Bug#656377: marked as done (libxml2: [PATCH] fix for CVE-2011-3919)

Debian Bug Tracking System Sun, 22 Jan 2012 22:51:19 -0800

Your message dated Mon, 23 Jan 2012 06:47:43 +0000
with message-id <e1rpdgt-00046k...@franck.debian.org>
and subject line Bug#656377: fixed in libxml2 2.7.8.dfsg-7
has caused the Debian Bug report #656377,
regarding libxml2: [PATCH] fix for CVE-2011-3919
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
656377: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656377
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libxml2
Version: 2.7.8.dfsg-5.1
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via buffer overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919

Thanks for considering the patch.

References:
http://git.gnome.org/browse/libxml2/commit/?id=5bd3c061823a8499b27422aee04ea20aae24f03e
http://src.chromium.org/svn/trunk/src/third_party/libxml/README.chromium
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3919
http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -u libxml2-2.7.8.dfsg/parser.c libxml2-2.7.8.dfsg/parser.c
--- libxml2-2.7.8.dfsg/parser.c
+++ libxml2-2.7.8.dfsg/parser.c
@@ -2709,7 +2709,7 @@
 
 		buffer[nbchars++] = '&';
 		if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) {
-		    growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
+		    growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE);
 		}
 		for (;i > 0;i--)
 		    buffer[nbchars++] = *cur++;
diff -u libxml2-2.7.8.dfsg/debian/changelog libxml2-2.7.8.dfsg/debian/changelog

--- End Message ---

--- Begin Message ---

Source: libxml2
Source-Version: 2.7.8.dfsg-7

We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive:

libxml2-dbg_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/libxml2-dbg_2.7.8.dfsg-7_i386.deb
libxml2-dev_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/libxml2-dev_2.7.8.dfsg-7_i386.deb
libxml2-doc_2.7.8.dfsg-7_all.deb
  to main/libx/libxml2/libxml2-doc_2.7.8.dfsg-7_all.deb
libxml2-utils_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/libxml2-utils_2.7.8.dfsg-7_i386.deb
libxml2_2.7.8.dfsg-7.diff.gz
  to main/libx/libxml2/libxml2_2.7.8.dfsg-7.diff.gz
libxml2_2.7.8.dfsg-7.dsc
  to main/libx/libxml2/libxml2_2.7.8.dfsg-7.dsc
libxml2_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/libxml2_2.7.8.dfsg-7_i386.deb
python-libxml2-dbg_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/python-libxml2-dbg_2.7.8.dfsg-7_i386.deb
python-libxml2_2.7.8.dfsg-7_i386.deb
  to main/libx/libxml2/python-libxml2_2.7.8.dfsg-7_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 656...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andrew O. Shadura <bugzi...@tut.by> (supplier of updated libxml2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 20 Jan 2012 12:54:41 +0300
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc 
python-libxml2 python-libxml2-dbg
Architecture: source i386 all
Version: 2.7.8.dfsg-7
Distribution: unstable
Urgency: low
Maintainer: Debian XML/SGML Group <debian-xml-sgml-p...@lists.alioth.debian.org>
Changed-By: Andrew O. Shadura <bugzi...@tut.by>
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug 
extension)
Closes: 656377
Changes: 
 libxml2 (2.7.8.dfsg-7) unstable; urgency=high
 .
   * Team upload.
   * parser.c: Fix an allocation error when copying entities.
     CVE-2011-3919. Closes: #656377.
Checksums-Sha1: 
 6f2a3e081660b2f27ccb842b155423d3b3a8795e 1738 libxml2_2.7.8.dfsg-7.dsc
 4ced6692fa7cd44d421b0f6287ac8f323a8e14e1 119921 libxml2_2.7.8.dfsg-7.diff.gz
 ecb7f1b153ca5477e6834f3ad1b1037245195d93 885380 libxml2_2.7.8.dfsg-7_i386.deb
 005da2a78bc3fab3f8dfa3a9ad32b1882a8502be 92050 
libxml2-utils_2.7.8.dfsg-7_i386.deb
 a41fe0c82eb2f7489bcd7f1e6a75d132a9cb1231 814356 
libxml2-dev_2.7.8.dfsg-7_i386.deb
 7c2f8b4bf2ed9e3eed30d45d8227b5ed8e74a3b6 1104776 
libxml2-dbg_2.7.8.dfsg-7_i386.deb
 da0811d5d749e34bc6e135202883c23051cfc5f2 1379182 
libxml2-doc_2.7.8.dfsg-7_all.deb
 7869bce7892c1fe1317831e701666e240ae719ad 367566 
python-libxml2_2.7.8.dfsg-7_i386.deb
 2a896da4234df14a3064bc66b22beb8e67c0ecbe 826778 
python-libxml2-dbg_2.7.8.dfsg-7_i386.deb
Checksums-Sha256: 
 4ca18affaf517871d1a8567ac031775340e8645c052e6f534f78c03824677b43 1738 
libxml2_2.7.8.dfsg-7.dsc
 9d4446d8092d582b9f0dc640e5807728948c63788172231118442d8f3fff7e0a 119921 
libxml2_2.7.8.dfsg-7.diff.gz
 de02bdc027c679e05d1c3da077d8aee6ec11ae03334d3be0eb96d086a4022de3 885380 
libxml2_2.7.8.dfsg-7_i386.deb
 3ec3db8fce90b17f5ff026e3514f4e1652643d339d294da146f0fd0e3f7cd8fd 92050 
libxml2-utils_2.7.8.dfsg-7_i386.deb
 e6f81da60979df41aef78e60eb93acd570b22f4044de20ab2cafbdc8a09c0aa3 814356 
libxml2-dev_2.7.8.dfsg-7_i386.deb
 d86785c60d175db55642e7a20166c94cab0b4adb41b76d0fda3c9a4117dc522c 1104776 
libxml2-dbg_2.7.8.dfsg-7_i386.deb
 cc79722f2fcab229e8a15745e33bb748bfdeda62e213983313c089a5b112c76f 1379182 
libxml2-doc_2.7.8.dfsg-7_all.deb
 409a99bc6b9a4d195fc8ff1543151720ca4dc1dd5a94080f96846a0225643e88 367566 
python-libxml2_2.7.8.dfsg-7_i386.deb
 5250729c62ac2f76e5479141eda1d0bc5f482e93bd7f4535904c5f4e5316ccbe 826778 
python-libxml2-dbg_2.7.8.dfsg-7_i386.deb
Files: 
 5c98fcc81337ac567b3395d67d05e36f 1738 libs optional libxml2_2.7.8.dfsg-7.dsc
 3662251bba7a9ec40bba5a133ebfc104 119921 libs optional 
libxml2_2.7.8.dfsg-7.diff.gz
 0979a092c951849559b8b5935f51e036 885380 libs standard 
libxml2_2.7.8.dfsg-7_i386.deb
 5f701e4afce5bb55390b966f08ddc3ec 92050 text optional 
libxml2-utils_2.7.8.dfsg-7_i386.deb
 85aa6b51f8416d934f50d24253c713c4 814356 libdevel optional 
libxml2-dev_2.7.8.dfsg-7_i386.deb
 418dfde4d4ae11a16fddb0f4ab47aeae 1104776 debug extra 
libxml2-dbg_2.7.8.dfsg-7_i386.deb
 3391c92e3b0f3e62747c9ccb6db29eef 1379182 doc optional 
libxml2-doc_2.7.8.dfsg-7_all.deb
 58a1fb82f8f83ccfa884e9c9d06472d2 367566 python optional 
python-libxml2_2.7.8.dfsg-7_i386.deb
 8da30190c23236d4ff6d25ecf5bdae03 826778 debug extra 
python-libxml2-dbg_2.7.8.dfsg-7_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk8c/tYACgkQ5UTeB5t8Mo3kDwCgznPdBH3Bo3Yqmhs0MmmtY48X
9p8An2Vd419Kf9oRRWTeiVK95QRb746y
=27Ti
-----END PGP SIGNATURE-----

--- End Message ---

Bug#656377: marked as done (libxml2: [PATCH] fix for CVE-2011-3919)

Reply via email to