CVSROOT:        /cvs
Module name:    src
Changes by:     bl...@cvs.openbsd.org   2019/09/10 16:43:29

Modified files:
        lib/libexpat/lib: xmlparse.c 

Log message:
Fix heap overflow in libexpat 2.2.7 triggered by XML_GetCurrentLineNumber
(or XML_GetCurrentColumnNumber), and deny internal entities closing
the doctype; CVE-2019-15903
fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43
OK tb@

Reply via email to