diff --git a/backport-CVE-2024-34459.patch b/backport-CVE-2024-34459.patch new file mode 100644 index 0000000000000000000000000000000000000000..a5d1492403ab4455678401f86a62e954373041ba --- /dev/null +++ b/backport-CVE-2024-34459.patch @@ -0,0 +1,26 @@ +From 2876ac5392a4e891b81e40e592c3ac6cb46016ce Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 16 May 2024 17:38:11 +0800 +Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout` + +Add a missing bounds check. +--- + xmllint.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/xmllint.c b/xmllint.c +index 084c24a..1cfda99 100644 +--- a/xmllint.c ++++ b/xmllint.c +@@ -599,7 +599,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) { + len = strlen(buffer); + snprintf(&buffer[len], sizeof(buffer) - len, "\n"); + cur = input->cur; +- while ((*cur == '\n') || (*cur == '\r')) ++ while ((cur > base) && ((*cur == '\n') || (*cur == '\r'))) + cur--; + n = 0; + while ((cur != base) && (n++ < 80)) { +-- +2.33.0 + diff --git a/libxml2.spec b/libxml2.spec index e321a21d593add5f85414235fa3a37c03d37606b..6e77ea1d9b5df26b460737e987eedaeec0ff0e68 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,7 +1,7 @@ Summary: Library providing XML and HTML support Name: libxml2 Version: 2.9.14 -Release: 11 +Release: 12 License: MIT Group: Development/Libraries Source: https://download.gnome.org/sources/%{name}/2.9/%{name}-%{version}.tar.xz @@ -222,6 +222,7 @@ Patch6197: backport-malloc-fail-Fix-use-after-free-in-xmlBufBackToBuffer.patch Patch6198: backport-entities-Don-t-allow-null-name-in-xmlNewEntity.patch Patch6199: backport-save-Check-for-NULL-node-name-in-xhtmlIsEmpty.patch Patch6200: backport-valid-Check-for-NULL-node-name-in-xmlSnprintfElement.patch +Patch6201: backport-CVE-2024-34459.patch BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: python3-devel @@ -377,6 +378,12 @@ rm -fr %{buildroot} %changelog +* Thu May 16 2024 cenhuilin - 2.9.14-12 +- Type:CVE +- CVE:CVE-2024-34459 +- SUG:NA +- DESC:fix CVE-2024-34459 + * Mon May 06 2024 zhuofeng - 2.9.14-11 - Type:bugfix - CVE:NA