tag | e1f895952796c7e1e264bee4bc6bb1195d2279ab | |
---|---|---|
tagger | Daniel Veillard <veillard@redhat.com> | Tue Nov 03 16:14:00 2015 +0800 |
object | 213f1fe0d76d30eaed6e5853057defc43e6df2c9 |
Fix for CVE-2015-1819
commit | 213f1fe0d76d30eaed6e5853057defc43e6df2c9 | [log] [tgz] |
---|---|---|
author | Daniel Veillard <veillard@redhat.com> | Tue Apr 14 17:41:48 2015 +0800 |
committer | Daniel Veillard <veillard@redhat.com> | Tue Apr 14 17:41:48 2015 +0800 |
tree | 31a733dc047ef2ed98aab69d2ac38acac9442421 | |
parent | 8985cde70901c62d3f0f04da225e73b7344a52d7 [diff] |
CVE-2015-1819 Enforce the reader to run in constant memory One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect.