oss-sec mailing list archives
Re: CVEs for libxml2 and expat internal and external XML entity expansion
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 22 Feb 2013 22:39:00 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/22/2013 08:20 AM, Jakub Wilk wrote:
That'd be CVE-2003-1564, fixed in 2.7.0.
Against exponential, but not quadratic/fast linear. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRKFX0AAoJEBYNRVNeJnmT6kEP/1/twnDxFJC2jjII31sxsaaf QNtizYtIvI/6xQmolf9U0zTp7miq32JpLIedt0sGrI0bpe31zXMbgN1Xu4ZW/QCh MHQy+ETwXRoixTB6AcJ6jZtK5brnyzEY/b+wtkmp9bUMW2XcI3Sgx3nIY8vBTDYs bH8Cq+j0LRgJzQelhPPeMvTg/5dXMW+H7izjl42Vc8GIKwROrqN+JuR6sMdJ1/cD O0xmWRdT6NypbxoZ9PO5pJ6WiSvHve8zVtgIvfoXxG+MEznVNvYB6y/lpjT4B96P JSArEC4ePDU9/KZ0LyYTxFwsAPsoAvqkKrm85GFPupLDc7/gnzfqPzn9hZ4A7ZqR oR0yKtSIz1oz6zjY265wKS5Am3CATwZVauHuz8GmIqq1m0658XcZhJtvZmdz9JjH ksCpo9c2r/ARXNbCiq/dejSvoHMCq0KDxAbEbJ4h+pBRFH0cFC2bZfoXxxcxTWPZ LdPiUgkpsIVtzItw3owL51OkWWBJYzdbr9jY8xFPGtZXUJkYiCbGBM4WOb9yHJPJ PeFmxQNlcu8/BaRrxn6TR00/Jcnbn0iHQuQkgIbpvOZ/52AE6bXa/xOiiXf0De9V sC8x8yFzrgRc73Hi7ERRbipUKsqfWz246H3TX2LbsHw12IJXBObozfDX3ihHaExO bH8wL7cQt23yPJO2abS4 =IjhS -----END PGP SIGNATURE-----
Current thread:
- CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 21)
- <Possible follow-ups>
- CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 21)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Jakub Wilk (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Tim (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)