[xml] Recent libxml2 CVE assignments



Good day,

In the upcoming libxml2 release planned for the 20th, are the below issues anticipated to be in 2.9.4 final? I don't believe these are in the current 2.9.4 RCs. 

These two hit an Apple IOS release and then were on the oss-security mailing list. 

https://bugzilla.gnome.org/show_bug.cgi?id=765207
https://bugzilla.gnome.org/show_bug.cgi?id=762100  

The findings are restricted now but I know it wasn't always that way.

  • libxml2

    CVE-2016-1833 : Mateusz Jurczyk

    CVE-2016-1834 : Apple

    CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological University

    CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University

    CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological University

    CVE-2016-1838 : Mateusz Jurczyk

    CVE-2016-1839 : Mateusz Jurczyk

    CVE-2016-1840 : Kostya Serebryany

  • libxslt

    CVE-2016-1841 : Sebastian Apelt

As far I'm aware, other than the Apple release notes, there isn't public information on these issues.

Thanks,
Chris
--
Chris Green <greencm gmail com>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]