← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #123966

[Bug 1525996] [NEW] missing patch in USN-2834-1 security updates

  Thread PreviousDate PreviousThread Next 
*** This bug is a security vulnerability ***

Public security bug reported:

USN-2834-1 contained a fix for CVE-2015-7499, but did not contain the
following subsequent commit:

https://git.gnome.org/browse/libxml2/commit/?id=ce0b0d0d81fdbb5f722a890432b52d363e4de57b

See post from Tom Lane here:

http://www.postgresql.org/message-id/31003.1450111414@xxxxxxxxxxxxx

** Affects: libxml2 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxml2 in Ubuntu.
https://bugs.launchpad.net/bugs/1525996

Title:
  missing patch in USN-2834-1 security updates

Status in libxml2 package in Ubuntu:
  New

Bug description:
  USN-2834-1 contained a fix for CVE-2015-7499, but did not contain the
  following subsequent commit:

  https://git.gnome.org/browse/libxml2/commit/?id=ce0b0d0d81fdbb5f722a890432b52d363e4de57b

  See post from Tom Lane here:

  http://www.postgresql.org/message-id/31003.1450111414@xxxxxxxxxxxxx

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1525996/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next