Sync from SUSE:SLFO:Main libxml2 revision 329c5ef83dc8176dde764cb64c1c4342

libxml2-CVE-2024-34459.patch

@@ -0,0 +1,28 @@
+From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 8 May 2024 11:49:31 +0200
+Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`
+
+Add a missing bounds check.
+
+Fixes #720.
+---
+ xmllint.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xmllint.c b/xmllint.c
+index b2afbe969..35c328578 100644
+--- a/xmllint.c
++++ b/xmllint.c
+@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
+     len = strlen(buffer);
+     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
+     cur = input->cur;
+-    while ((*cur == '\n') || (*cur == '\r'))
++    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
+ 	cur--;
+     n = 0;
+     while ((cur != base) && (n++ < 80)) {
+-- 
+GitLab
+

libxml2.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jun 26 16:37:58 UTC 2024 - David Anes <david.anes@suse.com>
+
+- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in 
+  xmlHTMLPrintFileContext in xmllint.c
+  * Added libxml2-CVE-2024-34459.patch
+
 -------------------------------------------------------------------
 Sat Feb 10 10:56:46 UTC 2024 - David Anes <david.anes@suse.com>
 

libxml2.spec

@@ -54,7 +54,9 @@ Patch4:         libxml2-CVE-2023-45322.patch
 # PATCH-FIX-UPSTREAM use-after-free in XMLReader bsc#1219576 david.anes@suse.com
 # https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a66b176055d25ee635bf328c7b35b381db0b71d
 Patch5:         libxml2-CVE-2024-25062.patch
-
+# PATCH-FIX-UPSTREAM libxml2-CVE-2024-34459.patch bsc#1224282 david.anes@suse.com
+# https://gitlab.gnome.org/GNOME/libxml2/-/commit/3ad7f81624572ebd5b9e6058c9f67d38207c10e2
+Patch6: libxml2-CVE-2024-34459.patch
 #
 ### -- openSUSE patches range from 1000 to 1999 -- ###
 # PATCH-FIX-OPENSUSE