[OE-core] [PATCH] libxml2: Fix CVE-2017-8872
Fan Xin
fan.xin at jp.fujitsu.com
Wed Jun 7 08:51:37 UTC 2017
CVE: CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers
to cause a denial of service (buffer over-read) or information disclosure.
External References:
https://bugzilla.gnome.org/show_bug.cgi?id=77520
Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com>
---
.../libxml/libxml2/libxml2-CVE-2017-8872.patch | 23 ++++++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 24 insertions(+)
create mode 100644 meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch
diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch
new file mode 100644
index 0000000..df05e06
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch
@@ -0,0 +1,23 @@
+libxml2-2.9.4: Fix CVE-2017-8872
+
+Bug 775200 - (CVE-2017-8872) global-buffer-overflow in htmlParseTryOrFinish (HTMLparser.c:5403)
+ - [https://bugzilla.gnome.org/show_bug.cgi?id=775200]
+
+CVE: CVE-2017-8872
+Upstream-Status: Submitted
+
+Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com>
+
+Index: libxml2-2.9.4/HTMLparser.c
+===================================================================
+--- libxml2-2.9.4.orig/HTMLparser.c
++++ libxml2-2.9.4/HTMLparser.c
+@@ -5396,6 +5396,8 @@ htmlParseTryOrFinish(htmlParserCtxtPtr c
+ ctxt->instate = XML_PARSER_EOF;
+ if ((ctxt->sax) && (ctxt->sax->endDocument != NULL))
+ ctxt->sax->endDocument(ctxt->userData);
++
++ goto done;
+ }
+ }
+ if (avail < 1)
diff --git a/meta/recipes-core/libxml/libxml2_2.9.4.bb b/meta/recipes-core/libxml/libxml2_2.9.4.bb
index ea0d3b8..0b4cbca 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.4.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.4.bb
@@ -24,6 +24,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
file://libxml2-CVE-2016-4658.patch \
file://libxml2-fix_NULL_pointer_derefs.patch \
file://CVE-2016-9318.patch \
+ file://libxml2-CVE-2017-8872.patch \
"
SRC_URI[libtar.md5sum] = "ae249165c173b1ff386ee8ad676815f5"
--
1.9.1
More information about the Openembedded-core
mailing list