This repository has been archived by the owner on Mar 16, 2022. It is now read-only.
1.30.0
cf-buildpacks-eng
released this
20 Jan 13:08
·
308 commits
to master
since this release
Notably, this release addresses USN-2874-1 "Bind vulnerability" and USN-2875-1 "libxml2 vulnerabilities":
- CVE-2015-8704: Denial of service via APL data that could trigger an INSIST
- CVE-2015-7499: Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2
before 2.9.3 allows context-dependent attackers to obtain sensitive process
memory information via unspecified vectors. - CVE-2015-8710: out of bounds memory access via unclosed html comment