| === E_Eickmeyer is now known as Eickmeyer | ||
| ricotz | hello, please take a look at https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1943133 regarding CVE-2013-0340/CWE-776 | 12:46 |
|---|---|---|
| ubottu | Launchpad bug 1943133 in expat (Ubuntu) "Sync expat 2.4.1-1 (main) from Debian experimental (main)" [Wishlist, New] | 12:46 |
| ubottu | expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be arg... <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340> | 12:46 |
| sarnold | woot | 18:26 |
| blahdeblah | sarnold: That's one word for it | 23:34 |
| sarnold | blahdeblah :) | 23:55 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!