Package: libxml2 Severity: important Tags: security patch fixed-upstream Control: forwarded -1 https://bugzilla.gnome.org/show_bug.cgi?id=757466
Hi, the following vulnerability was published for libxml2. CVE-2015-8035[0]: DoS if xz enabled If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-8035 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 Please adjust the affected versions in the BTS as needed. The upstream patch is here: https://git.gnome.org/browse/libxml2/commit/?id=f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 wheezy/jessie are affected. sid is not affected because XZ support is currently broken but it will be fixed in the next upstream release. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/

