>The bug is a binary safety issue in html_entity_decode. A function that
>is not usually used on user input, because user input is usually not
>expected in HTML format and then decoded. Even if the function is used
>on user input it can only leak memory to a potential attacker i...
>The bug is a binary safety issue in html_entity_decode. A function that
>is not usually used on user input, because user input is usually not
>expected in HTML format and then decoded. Even if the function is used
>on user input it can only leak memory to a potential attacker i...
[ more ]