oss-sec mailing list archives
CVE request: libxml2 heap contents leak
From: Kees Cook <kees () ubuntu com>
Date: Mon, 24 Jan 2011 13:41:24 -0800
Hello, I'd like to get a CVE assigned for a minor heap contents leak in libxml2. I reported that it is possible to leak heap memory contents from libxml2 (and things linked against it, for example PHP[1], or things written in PHP[2]): https://bugzilla.gnome.org/show_bug.cgi?id=631551 Thanks, -Kees [1] http://bugs.php.net/bug.php?id=52998 [2] http://status.net/open-source/issues/2798 -- Kees Cook Ubuntu Security Team
Current thread:
- CVE request: libxml2 heap contents leak Kees Cook (Jan 24)
- Re: CVE request: libxml2 heap contents leak Josh Bressers (Jan 25)
- Re: CVE request: libxml2 heap contents leak Pierre Joye (Jan 25)
- Re: CVE request: libxml2 heap contents leak Kees Cook (Jan 25)