CLD-18 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
libxml2 |
Deficiency Type |
SECURITY |
Date Created |
2017-09-13 10:24:04 |
Date Last Modified |
2017-09-13 10:44:42 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in libxml2-2.9.5-i686-1 |
Cucumber 1.0 x86_64 | fixed in libxml2-2.9.5-x86_64-1 and libxml2-lib_i686-2.9.5-lib_i686-1 |
Cucumber 1.1 i686 |
fixed in libxml2-2.9.5-i686-1 |
Cucumber 1.1 x86_64 |
fixed in libxml2-2.9.5-x86_64-1 and libxml2-lib_i686-2.9.5-lib_i686-1 |
Details:
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome
before 52.0.2743.82, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via vectors related to the XPointer
range-to function (https://nvd.nist.gov/vuln/detail/CVE-2016-5131).
The patch fixing this (https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e)
has been applied in 2.9.5.