[xml] Regarding CVE2008-3281

Hi Daniel, list
    Firstly thanks for this wonderful piece of software which we have been using for a number of years now. Its super! :)

    I write chiefly to get some information regarding CVE2008-3281. We are currently using version 2.6.28, and wanted to merge the patch for 3281,however the patch solution and the latest libxml versions seem to have some differences. Specifically with the use of ctxt->owner in the patch, while the latest version does not use it. I tried to search on the list but could gather nothing conclusive :(.

I would be really grateful if someone could point me in the right direction or give some background for the same.

Chiefly i wanted to know if the patch merge as is of 3281 is sufficient, or does the latest version fix some problems in the patch.
I am referring to the following links


On top of this following seems to have been added

Any help would be greatly appreciated

Thanks in advance


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]