libxml2: 2.9.3 -> 2.9.4 for three CVEs (close #15697) (772851ff) · Commits · jan / nixpkgs

Commit 772851ff authored May 25, 2016 by

Graham Christensen Committed by Vladimír Čunát May 25, 2016

libxml2: 2.9.3 -> 2.9.4 for three CVEs (close #15697)

 - CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName
   https://bugzilla.redhat.com/show_bug.cgi?id=1338686

 - CVE-2016-4448 libxml2: Format string vulnerability
   https://bugzilla.redhat.com/show_bug.cgi?id=1338700

 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content
   https://bugzilla.redhat.com/show_bug.cgi?id=1338701

and many other fixed issues, available at http://www.xmlsoft.org/news.html

parent 69f8016d

Hide whitespace changes

Inline Side-by-side

Please register or to comment