https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Adam Mariš <amaris(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1274224 Depends On| |1274225 Depends On| |1274226 --- Comment #1 from Adam Mariš <amaris(a)redhat.com&gt; --- Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1274224] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1274224 [Bug 1274224] libxml2: Out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1274225 [Bug 1274225] mingw-libxml2: libxml2: Out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1274226 [Bug 1274226] mingw-libxml2: libxml2: Out-of-bounds memory access [epel-7] -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=IrLCK72aHs&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Martin Prpic <mprpic(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Alias| |CVE-2015-7941 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=A8DGAVSIOz&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1284794 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=0yfUzkCyjq&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1281961 --- Comment #6 from Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com&gt; --- *** Bug 1281955 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=k4c3DRimWd&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 --- Comment #7 from errata-xmlrpc <errata-xmlrpc(a)redhat.com&gt; --- This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:2549 https://rhn.redhat.com/errata/RHSA-2015-2549.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=it6osIhTzm&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Bug 1274222 depends on bug 1274225, which changed state. Bug 1274225 Summary: CVE-2015-7941 mingw-libxml2: libxml2: Out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1274225 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 Timothy Walsh <twalsh(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20150222, |impact=low,public=20150222, |reported=20151022,source=os |reported=20151022,source=os |s-security,cvss2=4.0/AV:N/A |s-security,cvss2=4.0/AV:N/A |C:L/Au:S/C:P/I:N/A:N,cwe=CW |C:L/Au:S/C:P/I:N/A:N,cwe=CW |E-125,rhel-4/libxml2=affect |E-125,rhel-4/libxml2=affect |ed,rhel-5/libxml2=affected, |ed,rhel-5/libxml2=affected, |rhel-6/libxml2=affected,rhe |rhel-6/libxml2=affected,rhe |l-7/libxml2=affected,jboss/ |l-7/libxml2=affected,jboss/ |libxml2=affected,fedora-all |libxml2=affected,jbews-2/li |/libxml2=affected,fedora-al |bxml2=wontfix,jbews-3/libxm |l/mingw-libxml2=affected,ep |l2=affected,fedora-all/libx |el-7/mingw-libxml2=affected |ml2=affected,fedora-all/min | |gw-libxml2=affected,epel-7/ | |mingw-libxml2=affected -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 --- Doc Text *updated* by Timothy Walsh <twalsh(a)redhat.com&gt; --- It was found that libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1274222 --- Doc Text *updated* by Martin Prpic <mprpic(a)redhat.com&gt; --- A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash. -- You are receiving this mail because: You are on the CC list for the bug.