Sync from SUSE:SLFO:Main libxml2 revision 329c5ef83dc8176dde764cb64c1c4342

This commit is contained in:
Adrian Schröter 2024-08-06 11:04:08 +02:00
parent 74554e5374
commit 8cd1de924b
3 changed files with 38 additions and 1 deletions

View File

@ -0,0 +1,28 @@
From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 8 May 2024 11:49:31 +0200
Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`
Add a missing bounds check.
Fixes #720.
---
xmllint.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xmllint.c b/xmllint.c
index b2afbe969..35c328578 100644
--- a/xmllint.c
+++ b/xmllint.c
@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
len = strlen(buffer);
snprintf(&buffer[len], sizeof(buffer) - len, "\n");
cur = input->cur;
- while ((*cur == '\n') || (*cur == '\r'))
+ while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
cur--;
n = 0;
while ((cur != base) && (n++ < 80)) {
--
GitLab

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Wed Jun 26 16:37:58 UTC 2024 - David Anes <david.anes@suse.com>
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
-------------------------------------------------------------------
Sat Feb 10 10:56:46 UTC 2024 - David Anes <david.anes@suse.com>

View File

@ -54,7 +54,9 @@ Patch4: libxml2-CVE-2023-45322.patch
# PATCH-FIX-UPSTREAM use-after-free in XMLReader bsc#1219576 david.anes@suse.com
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a66b176055d25ee635bf328c7b35b381db0b71d
Patch5: libxml2-CVE-2024-25062.patch
# PATCH-FIX-UPSTREAM libxml2-CVE-2024-34459.patch bsc#1224282 david.anes@suse.com
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/3ad7f81624572ebd5b9e6058c9f67d38207c10e2
Patch6: libxml2-CVE-2024-34459.patch
#
### -- openSUSE patches range from 1000 to 1999 -- ###
# PATCH-FIX-OPENSUSE