diff options
author | Andreas Rönnquist <andreas@ronnquist.net> | 2019-03-12 23:01:14 +0100 |
---|---|---|
committer | Andreas Rönnquist <andreas@ronnquist.net> | 2019-03-12 23:01:14 +0100 |
commit | 1c42e0b226687c28b609075615fdb187f120744e (patch) | |
tree | 4ea459c89a04a4fee1dd507bebbd3e50941e3428 | |
parent | 6d38cc5d705220d2fecb70af084a2e51c333cd34 (diff) |
[DSA 4407-1] xmltooling security update
-rw-r--r-- | english/security/2019/dsa-4407.data | 13 | ||||
-rw-r--r-- | english/security/2019/dsa-4407.wml | 19 |
2 files changed, 32 insertions, 0 deletions
diff --git a/english/security/2019/dsa-4407.data b/english/security/2019/dsa-4407.data new file mode 100644 index 00000000000..b8691e8d3b8 --- /dev/null +++ b/english/security/2019/dsa-4407.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4407-1 xmltooling</define-tag> +<define-tag report_date>2019-3-12</define-tag> +<define-tag secrefs>CVE-2019-9628</define-tag> +<define-tag packages>xmltooling</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2019/dsa-4407.wml b/english/security/2019/dsa-4407.wml new file mode 100644 index 00000000000..bfc3da65065 --- /dev/null +++ b/english/security/2019/dsa-4407.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Ross Geerlings discovered that the XMLTooling library didn't correctly +handle exceptions on malformed XML declarations, which could result in +denial of service against the application using XMLTooling.</p> + +<p>For the stable distribution (stretch), this problem has been fixed in +version 1.6.0-4+deb9u2.</p> + +<p>We recommend that you upgrade your xmltooling packages.</p> + +<p>For the detailed security status of xmltooling please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/xmltooling">https://security-tracker.debian.org/tracker/xmltooling</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2019/dsa-4407.data" +# $Id: $ |