oss-sec mailing list archives
Re: 2012 CVE request: XXE in nokogiri ruby gem
From: David Jorm <djorm () corp iixpeering net>
Date: Sat, 3 Jan 2015 00:40:19 +0000
Just following up on this issue. Upstream has confirmed that no CVE ID was ever assigned: https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-68426535 Thanks -- David Jorm / IIX Product Security ________________________________ From: David Jorm Sent: Tuesday, December 30, 2014 5:01 PM To: oss-security () lists openwall com Subject: 2012 CVE request: XXE in nokogiri ruby gem Hi All An XXE issue was reported and fixed in nokogiri, but as far as I can see no CVE ID was ever assigned. It appears a lot of people haven't updated their dependencies as a result, so a CVE ID would be helpful. For details, see: https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-68334768 Thanks -- David Jorm / IIX Product Security
Current thread:
- Re: 2012 CVE request: XXE in nokogiri ruby gem David Jorm (Jan 02)
- Re: Re: 2012 CVE request: XXE in nokogiri ruby gem Steven M. Christey (Jan 05)