Hello community, here is the log from the commit of package patchinfo.5287 for openSUSE:13.2:Update checked in at 2016-07-05 16:21:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.5287 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.5287.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.5287" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="5287"> <issue id="979208" tracker="bnc">VUL-0: CVE-2016-2099: xerces: use-after-free in Xerces 3.1.3</issue> <issue id="2016-2099" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description>xerces-c was updated to fix one security issue. This security issue was fixed: - CVE-2016-2099: Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++. It did not properly handle exceptions raised in the XMLReader class, which allowed context-dependent attackers to have unspecified impact via an invalid character in an XML document (bsc#979208). </description> <summary>Security update for xerces-c</summary> </patchinfo>
