FS#47095 : [libxml2] buffer overflow in xmlParseMarkupDecl()

FS#47095 - [libxml2] buffer overflow in xmlParseMarkupDecl()

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Tuesday, 17 November 2015, 15:16 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 09 December 2015, 13:54 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Jan de Groot (JGC)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Christian Rebischke (Shibumi) (2015-11-20)
Private	No

Details

Hello,

A buffer overflow has been found[1] in libxml2 <= 2.9.2, allowing at least denial of service. A patch[2] is available upstream but no new version has been released yet, so we probably should backport it.

There is no CVE assigned[3] yet that I am aware of, I will update as soon as one has been.

[1]: https://bugzilla.gnome.org/show_bug.cgi?id=756263
[2]: https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
[3]: http://seclists.org/oss-sec/2015/q4/291

This task depends upon

Closed by Jan de Groot (JGC)
Wednesday, 09 December 2015, 13:54 GMT
Reason for closing: Fixed

Comment by Remi Gacogne (rgacogne) - Wednesday, 18 November 2015, 17:03 GMT

Looks like there are two separates issues, CVE-2015-8241 and CVE-2015-8242. I don't see a fix for the second one.

http://seclists.org/oss-sec/2015/q4/328

Comment by Remi Gacogne (rgacogne) - Friday, 20 November 2015, 11:30 GMT

libxml2 2.9.3 has been released, fixing a huge number of security issues:

https://mail.gnome.org/archives/xml/2015-November/msg00012.html

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#47095 - [libxml2] buffer overflow in xmlParseMarkupDecl()

Details

Loading...