[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Re: libxml2 denial of service flaw
From:       Vincent Danen <vdanen () linsec ! ca>
Date:       2008-08-25 16:50:41
Message-ID: 20080825165041.GZ451 () linsec ! ca
[Download RAW message or body]


* [2008-08-25 18:11:36 +0200] Tomas Hoger wrote:

>> Does anyone know if this affects anything other than librsvg?  If so,
>> the patch approach to fixing libxml2 would be better.  I've just
>> started looking into this today, so I'm not quite up to speed on
>> this, but it looks like there are problems with the gnome menus as
>> well.
>
>librsvg and strigi are known to be affected, according to the Debian
>bug.  Rebuild against new libxml2 should do the trick, if that's the
>way you can go.

If nothing else may crop up later, then that would be acceptable, but I
wouldn't want something to bite back later.

>> Has anyone tried this new patch?
>
>Being tested now.

Ok, nice.  I'll probably be grabbing the patches from your bugzilla as
well to test myself since quite a few users are (rightfully so)
complaining.

--=20
Vincent Danen @ http://linsec.ca/

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]