Opened 3 days ago

Closed 3 days ago

#5675 closed enhancement (fixed)

expat-2.7.0

Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 12.4
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (3)

comment:1 by Bruce Dubbs, 3 days ago

Security fixes:

CVE-2024-8176 -- Fix crash from chaining a large number of entities caused by stack overflow by resolving use of recursion, for all three uses of entities:

general entities in character data ("<e>&g1;</e>") general entities in attribute values ("<e k1='&g1;'/>") parameter entities ("%p1;") Known impact is (reliable and easy) denial of service: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C (Base Score: 7.5, Temporal Score: 7.2) Please note that a layer of compression around XML can significantly reduce the minimum attack payload size.

Other changes:

Autotools: Make generated CMake files look for libexpat.@SO_MAJOR@.dylib on macOS Autotools: Sync CMake templates with CMake 3.29 CMake: Drop support for CMake <3.13 CMake: Small fuzzing related improvements docs: Add missing documentation of error code XML_ERROR_NOT_STARTED that was introduced with 2.6.4 docs: Document need for C++11 compiler for use from C++ tests/benchmark: Fix a (harmless) TOCTTOU Windows: Fix installer target location of file xmlwf.xml for CMake Windows: Address warning -Wunknown-warning-option about -Wno-pedantic-ms-format from LLVM MinGW Address Cppcheck warnings Mass-migrate links from ​http:// to ​https://

Document changes since the previous release

Version info bumped from 11:0:10 (libexpat*.so.1.10.0) to 11:1:10 (libexpat*.so.1.10.1); see ​https://verbump.de/ for what these numbers do

Infrastructure:

tests: Increase robustness tests: Increase test coverage Fuzzing: Add new fuzzer "xml_lpm_fuzzer" based on Google's libprotobuf-mutator ("LPM") Fuzzing|CI: Start producing fuzzing code coverage reports CI: Pass -q -q for LCOV >=2.1 in coverage.sh CI: Small fuzzing related improvements CI: Make GitHub Actions build using MSVC on Windows and produce 32bit and 64bit Windows binaries CI: Get off of about-to-be-removed Ubuntu 20.04 CI: Start uploading to Coverity Scan for static analysis CI: Stop loading DTD from the internet to address flaky CI CI: Adapt to breaking changes in Cppcheck

comment:2 by Douglas R. Reno, 3 days ago

Priority: normalhigh

Bump the priority because of CVE-2024-8176

comment:3 by Bruce Dubbs, 3 days ago

Resolution: fixed
Status: newclosed

Fixed at commit 461741b243.

Note: See TracTickets for help on using tickets.