From b5414a9ca3adba64012c959883e20900fc04c93a05ed729791248ca9dc96d5b8 Mon Sep 17 00:00:00 2001
From: James Fehlig <jfehlig@suse.com>
Date: Tue, 6 May 2014 17:46:39 +0000
Subject: [PATCH] - CVE-2014-0179: Don't expand entities when parsing XML  
 d6b27d3e-CVE-2014-0179.patch   bnc#873705

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=368
---
 d6b27d3e-CVE-2014-0179.patch | 34 ++++++++++++++++++++++++++++++++++
 libvirt.changes              |  7 +++++++
 libvirt.spec                 |  2 ++
 3 files changed, 43 insertions(+)
 create mode 100644 d6b27d3e-CVE-2014-0179.patch

diff --git a/d6b27d3e-CVE-2014-0179.patch b/d6b27d3e-CVE-2014-0179.patch
new file mode 100644
index 0000000..cb33491
--- /dev/null
+++ b/d6b27d3e-CVE-2014-0179.patch
@@ -0,0 +1,34 @@
+commit d6b27d3e4c40946efa79e91d134616b41b1666c4
+Author: Daniel P. Berrange <berrange@redhat.com>
+Date:   Tue Apr 15 11:20:29 2014 +0100
+
+    LSN-2014-0003: Don't expand entities when parsing XML
+    
+    If the XML_PARSE_NOENT flag is passed to libxml2, then any
+    entities in the input document will be fully expanded. This
+    allows the user to read arbitrary files on the host machine
+    by creating an entity pointing to a local file. Removing
+    the XML_PARSE_NOENT flag means that any entities are left
+    unchanged by the parser, or expanded to "" by the XPath
+    APIs.
+    
+    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+
+Index: libvirt-1.2.3/src/util/virxml.c
+===================================================================
+--- libvirt-1.2.3.orig/src/util/virxml.c
++++ libvirt-1.2.3/src/util/virxml.c
+@@ -746,11 +746,11 @@ virXMLParseHelper(int domcode,
+ 
+     if (filename) {
+         xml = xmlCtxtReadFile(pctxt, filename, NULL,
+-                              XML_PARSE_NOENT | XML_PARSE_NONET |
++                              XML_PARSE_NONET |
+                               XML_PARSE_NOWARNING);
+     } else {
+         xml = xmlCtxtReadDoc(pctxt, BAD_CAST xmlStr, url, NULL,
+-                             XML_PARSE_NOENT | XML_PARSE_NONET |
++                             XML_PARSE_NONET |
+                              XML_PARSE_NOWARNING);
+     }
+     if (!xml)
diff --git a/libvirt.changes b/libvirt.changes
index 33ecba3..9193c84 100644
--- a/libvirt.changes
+++ b/libvirt.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon May  5 16:47:43 MDT 2014 - jfehlig@suse.com
+
+- CVE-2014-0179: Don't expand entities when parsing XML
+  d6b27d3e-CVE-2014-0179.patch
+  bnc#873705
+
 -------------------------------------------------------------------
 Tue Apr  8 09:44:50 MDT 2014 - jfehlig@suse.com
 
diff --git a/libvirt.spec b/libvirt.spec
index 7ca178b..7dc2e40 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -430,6 +430,7 @@ Source99:       baselibs.conf
 # Upstream patches
 Patch0:         0e0c1a74-domid-fix.patch
 Patch1:         7a1452f5-libxl-empty-cdrom.patch
+Patch2:         d6b27d3e-CVE-2014-0179.patch
 # Need to go upstream
 Patch100:       xen-name-for-devid.patch
 Patch101:       ia64-clone.patch
@@ -948,6 +949,7 @@ namespaces.
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 %patch100 -p1
 %patch101 -p1
 %patch102 -p1