[Secure-testing-team] Bug#685584: xml-light: CVE-2012-3514
Moritz Muehlenhoff
jmm at inutil.org
Wed Aug 22 06:23:46 UTC 2012
Package: xml-light
Severity: grave
Tags: security
Justification: user security hole
This was posted to oss-security:
--
Xml-Light has been moved to google code SVN here :
http://ocamllibs.googlecode.com/svn/trunk/xml-light/
I've applied a fix in r234 by using String Map instead of Hashtbl for
DTD proof.
Best,
Nicolas
Please use CVE-2012-3514 for this issue.
--
Cheers,
Moritz
More information about the Secure-testing-team
mailing list