diff options
author | Akinori MUSHA <knu@FreeBSD.org> | 2014-05-13 01:55:45 +0000 |
---|---|---|
committer | Akinori MUSHA <knu@FreeBSD.org> | 2014-05-13 01:55:45 +0000 |
commit | 4f1a7e64a134ad49f2e23176bb7ade8beab15ae3 (patch) | |
tree | 8f9ce079d133cb85bb2419c45b966e5f9082bb1c /security | |
parent | ecc5c372825a518b38acbd45429a0e9f9e1bb713 (diff) | |
download | ports-4f1a7e64a134ad49f2e23176bb7ade8beab15ae3.tar.gz ports-4f1a7e64a134ad49f2e23176bb7ade8beab15ae3.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 58cd7be66566..7dffca95aba4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,7 +58,7 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> <vuln vid="efdd0edc-da3d-11e3-9ecb-2c4138874f7d"> - <topic>libxml2 -- entity substituton DoS</topic> + <topic>libxml2 -- entity substitution DoS</topic> <affects> <package> <name>libxml2</name> @@ -71,7 +71,7 @@ Notes: <blockquote cite="http://www.openwall.com/lists/oss-security/2014/05/06/4"> <p>It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly - performs entity substituton in the doctype prolog, even if + performs entity substitution in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead |