textproc/libxml CVE-2021-3537

Mon, 10 May 2021 03:43:44 -0700 

Hi,

ok to fix CVE-2021-3537 ?

Unfortunately libxml2 does not make security releases so we have
to pick the patches from their repository.

bluhm

Index: textproc/libxml/Makefile
===================================================================
RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/Makefile,v
retrieving revision 1.186
diff -u -p -r1.186 Makefile
--- textproc/libxml/Makefile    27 Apr 2021 11:16:48 -0000      1.186
+++ textproc/libxml/Makefile    7 May 2021 17:39:34 -0000
@@ -4,8 +4,8 @@ COMMENT-main=           XML parsing library
 COMMENT-python=                Python bindings for libxml
 
 VERSION=               2.9.10
-REVISION-main=         3
-REVISION-python=       3
+REVISION-main=         4
+REVISION-python=       4
 DISTNAME=              libxml2-${VERSION}
 PKGNAME-main=          libxml-${VERSION}
 PKGNAME-python=                py3-libxml-${VERSION}
Index: textproc/libxml/patches/patch-parser_c
===================================================================
RCS file: 
/data/mirror/openbsd/cvs/ports/textproc/libxml/patches/patch-parser_c,v
retrieving revision 1.20
diff -u -p -r1.20 patch-parser_c
--- textproc/libxml/patches/patch-parser_c      1 Feb 2020 20:35:32 -0000       
1.20
+++ textproc/libxml/patches/patch-parser_c      7 May 2021 17:31:33 -0000
@@ -3,6 +3,10 @@ $OpenBSD: patch-parser_c,v 1.20 2020/02/
 https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076
 CVE-2020-7595
 
+https://bugzilla.redhat.com/show_bug.cgi?id=1956522
+https://gitlab.gnome.org/GNOME/libxml2/commit/babe75030c7f64a37826bb3342317134568bef61
+CVE-2021-3537
+
 Index: parser.c
 --- parser.c.orig
 +++ parser.c
@@ -16,3 +20,24 @@ Index: parser.c
  
        if (c == 0) break;
          if ((c == '&') && (str[1] == '#')) {
+@@ -6194,6 +6195,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPt
+       SKIP_BLANKS;
+         cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+                                                            depth + 1);
++        if (cur == NULL)
++            return(NULL);
+       SKIP_BLANKS;
+       GROW;
+     } else {
+@@ -6327,6 +6330,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPt
+           SKIP_BLANKS;
+           last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+                                                           depth + 1);
++            if (last == NULL) {
++              if (ret != NULL)
++                  xmlFreeDocElementContent(ctxt->myDoc, ret);
++              return(NULL);
++            }
+           SKIP_BLANKS;
+       } else {
+           elem = xmlParseName(ctxt);

Reply via email to