Debian Bug report logs -
#863019
libxml2: CVE-2017-9049: heap-based buffer overflow in xmlDictComputeFastKey
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 20 May 2017 09:12:01 UTC
Severity: important
Tags: patch, security, upstream
Found in versions libxml2/2.9.4+dfsg1-2.2, libxml2/2.9.1+dfsg1-5
Fixed in versions libxml2/2.9.4+dfsg1-3.1, libxml2/2.9.4+dfsg1-2.2+deb9u1, libxml2/2.9.1+dfsg1-5+deb8u5
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Forwarded to https://bugzilla.gnome.org/show_bug.cgi?id=781205
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#863019; Package src:libxml2.
(Sat, 20 May 2017 09:12:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>.
(Sat, 20 May 2017 09:12:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libxml2
Version: 2.9.4+dfsg1-2.2
Severity: important
Tags: upstream security
Forwarded: https://bugzilla.gnome.org/show_bug.cgi?id=781205
Hi,
the following vulnerability was published for libxml2.
CVE-2017-9049[0]:
| libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based
| buffer over-read in the xmlDictComputeFastKey function in dict.c. This
| vulnerability causes programs that use libxml2, such as PHP, to crash.
| This vulnerability exists because of an incomplete fix for libxml2 Bug
| 759398.
As per [1] this corresponds to (a yet closed) upstream report [2]. The
[1] posting contains a proposed patch (which is not yet upstream
acked).
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-9049
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
[1] http://www.openwall.com/lists/oss-security/2017/05/15/1
[2] https://bugzilla.gnome.org/show_bug.cgi?id=781205
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Marked as found in versions libxml2/2.9.1+dfsg1-5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 19 Aug 2017 15:24:06 GMT) (full text, mbox, link).
Added tag(s) patch.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 863018-submit@bugs.debian.org.
(Sun, 20 Aug 2017 05:15:06 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 863018-submit@bugs.debian.org.
(Sun, 20 Aug 2017 05:15:07 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#863019; Package src:libxml2.
(Sun, 20 Aug 2017 05:15:14 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>.
(Sun, 20 Aug 2017 05:15:14 GMT) (full text, mbox, link).
Message #16 received at 863019@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 863018 + patch
Control: tags 863018 + pending
Control: tags 863019 + patch
Control: tags 863019 + pending
Control: tags 863021 + patch
Control: tags 863021 + pending
Control: tags 863022 + patch
Control: tags 863022 + pending
Control: tags 870865 + patch
Control: tags 870865 + pending
Control: tags 870867 + pending
Control: tags 870870 + pending
Dear libxml2 maintainer(s) team,
I've prepared an NMU for libxml2 (versioned as 2.9.4+dfsg1-3.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer or actually can reschedule to have it entering
the archive earlier.
I have prepared a corresponding upload for jessie-security and
stretch-security, but would prefer to release those packages only
after libxml2 has entered unstable as well.
Regards,
Salvatore
[libxml2-2.9.4+dfsg1-3.1-nmu.diff (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#863019; Package src:libxml2.
(Sun, 20 Aug 2017 07:42:11 GMT) (full text, mbox, link).
Message #19 received at 863019@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Sun, Aug 20, 2017 at 07:11:30AM +0200, Salvatore Bonaccorso wrote:
> I've prepared an NMU for libxml2 (versioned as 2.9.4+dfsg1-3.1) and
> uploaded it to DELAYED/5. Please feel free to tell me if I
> should delay it longer or actually can reschedule to have it entering
> the archive earlier.
Please go ahead and reschedule it to 0-day.
> I have prepared a corresponding upload for jessie-security and
> stretch-security, but would prefer to release those packages only
> after libxml2 has entered unstable as well.
Of course.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#863019; Package src:libxml2.
(Sun, 20 Aug 2017 08:45:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>.
(Sun, 20 Aug 2017 08:45:05 GMT) (full text, mbox, link).
Message #24 received at 863019@bugs.debian.org (full text, mbox, reply):
Hi Mattia,
On Sun, Aug 20, 2017 at 09:16:31AM +0200, Mattia Rizzolo wrote:
> On Sun, Aug 20, 2017 at 07:11:30AM +0200, Salvatore Bonaccorso wrote:
> > I've prepared an NMU for libxml2 (versioned as 2.9.4+dfsg1-3.1) and
> > uploaded it to DELAYED/5. Please feel free to tell me if I
> > should delay it longer or actually can reschedule to have it entering
> > the archive earlier.
>
> Please go ahead and reschedule it to 0-day.
>
> > I have prepared a corresponding upload for jessie-security and
> > stretch-security, but would prefer to release those packages only
> > after libxml2 has entered unstable as well.
>
> Of course.
Perfect, thanks for the quick reply.
Regards,
Salvatore
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sun, 20 Aug 2017 08:54:15 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 20 Aug 2017 08:54:16 GMT) (full text, mbox, link).
Message #29 received at 863019-close@bugs.debian.org (full text, mbox, reply):
Source: libxml2
Source-Version: 2.9.4+dfsg1-3.1
We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 863019@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated libxml2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 20 Aug 2017 06:56:40 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg python3-libxml2 python3-libxml2-dbg
Architecture: source
Version: 2.9.4+dfsg1-3.1
Distribution: unstable
Urgency: low
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 863018 863019 863021 863022 870865 870867 870870
Description:
libxml2 - GNOME XML library
libxml2-dbg - Debugging symbols for the GNOME XML library
libxml2-dev - Development files for the GNOME XML library
libxml2-doc - Documentation for the GNOME XML library
libxml2-utils - XML utilities
python-libxml2 - Python bindings for the GNOME XML library
python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
python3-libxml2 - Python3 bindings for the GNOME XML library
python3-libxml2-dbg - Python3 bindings for the GNOME XML library (debug extension)
Changes:
libxml2 (2.9.4+dfsg1-3.1) unstable; urgency=low
.
* Non-maintainer upload.
* Increase buffer space for port in HTTP redirect support (CVE-2017-7376)
Incorrect limit was used for port values. (Closes: #870865)
* Prevent unwanted external entity reference (CVE-2017-7375)
Missing validation for external entities in xmlParsePEReference.
(Closes: #870867)
* Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050)
- Heap-based buffer over-read in function xmlDictComputeFastKey
(CVE-2017-9049).
- Heap-based buffer over-read in function xmlDictAddString
(CVE-2017-9050).
(Closes: #863019, #863018)
* Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047,
CVE-2017-9048)
- Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047).
- Stack-based buffer overflow in function xmlSnprintfElementContent
(CVE-2017-9048).
(Closes: #863022, #863021)
* Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663)
Heap buffer overflow in xmlAddID. (Closes: #870870)
Checksums-Sha1:
f403fa424d24484734ac50e4f425fb20bbc8c0a4 3121 libxml2_2.9.4+dfsg1-3.1.dsc
2107cdd9a86fcced334e230c0570b8b9d4ffaef5 33852 libxml2_2.9.4+dfsg1-3.1.debian.tar.xz
Checksums-Sha256:
7b6dbd6cb82e44393436d1900ec37791002456eb53f17951d561b2b4f3a71bdf 3121 libxml2_2.9.4+dfsg1-3.1.dsc
9de354bf1315f0e631505789a6059fdbcef3fd2c262b1573935cdf6acf0ee976 33852 libxml2_2.9.4+dfsg1-3.1.debian.tar.xz
Files:
63f1bfc1415e09c79177978cce1f2f77 3121 libs optional libxml2_2.9.4+dfsg1-3.1.dsc
ae6b0290e64db9ccf1604938422de437 33852 libs optional libxml2_2.9.4+dfsg1-3.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmZGH1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ei3MP/RrZvJrvv0dJ9f2ollRVL9hi3iqZ9pKN
xfOqEjQ2pOyDdiG/maJWvpJvMb+Jxm4yPJmPqBiWddUe69sBDK1V7svkh8PnuGK3
MjWZgS67UoIq7tN9rGflOhhJZ14E6YJniv3bq2F+uu3IpQCdoxDNFDGbEMZOXyt0
b6/fiw+8CYbswO+fe0UqGwnqBEfVF0ZEk2XRhPaldACOLgaiA5sJBqEiS/eV56+5
tRu+wI9PM2wg15Y3zVRWBygTwvKKDhbKU0W6UKbrfNz7x93OutHQp7N1tdHgch47
aP0gsSUTgx0O27VjYup8jWFS2w1muypGeM0xsBLLgQADmVSq4e+x+jsradC7wt+2
/+wZqDmXrlJF4Rpwm7Edu37uXngSMjwXN75bMYtie54AKn+Mc38QpcuM3lp6qHGG
n0b2TrR4Ay0t2upof2lOwVMAg7007BcmvOxuPmnVAPdpAKjiMCQukTdhmfthmBZ4
QdVRN3NYDfjehYzioUkpcBgoNhu7nD7tFsIIC592kaW7YGmV8eLrcPt7WqOOZnoW
Ew6BSyOMPDvVibB0pmi1LnSAZxmkDmpqdEUpcaoyQ6Mv6Emc1lVORDqWy/Lf1r44
gf8IOIxc9/Zql4W65CKTGcnpWRHY6vUwY5GIdYk1z1BxS+h4JNH8JZCHTY/A/FIO
mNhEVvbVSM0g
=3MwH
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Wed, 23 Aug 2017 20:51:07 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 23 Aug 2017 20:51:07 GMT) (full text, mbox, link).
Message #34 received at 863019-close@bugs.debian.org (full text, mbox, reply):
Source: libxml2
Source-Version: 2.9.4+dfsg1-2.2+deb9u1
We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 863019@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated libxml2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 19 Aug 2017 17:36:49 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg python3-libxml2 python3-libxml2-dbg
Architecture: source
Version: 2.9.4+dfsg1-2.2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 863018 863019 863021 863022 870865 870867 870870
Description:
libxml2 - GNOME XML library
libxml2-dbg - Debugging symbols for the GNOME XML library
libxml2-dev - Development files for the GNOME XML library
libxml2-doc - Documentation for the GNOME XML library
libxml2-utils - XML utilities
libxml2-utils-dbg - XML utilities (debug extension)
python-libxml2 - Python bindings for the GNOME XML library
python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
python3-libxml2 - Python3 bindings for the GNOME XML library
python3-libxml2-dbg - Python3 bindings for the GNOME XML library (debug extension)
Changes:
libxml2 (2.9.4+dfsg1-2.2+deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Increase buffer space for port in HTTP redirect support (CVE-2017-7376)
Incorrect limit was used for port values. (Closes: #870865)
* Prevent unwanted external entity reference (CVE-2017-7375)
Missing validation for external entities in xmlParsePEReference.
(Closes: #870867)
* Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050)
- Heap-based buffer over-read in function xmlDictComputeFastKey
(CVE-2017-9049).
- Heap-based buffer over-read in function xmlDictAddString
(CVE-2017-9050).
(Closes: #863019, #863018)
* Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047,
CVE-2017-9048)
- Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047).
- Stack-based buffer overflow in function xmlSnprintfElementContent
(CVE-2017-9048).
(Closes: #863022, #863021)
* Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663)
Heap buffer overflow in xmlAddID. (Closes: #870870)
Checksums-Sha1:
df8d7379224f77ab6a6c4d443c9bdefba287c141 3049 libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
ca9a4f7f1eab2b69ead6174885a5e6b1629ec956 2446412 libxml2_2.9.4+dfsg1.orig.tar.xz
85d5216fdadbe362d11ec4bd19b127a5acf5fdcf 33600 libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz
Checksums-Sha256:
9cd8802fa5c7a6c89a23c755b41f5e9a114f7e74c4b5aeb303516c1f298df87a 3049 libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
a74ad55e346aa0b2b41903e66d21f8f3d2a736b3f41e32496376861ab484184e 2446412 libxml2_2.9.4+dfsg1.orig.tar.xz
6c9e6fed9d68a7992057e6153972d1582fc75ff3140f619ba9c0b024351c14e7 33600 libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz
Files:
b651eec09442c237b38564cea286c342 3049 libs optional libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
3ced197721416e7e2f13b0f4e0f1185b 2446412 libs optional libxml2_2.9.4+dfsg1.orig.tar.xz
fe5416336a1b118695ac05fb4019a8c9 33600 libs optional libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmYXFZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ELtoP+QGKO/pvoqXCukGRP2N1YXz29cQg46zm
hFHHXhbgHV3za26ZYB27BsSvaJMtAskYg3OZmBL+jsctDsZNJQrBmAG7l9sJ1a6J
d1o+tG/r2cvVLnsSPUSPVaKTG4YyIuX06SLg9d0TJcCaPI4O2TsQ4MKpNKjXBjfi
ELzyYGV2l9pPcstlyaAOXmL27Va0W1DVUQhoa8+Smh08deDkV8V/+knINTVoGDny
KoUGUuPnHG8sjcRvhb+W+0pu5s4in3ck/KExtjdIjZws+m+IFrUqwiMJN06vmKcA
T2j47mVRoAYHCnJqP2bssRGDMJKH1sxfG9gewna4R30KrCBjJNGRTahTtxSW6wZd
VbhIQPCJ8+Foxej9xgL85RzjC0j9b99/3d2goaI3nfSXtr+FCZS9R0i2tCwq1Njk
Mve6++QgDgmeZOTijR4QiBN/WSZDBa6gLP4RjSrmjcGTfjxms1e5jhKy4qaRlRMB
wCmzCt7tbYBCYQ3YQ9zAich8bV43v2SHIwxrGn9ZzeLGbIdbQ0H6T7lHI/nIQoD9
BDXGP5AcD5FTzs2nlqFudzXnv4117er/LgFv6fBaEZzdt4NqQUesdKNibpvAH/L+
PO0cXBlihHkyospv1phcXkWzVkM8xUlFZczTBXmJA4rzRtFG2w7jl/Zgh6oEY8Br
yE8Sv8isjLp5
=MtaG
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Wed, 23 Aug 2017 21:21:06 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 23 Aug 2017 21:21:06 GMT) (full text, mbox, link).
Message #39 received at 863019-close@bugs.debian.org (full text, mbox, reply):
Source: libxml2
Source-Version: 2.9.1+dfsg1-5+deb8u5
We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 863019@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated libxml2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 19 Aug 2017 17:31:22 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: all source
Version: 2.9.1+dfsg1-5+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 863018 863019 863021 863022 870865 870867 870870
Description:
libxml2 - GNOME XML library
libxml2-dbg - Debugging symbols for the GNOME XML library
libxml2-dev - Development files for the GNOME XML library
libxml2-doc - Documentation for the GNOME XML library
libxml2-utils - XML utilities
libxml2-utils-dbg - XML utilities (debug extension)
python-libxml2 - Python bindings for the GNOME XML library
python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Changes:
libxml2 (2.9.1+dfsg1-5+deb8u5) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Increase buffer space for port in HTTP redirect support (CVE-2017-7376)
Incorrect limit was used for port values. (Closes: #870865)
* Prevent unwanted external entity reference (CVE-2017-7375)
Missing validation for external entities in xmlParsePEReference.
(Closes: #870867)
* Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050)
- Heap-based buffer over-read in function xmlDictComputeFastKey
(CVE-2017-9049).
- Heap-based buffer over-read in function xmlDictAddString
(CVE-2017-9050).
(Closes: #863019, #863018)
* Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047,
CVE-2017-9048)
- Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047).
- Stack-based buffer overflow in function xmlSnprintfElementContent
(CVE-2017-9048).
(Closes: #863022, #863021)
* Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663)
Heap buffer overflow in xmlAddID. (Closes: #870870)
Checksums-Sha1:
eaab819c0731a18e9c54f4063ab224dcf6cbb601 2760 libxml2_2.9.1+dfsg1-5+deb8u5.dsc
1ac243dfcb48cc4c6f75c047fbc615ad8dd13f34 70784 libxml2_2.9.1+dfsg1-5+deb8u5.debian.tar.xz
53e9469a3539c99004bf03f2d48c740d35fd11c1 815012 libxml2-doc_2.9.1+dfsg1-5+deb8u5_all.deb
Checksums-Sha256:
6fe2c4e997f1ed1520cbba4474513880a1e7450de57a0c86f73c4023396609fb 2760 libxml2_2.9.1+dfsg1-5+deb8u5.dsc
01247e1947e2b52c4ef0e227fdd501038aa0840b8c889c26b6503a2dcd85a5d3 70784 libxml2_2.9.1+dfsg1-5+deb8u5.debian.tar.xz
5e3c6fc3559c5a11fd1d8fa82adc279a50e72aea8e1cfb737edb9ef56be62d56 815012 libxml2-doc_2.9.1+dfsg1-5+deb8u5_all.deb
Files:
2a3af655cd7869b5c46d004574abc73e 2760 libs optional libxml2_2.9.1+dfsg1-5+deb8u5.dsc
c3ad68eb36657f8205d46df58bbef1cb 70784 libs optional libxml2_2.9.1+dfsg1-5+deb8u5.debian.tar.xz
20f7e4cd04c586dcebfc9d889ff8e926 815012 doc optional libxml2-doc_2.9.1+dfsg1-5+deb8u5_all.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmYWvlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EE0oP/0lQVfaWpw3IFFPpnuyFZE60cbGVBvkm
xcqxfQ2JakMYi9ad2l2zt/OzuH3kgXVuQq7PYQmXbTsRSETqszVjG403m4aIkIht
HrtH8JmilAtNMKmvYpuNoUpVpPHT6JERQv9PU4B4gFqgS2tPG0iwzLZvivnuoPwH
8nlHugB0eIbyudk51YP3Swh5qx3Hx6VWGxAlcPnduA8PyFRV++fRu0oriEtaff+G
hqHWnA5ZgQBUMTiClCYrjwWaYK00tIkq44l+ceoyjBusix43xoDkoQ0iekPnUMmQ
CXSLke7/pxAqp7iakQNljm6Hd8LABXMRDAeyPYGiQPa4l8z9ad5kQnJ2Hz2Inx4s
UMH/JFqFLk0FinXyYZ2gKERcwheaNGQh9nbWhWgvAdmNC8KnXBNpCSs2qk2KwmqP
TO1n3Rw7EUEulaSJwomuDz6/h8u2Kkzo2RZPkcwRfEE0pmZAIuoVChr4zJpdUQ+E
ed0kRX5m5t50csgzWpMnfbu5mRn3p0SMzdiBlAQZUHQXGNzkEsXqD5pnCAw0lFnM
kiac5oDW/7n/v/8yR9jgN6CqcGtEjtmGf+I89Nuf91ZXazjEZJW9w+caIqfbJAnB
YAGCQFYD5Mvc8d2h5LtTUINca5RZH4QL46pz7gIeGBKCmkW71CVW7CS4DpIaeC9Q
x2pYxo5jonEM
=1LfP
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 07 Oct 2017 07:26:39 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:26:52 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon