CVE-2020-24977
Bug #1895839 reported by
Sylvain Rabot
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libxml2 (Debian) |
Fix Released
|
Unknown
|
|||
libxml2 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Hirsute |
Fix Released
|
High
|
Unassigned |
Bug Description
GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read vulnerability in xmlEncodeEntiti
https:/
Upstream patch:
https:/
Bug report: https:/
CVE References
information type: | Private Security → Public Security |
description: | updated |
description: | updated |
Changed in libxml2 (Ubuntu): | |
status: | New → Confirmed |
Changed in libxml2 (Ubuntu): | |
importance: | Undecided → High |
Changed in libxml2 (Debian): | |
status: | Unknown → Fix Released |
Changed in libxml2 (Ubuntu Hirsute): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Please note that upstream has indicated that this issue only affects the xmllint binary, and not the shared library.