[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-16 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 Doran Moppert changed: What|Removed |Added Status|NEW |CLOSED

[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-16 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 --- Doc Text *updated* by Doran Moppert --- A vulnerability was found in perl-ImageInfo. When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when

[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-16 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 --- Comment #3 from Doran Moppert --- Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional

[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-16 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 Doran Moppert changed: What|Removed |Added Priority|medium |low Fixed In

[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-16 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 --- Comment #4 from Doran Moppert --- Acknowledgments: Name: Doran Moppert (Red Hat Product Security Team) -- You are receiving this mail because: You are on the CC list for the bug.

[Bug 1379556] CVE-2016-9181 perl-Image-Info: XXE in SVG files

2016-11-04 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1379556 Doran Moppert changed: What|Removed |Added Summary|perl-Image-Info: XXE in SVG |CVE-2016-9181