Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
39a907b4 by Salvatore Bonaccorso at 2022-07-31T21:19:53+02:00
Add CVE-2016-3709/libxml2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -378548,6 +378548,11 @@ CVE-2016-3710 (The VGA module in QEMU improperly
performs bounds checking on ban
NOTE: http://xenbits.xen.org/xsa/advisory-179.html
NOTE: mitigation: run HVM in stubdomains, PV, default video card not
vulnerable, i386-only
CVE-2016-3709 (Possible cross-site scripting vulnerability in libxml after
commit 960 ...)
+ - libxml2 2.9.12+dfsg-3
+ NOTE: https://mail.gnome.org/archives/xml/2018-January/msg00010.html
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769760
+ NOTE: Introduced by:
https://github.com/GNOME/libxml2/commit/960f0e275616cadc29671a218d7fb9b69eb35588
(v2.9.2-rc1)c
+ NOTE: Fixed by:
https://github.com/GNOME/libxml2/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f
(v2.9.11)
TODO: check
CVE-2016-3708 (Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is
enabled and ...)
NOT-FOR-US: OpenShiftEnterprise / Red Hat
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39a907b4413ed7545e8abdfc62ac69749b493dbc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39a907b4413ed7545e8abdfc62ac69749b493dbc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
