Bug#1040818: marked as done (bookworm-pu: package libxml2/2.9.14+dfsg-1.3~deb12u1)

Debian Bug Tracking System Sat, 22 Jul 2023 06:35:00 -0700

Your message dated Sat, 22 Jul 2023 13:19:43 +0000
with message-id <e1qncwn-005rsq...@coccia.debian.org>
and subject line Released with 12.1
has caused the Debian Bug report #1040818,
regarding bookworm-pu: package libxml2/2.9.14+dfsg-1.3~deb12u1
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1040818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040818
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: libx...@packages.debian.org, car...@debian.org
Control: affects -1 + src:libxml2

Hi stable release managers,

[ Reason ]
libxml2 in bookworm and older is affected by CVE-2022-2309.
The issue does not warrant a DSA, so I prepared an update to be
included in the next point release.

[ Impact ]
CVE-2022-2309 remains open for bookworm.

[ Tests ]
None specifically.

[ Risks ]
The two commits are isolated.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The two commits from upstream do reset ctxt->nsNr to 0 in xmlCtxtReset
(the original report) and as well in htmlCtxtReset to address the
issue in libxml2.

[ Other info ]
None.

Thanks for considering accepting the update as well for bookworm. I'm
aiming as well to do the same for bullseye-pu, but this has not been
done yet.

Regards,
Salvatore

diff -Nru libxml2-2.9.14+dfsg/debian/changelog 
libxml2-2.9.14+dfsg/debian/changelog
--- libxml2-2.9.14+dfsg/debian/changelog        2023-04-15 16:25:06.000000000 
+0200
+++ libxml2-2.9.14+dfsg/debian/changelog        2023-07-10 21:58:07.000000000 
+0200
@@ -1,3 +1,17 @@
+libxml2 (2.9.14+dfsg-1.3~deb12u1) bookworm; urgency=medium
+
+  * Rebuild for bookworm
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Mon, 10 Jul 2023 21:58:07 +0200
+
+libxml2 (2.9.14+dfsg-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Reset nsNr in xmlCtxtReset (CVE-2022-2309) (Closes: #1039991)
+  * Also reset nsNr in htmlCtxtReset (CVE-2022-2309) (Closes: #1039991)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Sat, 08 Jul 2023 21:18:29 +0200
+
 libxml2 (2.9.14+dfsg-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru 
libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch 
libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch
--- libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch   
1970-01-01 01:00:00.000000000 +0100
+++ libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch   
2023-07-10 21:58:07.000000000 +0200
@@ -0,0 +1,27 @@
+From: Nick Wellnhofer <wellnho...@aevum.de>
+Date: Thu, 28 Jul 2022 21:35:17 +0200
+Subject: Also reset nsNr in htmlCtxtReset
+origin: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/a82ea25fc83f563c574ddb863d6c17d9c5abdbd2
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309
+Bug-Debian: https://bugs.debian.org/1039991
+
+---
+ HTMLparser.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/HTMLparser.c b/HTMLparser.c
+index 9079fa8aa52d..1520663ba2af 100644
+--- a/HTMLparser.c
++++ b/HTMLparser.c
+@@ -6743,6 +6743,8 @@ htmlCtxtReset(htmlParserCtxtPtr ctxt)
+     ctxt->nameNr = 0;
+     ctxt->name = NULL;
+ 
++    ctxt->nsNr = 0;
++
+     DICT_FREE(ctxt->version);
+     ctxt->version = NULL;
+     DICT_FREE(ctxt->encoding);
+-- 
+2.40.1
+
diff -Nru libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch 
libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch
--- libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch 
1970-01-01 01:00:00.000000000 +0100
+++ libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch 
2023-07-10 21:58:07.000000000 +0200
@@ -0,0 +1,27 @@
+From: Nick Wellnhofer <wellnho...@aevum.de>
+Date: Mon, 18 Jul 2022 20:59:45 +0200
+Subject: Reset nsNr in xmlCtxtReset
+origin: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/5930fe01963136ab92125feec0c6204d9c9225dc
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309
+Bug-Debian: https://bugs.debian.org/1039991
+
+---
+ parser.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index d278638dd6d4..e660b0a7d499 100644
+--- a/parser.c
++++ b/parser.c
+@@ -14820,6 +14820,8 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt)
+     ctxt->nameNr = 0;
+     ctxt->name = NULL;
+ 
++    ctxt->nsNr = 0;
++
+     DICT_FREE(ctxt->version);
+     ctxt->version = NULL;
+     DICT_FREE(ctxt->encoding);
+-- 
+2.40.1
+
diff -Nru libxml2-2.9.14+dfsg/debian/patches/series 
libxml2-2.9.14+dfsg/debian/patches/series
--- libxml2-2.9.14+dfsg/debian/patches/series   2023-04-15 16:25:06.000000000 
+0200
+++ libxml2-2.9.14+dfsg/debian/patches/series   2023-07-10 21:58:07.000000000 
+0200
@@ -6,3 +6,5 @@
 schemas-Fix-null-pointer-deref-in-xmlSchemaCheckCOSS.patch
 CVE-2023-28484-Fix-null-deref-in-xmlSchemaFixupCompl.patch
 CVE-2023-29469-Hashing-of-empty-dict-strings-isn-t-d.patch
+Reset-nsNr-in-xmlCtxtReset.patch
+Also-reset-nsNr-in-htmlCtxtReset.patch

--- End Message ---

--- Begin Message ---
Version: 12.1

The upload requested in this bug has been released as part of 12.1.
--- End Message ---

Bug#1040818: marked as done (bookworm-pu: package libxml2/2.9.14+dfsg-1.3~deb12u1)

Reply via email to