| Revision Date: | 2016-02-08 | Version: | 2 |
| Title: | DSA-3309-1 -- tidy -- security update |
| Description: | Fernando MuГ±oz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2015-5522
CVE-2015-5523
DSA-3309-1
|
| Platform(s): | Debian 8
Debian GNU/kFreeBSD 7.0
Debian GNU/Linux 7.0
| Product(s): | tidy
|
| Definition Synopsis |
| Debian 7 Debian 7 is installed
AND GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR Debian GNU/kFreeBSD is installed
AND tidy is earlier than 0:20091223cvs-1.2+deb7u1
OR Debian 8
Debian 8 is installed
AND tidy is earlier than 0:20091223cvs-1.4+deb8u1
|