[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/04: gnu: libxslt: Add fix for CVE-2015-7995.
|
From: |
Mark H. Weaver |
|
Subject: |
03/04: gnu: libxslt: Add fix for CVE-2015-7995. |
|
Date: |
Tue, 17 Nov 2015 19:32:37 +0000 |
mhw pushed a commit to branch security-updates
in repository guix.
commit c68e41c94dced66f0f2952eac8dbc610ca6483fc
Author: Mark H Weaver <address@hidden>
Date: Sun Nov 15 14:46:33 2015 -0500
gnu: libxslt: Add fix for CVE-2015-7995.
* gnu/packages/patches/libxslt-CVE-2015-7995.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxslt)[source]: Add patch.
---
gnu-system.am | 1 +
gnu/packages/patches/libxslt-CVE-2015-7995.patch | 29 ++++++++++++++++++++++
gnu/packages/xml.scm | 3 +-
3 files changed, 32 insertions(+), 1 deletions(-)
diff --git a/gnu-system.am b/gnu-system.am
index 0366ece..741bedf 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -587,6 +587,7 @@ dist_patch_DATA =
\
gnu/packages/patches/libxml2-id-attrs-in-xmlSetTreeDoc.patch \
gnu/packages/patches/libxml2-node-sort-order-pt1.patch \
gnu/packages/patches/libxml2-node-sort-order-pt2.patch \
+ gnu/packages/patches/libxslt-CVE-2015-7995.patch \
gnu/packages/patches/lirc-localstatedir.patch \
gnu/packages/patches/libpthread-glibc-preparation.patch \
gnu/packages/patches/lm-sensors-hwmon-attrs.patch \
diff --git a/gnu/packages/patches/libxslt-CVE-2015-7995.patch
b/gnu/packages/patches/libxslt-CVE-2015-7995.patch
new file mode 100644
index 0000000..f291d5b
--- /dev/null
+++ b/gnu/packages/patches/libxslt-CVE-2015-7995.patch
@@ -0,0 +1,29 @@
+From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <address@hidden>
+Date: Thu, 29 Oct 2015 19:33:23 +0800
+Subject: [PATCH] Fix for type confusion in preprocessing attributes
+
+CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
+We need to check that the parent node is an element before dereferencing
+its namespace
+---
+ libxslt/preproc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/preproc.c b/libxslt/preproc.c
+index 0eb80a0..7f69325 100644
+--- a/libxslt/preproc.c
++++ b/libxslt/preproc.c
+@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr
inst) {
+ } else if (IS_XSLT_NAME(inst, "attribute")) {
+ xmlNodePtr parent = inst->parent;
+
+- if ((parent == NULL) || (parent->ns == NULL) ||
++ if ((parent == NULL) ||
++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
+ ((parent->ns != inst->ns) &&
+ (!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
+ (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
+--
+2.6.3
+
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 90ad521..a296e0a 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -150,7 +150,8 @@ project (but it is usable outside of the Gnome platform).")
version ".tar.gz"))
(sha256
(base32
- "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz"))))
+ "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz"))
+ (patches (list (search-patch "libxslt-CVE-2015-7995.patch")))))
(build-system gnu-build-system)
(home-page "http://xmlsoft.org/XSLT/index.html";)
(synopsis "C library for applying XSLT stylesheets to XML documents")
- branch security-updates created (now b523069), Mark H. Weaver, 2015/11/17
- 01/04: gnu: libpng: Update to 1.5.24 [fixes CVE-2015-8126]., Mark H. Weaver, 2015/11/17
- 03/04: gnu: libxslt: Add fix for CVE-2015-7995.,
Mark H. Weaver <=
- 04/04: gnu: libsndfile: Add fixes for CVE-2014-9496 and CVE-2015-7805., Mark H. Weaver, 2015/11/17
- 02/04: gnu: libxml2: Add fixes for CVE-2015-{1819, 7941, 7942, 8035} and other bugs., Mark H. Weaver, 2015/11/17