Bug 420335

Comment 1 Pacho Ramos 2012-06-09 10:38:25 UTC

Looks ok to me, could you also report this to upstream to not need to carry this patch forever? -> bugzilla.gnome.org

Comment 2 Pacho Ramos 2012-06-14 06:55:42 UTC

*** Bug 421029 has been marked as a duplicate of this bug. ***

Comment 3 Richard Yao (RETIRED) 2012-06-14 12:06:16 UTC

(In reply to comment #1)
> Looks ok to me, could you also report this to upstream to not need to carry
> this patch forever? -> bugzilla.gnome.org

Sorry about the duplicate report. I was going through my backlog and forgot that I had already filed this. Anyway, I will send this upstream when I get a chance.

Comment 4 Alexandre Rostovtsev (RETIRED) 2012-09-10 05:24:43 UTC

This was already fixed upstream in libxstl-1.1.27-rc1, see http://git.gnome.org/browse/libxslt/tree/configure.in?id=v1.1.27-rc1

I've applied the patch in our 1.1.26-r4.

>*libxslt-1.1.26-r4 (10 Sep 2012)
>
>  10 Sep 2012; Alexandre Rostovtsev <tetromino@gentoo.org>
>  +files/0002-Hardening-ofcodecheckingnodetypesinvariousentrypoint.patch,
>  +libxslt-1.1.26-r4.ebuild, +files/libxslt-1.1.26-generate-id-crash.patch,
>  +files/libxslt-1.1.26-node-type-1.patch,
>  +files/libxslt-1.1.26-node-type-2.patch,
>  +files/libxslt-1.1.26-node-type-3.patch,
>  +files/libxslt-1.1.26-pattern-compile-crash.patch,
>  +files/libxslt-1.1.26-posix-comparison.patch:
>  Ensure special treatment for namespace nodes (CVE-2012-2871) and fix
>  use-after-free errors (CVE-2012-2870); bug #433603, thanks to Paweł Hajdan,
>  Jr. Fix non-posix comparison in configure; bug #420335, thanks to Richard
>  Yao.