Le dim. 25 janv. 2026 à 19:41, Peter Marko via lists.openembedded.org <[email protected]> a écrit :
> From: Peter Marko <[email protected]> > > Pick patch which closed [1]. > > [1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 Hello, Did you see Fix for CVE-2026-0992 is incomplete (#1040) · Issue · GNOME/libxml2 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1040 ... and the fixing commit: catalog: Do not check value for duplication nextCatalog (deed3b78) · Commits · GNOME / libxml2 · GitLab https://gitlab.gnome.org/GNOME/libxml2/-/commit/deed3b7873dff30b7f87f7f33154c9932a772522 ? Signed-off-by: Peter Marko <[email protected]> > --- > .../libxml/libxml2/CVE-2026-0992.patch | 49 +++++++++++++++++++ > meta/recipes-core/libxml/libxml2_2.14.6.bb | 1 + > 2 files changed, 50 insertions(+) > create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2026-0992.patch > > diff --git a/meta/recipes-core/libxml/libxml2/CVE-2026-0992.patch > b/meta/recipes-core/libxml/libxml2/CVE-2026-0992.patch > new file mode 100644 > index 0000000000..ad23498a4c > --- /dev/null > +++ b/meta/recipes-core/libxml/libxml2/CVE-2026-0992.patch > @@ -0,0 +1,49 @@ > +From f75abfcaa419a740a3191e56c60400f3ff18988d Mon Sep 17 00:00:00 2001 > +From: Daniel Garcia Moreno <[email protected]> > +Date: Fri, 19 Dec 2025 11:02:18 +0100 > +Subject: [PATCH] catalog: Ignore repeated nextCatalog entries > + > +This patch makes the catalog parsing to ignore repeated entries of > +nextCatalog with the same value. > + > +Fix https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 > + > +CVE: CVE-2026-0992 > +Upstream-Status: Backport [ > https://gitlab.gnome.org/GNOME/libxml2/-/commit/f75abfcaa419a740a3191e56c60400f3ff18988d > ] > +Signed-off-by: Peter Marko <[email protected]> > +--- > + catalog.c | 18 ++++++++++++++++++ > + 1 file changed, 18 insertions(+) > + > +diff --git a/catalog.c b/catalog.c > +index 46b877e6..fa6d77ca 100644 > +--- a/catalog.c > ++++ b/catalog.c > +@@ -1227,9 +1227,27 @@ xmlParseXMLCatalogNode(xmlNodePtr cur, > xmlCatalogPrefer prefer, > + BAD_CAST "delegateURI", BAD_CAST "uriStartString", > + BAD_CAST "catalog", prefer, cgroup); > + } else if (xmlStrEqual(cur->name, BAD_CAST "nextCatalog")) { > ++ xmlCatalogEntryPtr prev = parent->children; > ++ > + entry = xmlParseXMLCatalogOneNode(cur, XML_CATA_NEXT_CATALOG, > + BAD_CAST "nextCatalog", NULL, > + BAD_CAST "catalog", prefer, cgroup); > ++ /* Avoid duplication of nextCatalog */ > ++ while (prev != NULL) { > ++ if ((prev->type == XML_CATA_NEXT_CATALOG) && > ++ (xmlStrEqual (prev->URL, entry->URL)) && > ++ (xmlStrEqual (prev->value, entry->value)) && > ++ (prev->prefer == entry->prefer) && > ++ (prev->group == entry->group)) { > ++ if (xmlDebugCatalogs) > ++ xmlCatalogPrintDebug( > ++ "Ignoring repeated nextCatalog %s\n", > entry->URL); > ++ xmlFreeCatalogEntry(entry, NULL); > ++ entry = NULL; > ++ break; > ++ } > ++ prev = prev->next; > ++ } > + } > + if (entry != NULL) { > + if (parent != NULL) { > diff --git a/meta/recipes-core/libxml/libxml2_2.14.6.bb > b/meta/recipes-core/libxml/libxml2_2.14.6.bb > index 7b47f823f9..b881a89a5f 100644 > --- a/meta/recipes-core/libxml/libxml2_2.14.6.bb > +++ b/meta/recipes-core/libxml/libxml2_2.14.6.bb > @@ -21,6 +21,7 @@ SRC_URI += " > http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt > file://CVE-2025-6021.patch \ > file://CVE-2026-0989.patch \ > file://CVE-2026-0990.patch \ > + file://CVE-2026-0992.patch \ > " > > SRC_URI[archive.sha256sum] = > "7ce458a0affeb83f0b55f1f4f9e0e55735dbfc1a9de124ee86fb4a66b597203a" > > > > -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230126): https://lists.openembedded.org/g/openembedded-core/message/230126 Mute This Topic: https://lists.openembedded.org/mt/117455086/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
