#7152 closed enhancement (fixed)
libxml2-2.9.3
| Reported by: | Fernando de Oliveira | Owned by: | Pierre Labastie |
|---|---|---|---|
| Priority: | high | Milestone: | 7.9 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by ) ¶
Security Update ¶
See Security in the news, below.
http://xmlsoft.org/sources/libxml2-2.9.3.tar.gz
http://xmlsoft.org/sources/libxml2-2.9.3.tar.gz.asc
http://www.xmlsoft.org/news.html
v2.9.3: Nov 20 2015
• Security:
◦ CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh
Davenport),
◦ CVE-2015-7500 Fix memory access error due to incorrect entities
boundaries (Daniel Veillard),
◦ CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard),
◦ CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel
Veillard),
◦ CVE-2015-5312 Another entity expansion issue (David Drysdale),
◦ CVE-2015-7497 Avoid an heap buffer overflow in
xmlDictComputeFastQKey (David Drysdale),
◦ CVE-2015-7498 Avoid processing entities after encoding conversion
failures (Daniel Veillard),
◦ CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard),
◦ CVE-2015-7942-2 Fix an error in previous Conditional section patch
(Daniel Veillard),
◦ CVE-2015-7942 Another variation of overflow in Conditional
sections (Daniel Veillard),
◦ CVE-2015-1819 Enforce the reader to run in constant memory (Daniel
Veillard)
◦ CVE-2015-7941_2 Cleanup conditional section error handling (Daniel
Veillard),
◦ CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel
Veillard),
• Documentation:
◦ Correct spelling of "calling" (Alex Henrie),
◦ Fix a small error in xmllint --format description (Fabien
Degomme),
◦ Avoid XSS on the search of xmlsoft.org (Daniel Veillard)
• Portability:
◦ threads: use forward declarations only for glibc (Michael
Heimpold),
◦ Update Win32 configure.js to search for configure.ac (Daniel
Veillard)
• Bug Fixes:
◦ Bug on creating new stream from entity (Daniel Veillard),
◦ Fix some loop issues embedding NEXT (Daniel Veillard),
◦ Do not print error context when there is none (Daniel Veillard),
◦ Avoid extra processing of MarkupDecl when EOF (Hugh Davenport),
◦ Fix parsing short unclosed comment uninitialized access (Daniel
Veillard),
◦ Add missing Null check in xmlParseExternalEntityPrivate (Gaurav
Gupta),
◦ Fix a bug in CData error handling in the push parser (Daniel
Veillard),
◦ Fix a bug on name parsing at the end of current input buffer
(Daniel Veillard),
◦ Fix the spurious ID already defined error (Daniel Veillard),
◦ Fix previous change to node sort order (Nick Wellnhofer),
◦ Fix a self assignment issue raised by clang (Scott Graham),
◦ Fail parsing early on if encoding conversion failed (Daniel
Veillard),
◦ Do not process encoding values if the declaration if broken
(Daniel Veillard),
◦ Silence clang's -Wunknown-attribute (Michael Catanzaro),
◦ xmlMemUsed is not thread-safe (Martin von Gagern),
◦ Fix support for except in nameclasses (Daniel Veillard),
◦ Fix order of root nodes (Nick Wellnhofer),
◦ Allow attributes on descendant-or-self axis (Nick Wellnhofer),
◦ Fix the fix to Windows locking (Steve Nairn),
◦ Fix timsort invariant loop re: Envisage article (Christopher
Swenson),
◦ Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer),
◦ Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer),
◦ Remove various unused value assignments (Philip Withnall),
◦ Fix missing entities after CVE-2014-3660 fix (Daniel Veillard),
◦ Revert "Missing initialization for the catalog module" (Daniel
Veillard)
• Improvements:
◦ Reuse xmlHaltParser() where it makes sense (Daniel Veillard),
◦ xmlStopParser reset errNo (Daniel Veillard),
◦ Reenable xz support by default (Daniel Veillard),
◦ Recover unescaped less-than character in HTML recovery parsing
(Daniel Veillard),
◦ Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance),
◦ Regression test for bug #695699 (Nick Wellnhofer),
◦ Add a couple of XPath tests (Nick Wellnhofer),
◦ Add Python 3 rpm subpackage (Tomas Radej),
◦ libxml2-config.cmake.in: update include directories (Samuel
Martin),
◦ Adding example from bugs 738805 to regression tests (Daniel
Veillard)
• Cleanups:
Change History (10)
comment:1 by , 9 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 9 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 9 years ago
| Description: | modified (diff) |
|---|
Sorry, Pierre, just another typo I committed in the Description. Apologies for intruding in your ticket.
comment:4 by , 9 years ago
Tickets are a place for dialog, so thanks for "intruding"! Actually, I took it for helping, but I cannot make it today (will do tonight or tomorrow). So feel free to reassign in the mean-time.
comment:5 by , 9 years ago
Thanks.
No, it is a pleasure having you doing it.
BTW, I'm trying to take as much as I (think I) can, because there are times tickets get accumulating.
However, any ticket I own, anytime, just ask (you, Ken, Bruce, Igor, ...) if you want.
comment:6 by , 9 years ago
In the http://xmlsoft.org/sources/ directory, there are libxml2-tests-version.tar.gz tarballs, which seem to contain a lot of test cases. Also, there is a makefile target "testall", which seems to run more tests than "check", but some of those tests seem to fail.
I do not know if it is worth talking about those.
comment:7 by , 9 years ago
| Description: | modified (diff) |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
Fixed at r16680. For now, the supplementary tests are not mentioned. If anybody thinks it would be worthwhile to include them, please reopen.
comment:8 by , 9 years ago
Sorry, I was going to tell that a few words, similar to what you wrote in comment:6, might be worth.
comment:9 by , 9 years ago
Thanks for your answer. I had no time left today (to many things to do this week-end). I'll think of some addition, but my main problem is that the current tests pass, but many supplementary tests don't... And as always with tests, it is never clear why the tests fail: is it because of some forgotten option in the build or is it expected because of the current state of the package? I'll try to look closer during the next days.
comment:10 by , 9 years ago
Please, I was not suggesting to spend much time. Just mentioning the existence and perhaps the comment that some tests fail.
Sorry.