2.9.4 for three CVEs (close #156...

Graham Christensen Wed, 25 May 2016 09:30:40 -0700

  Branch: refs/heads/staging
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 772851ff46be1c16c417766671a0e701668d8195
      
https://github.com/NixOS/nixpkgs/commit/772851ff46be1c16c417766671a0e701668d8195
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-05-25 (Wed, 25 May 2016)


  Changed paths:
    M pkgs/development/libraries/libxml2/default.nix

  Log Message:
  -----------
  libxml2: 2.9.3 -> 2.9.4 for three CVEs (close #15697)

 - CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName
   https://bugzilla.redhat.com/show_bug.cgi?id=1338686

 - CVE-2016-4448 libxml2: Format string vulnerability
   https://bugzilla.redhat.com/show_bug.cgi?id=1338700

 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content
   https://bugzilla.redhat.com/show_bug.cgi?id=1338701

and many other fixed issues, available at http://www.xmlsoft.org/news.html

_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

[Nix-commits] [NixOS/nixpkgs] 772851: libxml2: 2.9.3 -> 2.9.4 for three CVEs (close #156...

Reply via email to