HomeFreeBSD

Document vulnerability in textproc/raptor2

Description

Document vulnerability in textproc/raptor2

From [1], [2], [3]:
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF
Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML
writer, leading to heap-based buffer overflows (sometimes seen in
raptor_qname_format_as_xml).

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18926
[2] https://www.debian.org/security/2020/dsa-4785
[3] https://www.openwall.com/lists/oss-security/2017/06/07/1

PR: 250971
Security: CVE-2017-18926

Details

Provenance
tcbernerAuthored on
Parents
rP554669: This is commit two of a two commit set:
Branches
Unknown
Tags
Unknown