Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 575700 (CVE-2016-0729)

Summary: <dev-libs/xerces-c-3.1.3: parser crashes on malformed input (CVE-2016-0729)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: cpp+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1312231
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 584506    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2016-02-26 09:22:14 UTC
From ${URL} :

The Xerces-C XML parser mishandles certain kinds of malformed
input documents, resulting in buffer overlows during processing and error
reporting. The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. The bugs allow for a denial of service
attack in many applications by an unauthenticated attacker, and could
conceivably result in remote code execution.

External references:

http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt

Upstream patch:

http://svn.apache.org/viewvc?view=revision&revision=1727978


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 David Seifert gentoo-dev 2016-10-15 09:33:42 UTC
Should have been fixed with 3.1.3 already.

commit 305cee3cfcf1b0a2a787aad8ae9c5ac854b2533d
Author: David Seifert <soap@gentoo.org>
Date:   Sat Oct 15 11:30:09 2016 +0200

    dev-libs/xerces-c: Version bump to 3.1.4
    
    Gentoo-bug: 584506
    * EAPI=6
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-10-15 11:39:59 UTC
Confirmed this is fixed in =dev-libs/xerces-c-3.1.3

GLSA request opened.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2016-12-24 07:13:22 UTC
This issue was resolved and addressed in
 GLSA 201612-46 at https://security.gentoo.org/glsa/201612-46
by GLSA coordinator Aaron Bauman (b-man).