diff options
author | Simon Paillard <spaillard> | 2009-08-14 02:16:39 +0000 |
---|---|---|
committer | Simon Paillard <spaillard> | 2009-08-14 02:16:39 +0000 |
commit | c3f7abd005646de819bfcaba764b32287579e257 (patch) | |
tree | 68efabc4d9873a42d834d6c9e820d416732296a1 | |
parent | ed60c0f28111ab9145a54cfa5b9648d719321bfa (diff) |
Fix syntax
CVS version numbers
english/security/2009/dsa-1861.data: 1.1 -> 1.2
english/security/2009/dsa-1861.wml: 1.1 -> 1.2
-rw-r--r-- | english/security/2009/dsa-1861.data | 3 | ||||
-rw-r--r-- | english/security/2009/dsa-1861.wml | 9 |
2 files changed, 7 insertions, 5 deletions
diff --git a/english/security/2009/dsa-1861.data b/english/security/2009/dsa-1861.data index 926dfba7b1b..a449fdde172 100644 --- a/english/security/2009/dsa-1861.data +++ b/english/security/2009/dsa-1861.data @@ -11,9 +11,6 @@ <dl> -Debian (oldstable) - - <dt><source /> <dd><fileurl http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17-14+etch1.diff.gz /> diff --git a/english/security/2009/dsa-1861.wml b/english/security/2009/dsa-1861.wml index 9f7c69e2a25..64f653b4fa8 100644 --- a/english/security/2009/dsa-1861.wml +++ b/english/security/2009/dsa-1861.wml @@ -6,14 +6,19 @@ files, which can lead to denial of service conditions or possibly arbitrary code execution in the application using the library. The Common Vulnerabilities and Exposures project identifies the following problems:</p> +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416">CVE-2009-2416</a> <p>An XML document with specially-crafted Notation or Enumeration attribute types in a DTD definition leads to the use of a pointers to memory areas -which have already been freed (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416">CVE-2009-2416</a>).</p> +which have already been freed.</p></li> +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414">CVE-2009-2414</a> <p>Missing checks for the depth of ELEMENT DTD definitions when parsing child content can lead to extensive stack-growth due to a function -recursion which can be triggered via a crafted XML document (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414">CVE-2009-2414</a>).</p> +recursion which can be triggered via a crafted XML document.</p></li> +</ul> <p>For the oldstable distribution (etch), this problem has been fixed in version 1.8.17-14+etch1.</p> |