GNOME Bugzilla – Bug 792840
CVE-2016-9597: stack overflow before detecting invalid XML file
Last modified: 2021-07-05 13:22:05 UTC
https://codereview.chromium.org/2539003002 Copy from https://access.redhat.com/errata/RHSA-2016:2957 Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2.4.23 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systems. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Affected Products Red Hat JBoss Core Services Text-Only Advisories x86_64
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/libxml2/-/issues/ Thank you for your understanding and your help.