[Bug 1281936] New: libxml2: Buffer overread with XML parser in xmlNextChar

Friday, 13 November 2015

https://bugzilla.redhat.com/show_bug.cgi?id=1281936

            Bug ID: 1281936
           Summary: libxml2: Buffer overread with XML parser in
                    xmlNextChar
           Product: Security Response
         Component: vulnerability
          Keywords: Security
          Severity: low
          Priority: low
          Assignee: security-response-team(a)redhat.com
          Reporter: amaris(a)redhat.com
                CC: athmanem(a)gmail.com, c.david86(a)gmail.com,
                    erik-fedora(a)vanpienbroek.nl,
                    fedora-mingw(a)lists.fedoraproject.org,
                    ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
                    ohudlick(a)redhat.com, rjones(a)redhat.com,
                    veillard(a)redhat.com

A buffer overread in xmlNextChar was found, causing segmentation fault when
compiled with ASAN.

Upstream bug (contains reproducer):

https://bugzilla.gnome.org/show_bug.cgi?id=756263

Upstream patch:

https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2f...

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=AuaeY9x6SN&a=cc_unsubscribe

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[Bug 1281936] New: libxml2: Buffer overread with XML parser in xmlNextChar