CVE-2012-2871 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2871): libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. http://git.gnome.org/browse/libxml2/commit/?id=6ca24a39d0eb7fd7378a5bc8be3286bf745a36ba
Should be fixed in libxml2-2.8.0-r2. Thanks for reporting! >*libxml2-2.8.0-r2 (09 Sep 2012) > > 09 Sep 2012; Alexandre Rostovtsev <tetromino@gentoo.org> > -files/libxml2-2.7.2-winnt.patch, -libxml2-2.7.8-r5.ebuild, > -files/libxml2-2.7.8-allocation-error-copying-entities.patch, > -files/libxml2-2.7.8-error-xpath.patch, > -files/libxml2-2.7.8-hardening-xpath.patch, > -files/libxml2-2.7.8-hash-randomization.patch, > -files/libxml2-2.7.8-reactivate-script.patch, > -files/libxml2-2.7.8-reallocation-failures.patch, > -files/libxml2-2.7.8-windows-thread_t.patch, > -files/libxml2-2.7.8-xpath-freeing.patch, > -files/libxml2-2.7.8-xpath-freeing2.patch, > -files/libxml2-2.7.8-xpath-memory.patch, +libxml2-2.8.0-r2.ebuild: > Add upstream patches to ensure special treatment for namespace nodes > (CVE-2012-2871, bug #434344, thanks to Paweł Hajdan, Jr. and Sean Amoss). > Drop old version.
Great, thanks. Arches, please test and mark stable: =dev-libs/libxml2-2.8.0-r2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
amd64 stable
x86 stable, thanks.
alpha/arm/ia64/s390/sh/sparc stable
stable ppc64
stable ppc
Thanks, everyone. Filing a new GLSA request.
m68k -> ~ only, removing from CC. @maintainers: cleanup please.
(In reply to Chris Reffett from comment #10) > @maintainers: cleanup please. This was cleaned up a year ago :) > 22 Sep 2012; Pacho Ramos <pacho@gentoo.org> > -files/libxml2-2.8.0_rc1-randomization-threads.patch, > -libxml2-2.8.0-r1.ebuild, -libxml2-2.8.0_rc1.ebuild: > Drop old.
(In reply to Alexandre Rostovtsev from comment #11) > (In reply to Chris Reffett from comment #10) > > @maintainers: cleanup please. > > This was cleaned up a year ago :) Yep, so, just waiting for GLSA
This issue was resolved and addressed in GLSA 201311-06 at http://security.gentoo.org/glsa/glsa-201311-06.xml by GLSA coordinator Sean Amoss (ackle).