diff --git a/backport-CVE-2024-34459.patch b/backport-CVE-2024-34459.patch new file mode 100644 index 0000000000000000000000000000000000000000..23776ce51c0b92478bebf5fca4ed6ee5d8654183 --- /dev/null +++ b/backport-CVE-2024-34459.patch @@ -0,0 +1,26 @@ +From 2876ac5392a4e891b81e40e592c3ac6cb46016ce Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 14 May 2024 08:50:50 +0800 +Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout` + +Add a missing bounds check. +--- + xmllint.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/xmllint.c b/xmllint.c +index 72839b5..739ac47 100644 +--- a/xmllint.c ++++ b/xmllint.c +@@ -595,7 +595,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) { + len = strlen(buffer); + snprintf(&buffer[len], sizeof(buffer) - len, "\n"); + cur = input->cur; +- while ((*cur == '\n') || (*cur == '\r')) ++ while ((cur > base) && ((*cur == '\n') || (*cur == '\r'))) + cur--; + n = 0; + while ((cur != base) && (n++ < 80)) { +-- +2.33.0 + diff --git a/libxml2.spec b/libxml2.spec index 1397e0c738e950abc4f2350bd2a8efd26cec8402..62ded54985b98daf2ac379858adda0750c2fd06e 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,7 +1,7 @@ Summary: Library providing XML and HTML support Name: libxml2 Version: 2.9.10 -Release: 40 +Release: 41 License: MIT Group: Development/Libraries Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz @@ -136,6 +136,7 @@ Patch123:backport-malloc-fail-Fix-memory-leak-in-xmlStaticCopyNodeList.patch Patch124:backport-CVE-2023-45322.patch Patch125:backport-CVE-2024-25062.patch Patch126:backport-CVE-2022-2309.patch +Patch127:backport-CVE-2024-34459.patch BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: python2-devel @@ -327,6 +328,12 @@ rm -fr %{buildroot} %changelog +* Tue May 14 2024 cenhuilin - 2.9.10-41 +- Type:CVE +- CVE:CVE-2024-34459 +- SUG:NA +- DESC:fix CVE-2024-34459 + * Tue Mar 26 zhuofeng - 2.9.10-40 - Type:CVE - CVE:CVE-2022-2309