From: akuster808 <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] libxml2: Backport fix for CVE introduced entity issues
Date: Thu, 15 Jan 2015 08:36:06 -0800 [thread overview]
Message-ID: <54B7EC76.9090306@gmail.com> (raw)
In-Reply-To: <1421314636.31262.42.camel@linuxfoundation.org>
this will be required for dizzy when I pull in the cve fix ( which i
missed)..
On 01/15/2015 01:37 AM, Richard Purdie wrote:
> The CVE fix introduced problems with entity issues, we observed this
> when building the Yocto Docs in particular. Backport the fix from
> upstream so we can build our docs correctly.
>
> [YOCTO #7134]
>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
>
> diff --git a/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch b/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch
> new file mode 100644
> index 0000000..10a8112
> --- /dev/null
> +++ b/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch
> @@ -0,0 +1,30 @@
> +From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001
> +From: Daniel Veillard <veillard@redhat.com>
> +Date: Thu, 23 Oct 2014 11:35:36 +0800
> +Subject: Fix missing entities after CVE-2014-3660 fix
> +
> +For https://bugzilla.gnome.org/show_bug.cgi?id=738805
> +
> +The fix for CVE-2014-3660 introduced a regression in some case
> +where entity substitution is required and the entity is used
> +first in anotther entity referenced from an attribute value
> +
> +Upstream-Status: Backport
> +
> +diff --git a/parser.c b/parser.c
> +index 67c9dfd..a8d1b67 100644
> +--- a/parser.c
> ++++ b/parser.c
> +@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
> + * far more secure as the parser will only process data coming from
> + * the document entity by default.
> + */
> +- if ((ent->checked == 0) &&
> ++ if (((ent->checked == 0) ||
> ++ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) &&
> + ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) ||
> + (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) {
> + unsigned long oldnbent = ctxt->nbentities;
> +--
> +cgit v0.10.1
> +
> diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb b/meta/recipes-core/libxml/libxml2_2.9.2.bb
> index f0cfa59..1affff1 100644
> --- a/meta/recipes-core/libxml/libxml2_2.9.2.bb
> +++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb
> @@ -1,6 +1,7 @@
> require libxml2.inc
>
> -SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar"
> +SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
> + file://72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch"
>
> SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788"
> SRC_URI[libtar.sha256sum] = "5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc"
>
>
next prev parent reply other threads:[~2015-01-15 16:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-15 9:37 [PATCH] libxml2: Backport fix for CVE introduced entity issues Richard Purdie
2015-01-15 16:36 ` akuster808 [this message]
2015-01-15 17:07 ` Burton, Ross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54B7EC76.9090306@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox