CVS: cvs.openbsd.org: src

Alexander Bluhm Tue, 10 Sep 2019 15:44:07 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected]   2019/09/10 16:43:29


Modified files:
        lib/libexpat/lib: xmlparse.c 

Log message:
Fix heap overflow in libexpat 2.2.7 triggered by XML_GetCurrentLineNumber
(or XML_GetCurrentColumnNumber), and deny internal entities closing
the doctype; CVE-2019-15903
fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43
OK tb@

CVS: cvs.openbsd.org: src

Reply via email to