Bug 45355 - libxml2: Multiple issues (4.2)
libxml2: Multiple issues (4.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2-3-errata
Assigned To: Arvid Requate
Jürn Brodersen
:
Depends on:
Blocks: 44971
  Show dependency treegraph
 
Reported: 2017-09-08 13:29 CEST by Arvid Requate
Modified: 2017-12-14 12:55 CET (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score: 8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2017-09-08 13:29:46 CEST
Upstream Debian package version 2.9.1+dfsg1-5+deb8u5 fixes these issues:

* A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library (CVE-2017-0663)

* Missing validation for external entities in xmlParsePEReference (CVE-2017-7375)

* Incorrect limit used for port values (CVE-2017-7376)

* Denial of Service (application crash) due to buffer overflow in function xmlSnprintfElementContent in valid.c (CVE-2017-9047)

* Denial of Service (application crash) due to stack-based buffer overflow in the function xmlSnprintfElementContent in valid.c (CVE-2017-9048)

* Denial of Service (application crash) due to heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c (CVE-2017-9049)

* Denial of Service (application crash) due to heap-based buffer over-read in the xmlDictAddString function in dict.c (CVE-2017-9050)
Comment 1 Arvid Requate univentionstaff 2017-12-11 19:50:43 CET
Imported and built.

Advisory:
https://git.knut.univention.de/univention/ucs/blob/4.2-3/doc/errata/staging/libxml2.yaml
Comment 2 Jürn Brodersen univentionstaff 2017-12-12 10:18:18 CET
Build failed? -> 2.9.1+dfsg1-5+deb8u5A~4.2.0.201712111935
Comment 3 Arvid Requate univentionstaff 2017-12-12 13:07:44 CET
> Build failed? -> 2.9.1+dfsg1-5+deb8u5A~4.2.0.201712111935

Yes, on amd64 the built failed apparently due to an issue caused by parallelization. Now it succeeded with -j 1.
Comment 4 Jürn Brodersen univentionstaff 2017-12-12 13:32:28 CET
Installation: OK
YAML: OK

Verified
Comment 5 Arvid Requate univentionstaff 2017-12-14 12:55:57 CET
<http://errata.software-univention.de/ucs/4.2/248.html>