diff options
| author | Andreas Wellving <andreas.wellving@enea.com> | 2018-09-11 10:09:27 +0200 |
|---|---|---|
| committer | Dan Andresan <Dan.Andresan@enea.com> | 2018-10-25 13:54:59 +0200 |
| commit | 2057b91933875959294f823b12938d6cba6ea62b (patch) | |
| tree | 357f87df7c8b037498a13094d39d6d77d2db35f5 /recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch | |
| parent | 5b8928cd5f01d83ae27824bb5d411723cabc3108 (diff) | |
| download | meta-nfv-access-common-2057b91933875959294f823b12938d6cba6ea62b.tar.gz | |
libxml2: Fix CVEs
CVE: CVE-2017-16932 CVE-2017-5130 CVE-2017-7375 CVE-2017-7376
Libxml2 in the upstream pyro is 2.9.4
CVE-2017-7376: For the stable distribution (stretch), these problems
have been fixed in version 2.9.4+dfsg1-2.2+deb9u1
CVE-2017-7375: stretch (security) 2.9.4+dfsg1-2.2+deb9u2
Reference:
CVE-2017-16932 https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
CVE-2017-5130 https://gitlab.gnome.org/GNOME/libxml2/commit/897dffbae322b46b83f99a607d527058a72c51ed
CVE-2017-7375 https://gitlab.gnome.org/GNOME/libxml2/commit/90ccb58242866b0ba3edbef8fe44214a101c2b3e
CVE-2017-7376 https://gitlab.gnome.org/GNOME/libxml2/commit/5dca9eea1bd4263bfa4d037ab2443de1cd730f7e
Change-Id: Icf68eea8e0916be2bc9f3e844f7d38f6fae75300
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com>
Diffstat (limited to 'recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch')
| -rw-r--r-- | recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch b/recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch new file mode 100644 index 0000000..aae956d --- /dev/null +++ b/recipes-core/libxml/libxml2/CVE-2017-7376-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch | |||
| @@ -0,0 +1,36 @@ | |||
| 1 | From 5dca9eea1bd4263bfa4d037ab2443de1cd730f7e Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Daniel Veillard <veillard@redhat.com> | ||
| 3 | Date: Fri, 7 Apr 2017 17:13:28 +0200 | ||
| 4 | Subject: [PATCH] Increase buffer space for port in HTTP redirect support | ||
| 5 | |||
| 6 | For https://bugzilla.gnome.org/show_bug.cgi?id=780690 | ||
| 7 | |||
| 8 | nanohttp.c: the code wrongly assumed a short int port value. | ||
| 9 | |||
| 10 | CVE: CVE-2017-7376 | ||
| 11 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/5dca9eea1bd4263bfa4d037ab2443de1cd730f7e] | ||
| 12 | |||
| 13 | Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> | ||
| 14 | --- | ||
| 15 | nanohttp.c | 4 ++-- | ||
| 16 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
| 17 | |||
| 18 | diff --git a/nanohttp.c b/nanohttp.c | ||
| 19 | index e109ad7..373425d 100644 | ||
| 20 | --- a/nanohttp.c | ||
| 21 | +++ b/nanohttp.c | ||
| 22 | @@ -1423,9 +1423,9 @@ retry: | ||
| 23 | if (ctxt->port != 80) { | ||
| 24 | /* reserve space for ':xxxxx', incl. potential proxy */ | ||
| 25 | if (proxy) | ||
| 26 | - blen += 12; | ||
| 27 | + blen += 17; | ||
| 28 | else | ||
| 29 | - blen += 6; | ||
| 30 | + blen += 11; | ||
| 31 | } | ||
| 32 | bp = (char*)xmlMallocAtomic(blen); | ||
| 33 | if ( bp == NULL ) { | ||
| 34 | -- | ||
| 35 | 2.7.4 | ||
| 36 | |||