for full details of
the security issue(s).
This bug is never intended to be made public, please put any public notes
in the blocked bugs.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1291312
[Bug 1291312] CVE-2015-8540 libpng: underflow read in png_check_keyword()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=9IMAx9fQVr&a=cc_unsubscribe