** Description changed:

  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977
  
  Upstream patch:
  
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8e7c20a1af8776677d7890f30b7a180567701a49
+ 
+ GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read
+ vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxml2 in Ubuntu.
https://bugs.launchpad.net/bugs/1895839

Title:
  CVE-2020-24977

Status in libxml2 package in Ubuntu:
  New
Status in libxml2 package in Debian:
  Unknown

Bug description:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977

  Upstream patch:
  
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8e7c20a1af8776677d7890f30b7a180567701a49

  GNOME project libxml2 v2.9.10 and earlier have a global buffer over-
  read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1895839/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to