Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 238480 - dev-libs/libxml2-2.6.32 USE=readline - xsltproc segfaults
Summary: dev-libs/libxml2-2.6.32 USE=readline - xsltproc segfaults
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Linux bug wranglers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-09-23 14:48 UTC by Andrej Filipcic
Modified: 2008-09-26 13:03 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrej Filipcic 2008-09-23 14:48:13 UTC
If dev-libs/libxml2-2.6.32 is compiled with readline use flag, xsltproc segfaults on exit, as described previously in bug #194089, last post. This is true also for older libxml2/libxslt versions. The xsltproc crashing was reported before in several bug reports, but never really traced down. The readline flag should be disabled for this package, at least for amd64. I have not tested on x86 or other arch.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2008-09-23 18:34:19 UTC
Please post your `emerge --info' too.
Comment 2 Andrej Filipcic 2008-09-23 18:42:07 UTC
Sure...

Portage 2.2_rc9 (default/linux/amd64/2008.0, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.25-gentoo-r4 x86_64)                                                        
=================================================================               
System uname: Linux-2.6.25-gentoo-r4-x86_64-Dual-Core_AMD_Opteron-tm-_Processor_2218-with-glibc2.2.5                                                            
Timestamp of tree: Tue, 23 Sep 2008 11:45:01 +0000                              
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]                                                                             
ccache version 2.4 [disabled]                                                   
app-shells/bash:     3.2_p39                                                    
dev-java/java-config: 1.3.7, 2.1.6-r1                                           
dev-lang/python:     2.4.4-r15, 2.5.2-r8                                        
dev-python/pycrypto: 2.0.1-r6                                                   
dev-util/ccache:     2.4-r7                                                     
sys-apps/baselayout: 2.0.0                                                      
sys-apps/openrc:     0.2.5                                                      
sys-apps/sandbox:    1.2.18.1-r3                                                
sys-devel/autoconf:  2.13, 2.63                                                 
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils:  2.18-r3                                                    
sys-devel/gcc-config: 1.4.0-r4                                                  
sys-devel/libtool:   2.2.6a                                                     
virtual/os-headers:  2.6.26                                                     
ACCEPT_KEYWORDS="amd64 ~amd64"                                                  
CBUILD="x86_64-pc-linux-gnu"                                                    
CFLAGS="-O2 -march=k8 -pipe"                                                    
CHOST="x86_64-pc-linux-gnu"                                                     
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/4.1/env /usr/kde/4.1/share/config /usr/kde/4.1/shutdown /usr/share/config /var/bind /var/lib/hsqldb"                                             
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/grid-security/certificates /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"                                         
CXXFLAGS="-O2 -march=k8 -pipe"                                                  
DISTDIR="/net/teran/d0/nfs/gentoo/distfiles"                                    
EMERGE_DEFAULT_OPTS="--with-bdeps y"                                            
FEATURES="buildpkg distcc distlocks parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch"                                
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"                                                           
LDFLAGS="-Wl,-O1"                                                               
LINGUAS="en sl"                                                                 
MAKEOPTS="-j32"                                                                 
PKGDIR="/net/teran/d0/nfs/gentoo/packages/amd64.gcc4"                           
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"                                                  
PORTAGE_TMPDIR="/var/tmp"                                                       
PORTDIR="/usr/portage"                                                          
PORTDIR_OVERLAY="/usr/portage/local/layman/desktop-effects /usr/portage/local/layman/xemacs /usr/portage/local/layman/pro-audio /usr/portage/local/layman/sunrise /usr/portage/local/layman/java-overlay /usr/portage/local/layman/kde-testing /net/teran/d0/nfs/gentoo/portage.local"                                          
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"                           
USE="3dnow 3dnowext X Xaw3d a52 aac aalib accessibility accounting acl acpi admin afs aiglx aio alsa amarok amd64 amr amrnb amrwb ansi ao apache2 applet arts asf athena atlas avahi bash-completion bcmath beagle berkdb bidi binfilter bl blas bluetooth bonjour bonobo branding bzip2 cairo calendar canvas caps cdb cddb cdio cdparanoia cdr cern chm cjk clamav cli colordiff console context cpudetection cracklib crciprec crypt css ctype cups curl curlwrappers cvs cyrillic cyrus daap dba dbm dbox2 dbus dc1394 dedicated deprecated designer-plugin device-mapper dga dia directfb diskio divx4linux djvu dlloader doc dri dssi dts dv dvb dvd dvdr dvi edl eds elf elisp emacs emacs-w3 enblend enca encode esd exif exiv2 expat extensible extra fame fastcgi fat fbcon festival ffmpeg fftw filepicker firefox fits flac flatfile float fluidsynth font-server foomaticdb fortran fping freebox freetts ftp fuse gadu galago games gcj gcl gd gdbm gif gimp gimpprint glitz gmp gnokii gnome gnuplot gnutls gphoto2 gpm gps graphics graphviz groupwise gsf gstreamer gtk gtk2 gtkhtml guile hal hash hdhomerun hfs howl hpn htmlhandbook humanities hyperestraier ical iconv id3tag idn ieee1394 ifp imagemagick imap imlib inkjar innodb inotify iodbc ipod ipv6 irda isdnlog ithreads ivtv jack jadetex java java5 javascript jfs jingle joystick jpeg jpeg2k json junit kde kdeprefix kerberos keyring kig-scripting krb4 ktts ladspa lapack laptop latex lcd lcms ldap ldap-sasl ldapsam libcaca libclamav libnotify libsamplerate lirc live lm_sensors logrotate lua lyx lzo mad maps math matroska mbox mcve md5sum mdnsresponder-compat meanwhile messenger mfd-rewrites mhash midi mikmod mime mjpeg mmx mmxext mng modplug mono mozbranding mozdevelop mozilla mozsvg mp2 mp3 mp4 mpeg mpi mplayer msn mtp mudflap mule multilib musepack music musicbrainz mysql mysqli nagios-dns nagios-ntp nagios-ping nas nautilus ncurses nemesi network networking networkmanager newxkb njb nls nptl nptlonly nsplugin ntfs nvidia nxclient objc odbc odk ogg ole omega openal openexr opengl openmp oscar oss overlays pam pcmcia pcntl pcre pda pdf pdo pear perl perlsuid php pic plotutils png pnm portaudio posix postfix postgres postgresql postscript povray ppds pppd prediction pstricks publishers pulseaudio pvr python qq qt qt-static qt3 qt3support qt4 quicktime quotas radio rar rdesktop reaa readline reflection regex reiser4 reiserfs rpc rtc ruby samba sasl sbcl scanner science sdl sdl-image seamonkey sendmail server session sift silc silvercity simplexml skey slang slp smime sms smux sndfile snmp soap sockets solver sound sox speex spell spl sql sqlite srt sse sse2 ssl ssse3 startup-notification subtitles subversion suhosin svg sysfs sysvipc t1lib taglib tcltk tcpd teletext tetex tex4ht tga theora threads thunderbird tidy tiff tk tokenizer transcode truetype truetype-fonts twolame type1-fonts unicode upnp usb utempter utf8 v4l v4l2 vcd vcdx vhosts visualization vorbis wavpack wddx webdav wifi wmf wxwindows x264 xanim xattr xcomposite xetex xface xfs xim xine xinerama xml xml2 xmlreader xmlrpc xmlwriter xmp xorg xpm xscreensaver xsl xulrunner xv xvid xvmc yazzephyr zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcmalaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspalfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias proxy auth_digest authn_dbd asis cern_meta charset_litedbd dumpio ident imagemap log_forensic proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_http version substitute" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en sl" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo nvidia radeonhd v4l"
Unset:  CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2008-09-24 04:45:23 UTC
Does the newer stable version exhibit this problem?

*libxml2-2.6.32-r1 (22 Aug 2008)

  22 Aug 2008; Mart Raudsepp <leio@gentoo.org>
  +files/libxml2-2.6.32-CVE-2008-3281.patch, +libxml2-2.6.32-r1.ebuild:
  Security (denial of service) fix - possible recursive evaluation of
  entities in xmlStringLenDecodeEntities() allowing possible memory and CPU
  exhaustion (CVE-2008-3281)