Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 434344 (CVE-2012-2871)

Summary: <dev-libs/libxml2-2.8.0-r2: heap-based buffer overflow (CVE-2012-2871)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: gnome
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2012-09-08 16:02:04 UTC
CVE-2012-2871 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2871):
  libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
  does not properly support a cast of an unspecified variable during handling
  of XSL transforms, which allows remote attackers to cause a denial of
  service or possibly have unknown other impact via a crafted document,
  related to the _xmlNs data structure in include/libxml/tree.h.


http://git.gnome.org/browse/libxml2/commit/?id=6ca24a39d0eb7fd7378a5bc8be3286bf745a36ba
Comment 1 Alexandre Rostovtsev (RETIRED) gentoo-dev 2012-09-09 02:30:55 UTC
Should be fixed in libxml2-2.8.0-r2. Thanks for reporting!

>*libxml2-2.8.0-r2 (09 Sep 2012)
>
>  09 Sep 2012; Alexandre Rostovtsev <tetromino@gentoo.org>
>  -files/libxml2-2.7.2-winnt.patch, -libxml2-2.7.8-r5.ebuild,
>  -files/libxml2-2.7.8-allocation-error-copying-entities.patch,
>  -files/libxml2-2.7.8-error-xpath.patch,
>  -files/libxml2-2.7.8-hardening-xpath.patch,
>  -files/libxml2-2.7.8-hash-randomization.patch,
>  -files/libxml2-2.7.8-reactivate-script.patch,
>  -files/libxml2-2.7.8-reallocation-failures.patch,
>  -files/libxml2-2.7.8-windows-thread_t.patch,
>  -files/libxml2-2.7.8-xpath-freeing.patch,
>  -files/libxml2-2.7.8-xpath-freeing2.patch,
>  -files/libxml2-2.7.8-xpath-memory.patch, +libxml2-2.8.0-r2.ebuild:
>  Add upstream patches to ensure special treatment for namespace nodes
>  (CVE-2012-2871, bug #434344, thanks to Paweł Hajdan, Jr. and Sean Amoss).
>  Drop old version.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-09-09 22:23:02 UTC
Great, thanks.

Arches, please test and mark stable:
=dev-libs/libxml2-2.8.0-r2
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Comment 3 Jeroen Roovers gentoo-dev 2012-09-10 15:30:58 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2012-09-11 18:07:44 UTC
amd64 stable
Comment 5 Andreas Schürch gentoo-dev 2012-09-15 14:42:12 UTC
x86 stable, thanks.
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2012-09-15 18:02:47 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 7 Anthony Basile gentoo-dev 2012-09-17 20:46:14 UTC
stable ppc64
Comment 8 Anthony Basile gentoo-dev 2012-09-18 16:32:43 UTC
stable ppc
Comment 9 Sean Amoss gentoo-dev Security 2012-09-18 19:03:51 UTC
Thanks, everyone.

Filing a new GLSA request.
Comment 10 Chris Reffett gentoo-dev Security 2013-09-22 14:02:42 UTC
m68k -> ~ only, removing from CC. @maintainers: cleanup please.
Comment 11 Alexandre Rostovtsev (RETIRED) gentoo-dev 2013-09-22 22:24:29 UTC
(In reply to Chris Reffett from comment #10)
> @maintainers: cleanup please.

This was cleaned up a year ago :)

>  22 Sep 2012; Pacho Ramos <pacho@gentoo.org>
>  -files/libxml2-2.8.0_rc1-randomization-threads.patch,
>  -libxml2-2.8.0-r1.ebuild, -libxml2-2.8.0_rc1.ebuild:
>  Drop old.
Comment 12 Sergey Popov gentoo-dev Security 2013-10-07 09:30:12 UTC
(In reply to Alexandre Rostovtsev from comment #11)
> (In reply to Chris Reffett from comment #10)
> > @maintainers: cleanup please.
> 
> This was cleaned up a year ago :)

Yep, so, just waiting for GLSA
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2013-11-10 15:18:56 UTC
This issue was resolved and addressed in
 GLSA 201311-06 at http://security.gentoo.org/glsa/glsa-201311-06.xml
by GLSA coordinator Sean Amoss (ackle).