[3.3] libxml2: out-of-bounds memory access and heap-buffer-overflow (CVE-2015-7941, CVE-2015-7942)
out-of-bounds memory access (CVE-2015-7941)
heap-buffer-overflow in xmlParseConditionalSections (CVE-2015-7942)
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=744980
http://seclists.org/oss-sec/2015/q4/130
https://bugzilla.novell.com/show\_bug.cgi?id=CVE-2015-7941
https://bugzilla.gnome.org/show\_bug.cgi?id=756456
Patches:
https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31
https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489
https://git.gnome.org/browse/libxml2/commit/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d
(from redmine: issue id 4797, created on 2015-10-27, closed on 2015-12-02)
- Relations:
- parent #4796 (closed)
- Changesets:
- Revision ab861bea on 2015-11-30T08:38:37Z:
main/libxml: new upstream version 2.9.3
fixes #4797