diff options
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index dc762be..78e557c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,14 @@ libxml2 (2.9.2+really2.9.1+dfsg1-0.1) unstable; urgency=medium again. Closes: #766884 * Restore all patches available in 2.9.1+dfsg1-5 in stretch, ensuring CVE-2014-3660 is fixed too. + * Fix 3 security issues by adding 4 patches: + - CVE-2015-1819: The xmlreader in libxml allows remote attackers to cause + a denial of service (memory consumption) via crafted XML data, related to + an XML Entity Expansion (XEE) attack. Closes: #782782 + - Out-of-bounds access when parsing unclosed HTML comment + https://bugzilla.gnome.org/show_bug.cgi?id=746048 Closes: #782985 + - Out-of-bounds memory access + https://bugzilla.gnome.org/show_bug.cgi?id=744980 Closes: #783010 -- Raphaƫl Hertzog <hertzog@debian.org> Tue, 25 Aug 2015 22:31:29 +0200 |