wiki:SecurityFixes/2018-07-02

Context Navigation

Up
Start Page
Index
History

[CVE-2018-0499] Incomplete HTML escaping by Xapian::MSet::snippet()

Vulnerable versions: xapian-core 1.4.5 and earlier (back to when this feature was added in development release 1.3.5; 1.2.x doesn't have this method, so isn't vulnerable).

Fixed in xapian-core 1.4.6

Patch for 1.4.5 and earlier

xapian-discuss announcement

CVE-2018-0499

Last modified 6 years ago Last modified on 02/07/18 22:34:16

Note: See TracWiki for help on using the wiki.

Download in other formats:

Plain Text