Please provide link to bugzilla report. Also, does it have a reproducer ?

I didn't create a gnome bugzilla because security bugs are not restricted. Exploitation of this issue might be difficult but I just wanted to err on the safe side. 

I don't have a reproducer yet. I'll update this report as soon as I'm able to come up with one.

You can file a blank upstream bug and ask for it to be restricted. Please CC dominicc@chromium.org on these bugs. Thanks!

I think we have work to do for these sort of bugs so let's not make these ExternalDependency. This is just NeedsFeedback as usual.

Fixed with the following commit:

https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed

dominicc: Uh oh! This issue still open and hasn't been updated in the last 14 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers?

If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one?

If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

OK, apparently we need to roll libxml2.

Patch up for review at https://chromium-review.googlesource.com/c/535233/

We commit ourselves to a 60 day deadline for fixing for high severity vulnerabilities, and have exceeded it here. If you're unable to look into this soon, could you please find another owner or remove yourself so that this gets back into the security triage queue?

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

dominicc: I see that CL in #12 was landed. Can this be marked as fixed now? 

Hi pranjal.jumde@ - the Chrome VRP Panel declined to reward for this bug, but noted they would take another look if you could illustrate how it could be exploited via Chrome.

However, you might want to look at https://www.google.com/about/appsecurity/patch-rewards/ since you provided a security relevant patch that was used.  Cheers!

It would be hard to exploit this one, I am not looking for a reward but just wanted this issue to be addressed. 

Do you plan to release a CVE for this?

Thanks pranjal.jumde@, - yep, this should get a CVE allocated when M62 goes stable in the next few weeks.  Cheers!

This bug requires manual review: M63 has already been promoted to the beta branch, so this requires manual review
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), gkihumba@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

+awhalley@ (Security TPM) for M63 merge review

No merge needed, not sure why sheriffbot thought differently

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

 Issue 816860  has been merged into this issue.