** Description changed: + GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read + vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977 - Upstream patch: - https://gitlab.gnome.org/GNOME/libxml2/-/commit/8e7c20a1af8776677d7890f30b7a180567701a49 + Upstream patch: + https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 - GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read - vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. + Bug report: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1895839 Title: CVE-2020-24977 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1895839/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
