diff options
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/control | 15 | ||||
| -rw-r--r-- | debian/patches/cve-2012-3102.patch | 39 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
4 files changed, 48 insertions, 15 deletions
diff --git a/debian/changelog b/debian/changelog index 2301898..dfeb755 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +libxml2 (2.7.8.dfsg-9.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix cve-2012-3102: off by one poinnter access in xpointer.c + (closes: #674191). + + -- Michael Gilbert <mgilbert@debian.org> Wed, 23 May 2012 13:48:52 -0400 + libxml2 (2.7.8.dfsg-9) unstable; urgency=low * Multi-Arch ready. (Closes: #643026) diff --git a/debian/control b/debian/control index 9571cd0..aa6e4d5 100644 --- a/debian/control +++ b/debian/control @@ -141,18 +141,3 @@ Description: Python bindings for the GNOME XML library (debug extension) This package contains the files needed to use the GNOME XML library in Python programs for use with the Python debug interpreter. -Package: libxml2-udeb -XC-Package-Type: udeb -Architecture: any -Section: debian-installer -Depends: ${shlibs:Depends}, ${misc:Depends} -Description: GNOME XML library - minimal runtime - XML is a metalanguage to let you design your own markup language. - A regular markup language defines a way to describe information in - a certain class of documents (eg HTML). XML lets you define your - own customized markup languages for many classes of document. It - can do this because it's written in SGML, the international standard - metalanguage for markup languages. - . - This is a minimal package for use in debian-installer that yields a - library providing an extensive API to handle such XML data files. diff --git a/debian/patches/cve-2012-3102.patch b/debian/patches/cve-2012-3102.patch new file mode 100644 index 0000000..4f6a92c --- /dev/null +++ b/debian/patches/cve-2012-3102.patch @@ -0,0 +1,39 @@ +From d8e1faeaa99c7a7c07af01c1c72de352eb590a3e Mon Sep 17 00:00:00 2001 +From: Jüri Aedla <asd@ut.ee> +Date: Mon, 07 May 2012 07:06:56 +0000 +Subject: Fix an off by one pointer access + +getting out of the range of memory allocated for xpointer decoding +--- +diff --git a/xpointer.c b/xpointer.c +index 37afa3a..0b463dd 100644 +--- a/xpointer.c ++++ b/xpointer.c +@@ -1007,21 +1007,14 @@ xmlXPtrEvalXPtrPart(xmlXPathParserContextPtr ctxt, xmlChar *name) { + NEXT; + break; + } +- *cur++ = CUR; + } else if (CUR == '(') { + level++; +- *cur++ = CUR; + } else if (CUR == '^') { +- NEXT; +- if ((CUR == ')') || (CUR == '(') || (CUR == '^')) { +- *cur++ = CUR; +- } else { +- *cur++ = '^'; +- *cur++ = CUR; +- } +- } else { +- *cur++ = CUR; ++ if ((NXT(1) == ')') || (NXT(1) == '(') || (NXT(1) == '^')) { ++ NEXT; ++ } + } ++ *cur++ = CUR; + NEXT; + } + *cur = 0; +-- +cgit v0.9.0.2 diff --git a/debian/patches/series b/debian/patches/series index 306e703..15e3e97 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 01_historical_changes.patch +cve-2012-3102.patch |