Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 583888 (CVE-2016-1836, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840)

Summary: <dev-libs/libxml2-2.9.4: multiple vulnerabilities
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: gnome
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.xmlsoft.org/news.html
Whiteboard: A2 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2016-05-23 14:52:08 UTC 
From ${URL} :

Security:
More format string warnings with possible format string vulnerability (David Kilzer),
Avoid building recursive entities (Daniel Veillard),
Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde),
Heap-based buffer-underreads due to xmlParseName (David Kilzer),
Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde),
Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde),
Fix some format string warnings with possible format string vulnerability (David Kilzer),
Detect change of encoding when parsing HTML names (Hugh Davenport),
Fix inappropriate fetch of entities content (Daniel Veillard),
Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde),
Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde),
Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer),
Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde),
Add missing increments of recursion depth counter to XML parser. (Peter Simons)



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-19 00:42:52 UTC 
Bug https://bugzilla.gnome.org/show_bug.cgi?id=759398 is CVE-2016-1836.

Bug https://bugzilla.gnome.org/show_bug.cgi?id=758605 is CVE-2016-1839 handled by bug 573820.

Bug https://bugzilla.gnome.org/show_bug.cgi?id=758588 is CVE-2016-1838.

Bug https://bugzilla.gnome.org/show_bug.cgi?id=757711 is CVE-2016-1840.

Each vulnerability was fixed by v2.9.4.

v2.9.4 landed in Gentoo repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-libs/libxml2?id=b68f9389191396b4febff3e7b61f939189364426


@ Security: Please vote!
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-01-16 21:26:16 UTC 
This issue was resolved and addressed in
 GLSA 201701-37 at https://security.gentoo.org/glsa/201701-37
by GLSA coordinator Thomas Deutschmann (whissi).