Bug#863019: marked as done (libxml2: CVE-2017-9049: heap-based buffer overflow in xmlDictComputeFastKey)

Wed, 23 Aug 2017 13:51:46 -0700 

Your message dated Wed, 23 Aug 2017 20:47:16 +0000
with message-id <[email protected]>
and subject line Bug#863019: fixed in libxml2 2.9.4+dfsg1-2.2+deb9u1
has caused the Debian Bug report #863019,
regarding libxml2: CVE-2017-9049: heap-based buffer overflow in 
xmlDictComputeFastKey
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
863019: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: libxml2
Version: 2.9.4+dfsg1-2.2
Severity: important
Tags: upstream security
Forwarded: https://bugzilla.gnome.org/show_bug.cgi?id=781205

Hi,

the following vulnerability was published for libxml2.

CVE-2017-9049[0]:
| libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based
| buffer over-read in the xmlDictComputeFastKey function in dict.c. This
| vulnerability causes programs that use libxml2, such as PHP, to crash.
| This vulnerability exists because of an incomplete fix for libxml2 Bug
| 759398.

As per [1] this corresponds to (a yet closed) upstream report [2]. The
[1] posting contains a proposed patch (which is not yet upstream
acked).

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9049
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
[1] http://www.openwall.com/lists/oss-security/2017/05/15/1
[2] https://bugzilla.gnome.org/show_bug.cgi?id=781205

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: libxml2
Source-Version: 2.9.4+dfsg1-2.2+deb9u1

We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated libxml2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 19 Aug 2017 17:36:49 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg 
libxml2-doc python-libxml2 python-libxml2-dbg python3-libxml2 
python3-libxml2-dbg
Architecture: source
Version: 2.9.4+dfsg1-2.2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian XML/SGML Group <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 863018 863019 863021 863022 870865 870867 870870
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug 
extension)
 python3-libxml2 - Python3 bindings for the GNOME XML library
 python3-libxml2-dbg - Python3 bindings for the GNOME XML library (debug 
extension)
Changes:
 libxml2 (2.9.4+dfsg1-2.2+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Increase buffer space for port in HTTP redirect support (CVE-2017-7376)
     Incorrect limit was used for port values. (Closes: #870865)
   * Prevent unwanted external entity reference (CVE-2017-7375)
     Missing validation for external entities in xmlParsePEReference.
     (Closes: #870867)
   * Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050)
     - Heap-based buffer over-read in function xmlDictComputeFastKey
       (CVE-2017-9049).
     - Heap-based buffer over-read in function xmlDictAddString
       (CVE-2017-9050).
     (Closes: #863019, #863018)
   * Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047,
     CVE-2017-9048)
     - Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047).
     - Stack-based buffer overflow in function xmlSnprintfElementContent
       (CVE-2017-9048).
     (Closes: #863022, #863021)
   * Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663)
     Heap buffer overflow in xmlAddID. (Closes: #870870)
Checksums-Sha1: 
 df8d7379224f77ab6a6c4d443c9bdefba287c141 3049 
libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
 ca9a4f7f1eab2b69ead6174885a5e6b1629ec956 2446412 
libxml2_2.9.4+dfsg1.orig.tar.xz
 85d5216fdadbe362d11ec4bd19b127a5acf5fdcf 33600 
libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz
Checksums-Sha256: 
 9cd8802fa5c7a6c89a23c755b41f5e9a114f7e74c4b5aeb303516c1f298df87a 3049 
libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
 a74ad55e346aa0b2b41903e66d21f8f3d2a736b3f41e32496376861ab484184e 2446412 
libxml2_2.9.4+dfsg1.orig.tar.xz
 6c9e6fed9d68a7992057e6153972d1582fc75ff3140f619ba9c0b024351c14e7 33600 
libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz
Files: 
 b651eec09442c237b38564cea286c342 3049 libs optional 
libxml2_2.9.4+dfsg1-2.2+deb9u1.dsc
 3ced197721416e7e2f13b0f4e0f1185b 2446412 libs optional 
libxml2_2.9.4+dfsg1.orig.tar.xz
 fe5416336a1b118695ac05fb4019a8c9 33600 libs optional 
libxml2_2.9.4+dfsg1-2.2+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmYXFZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ELtoP+QGKO/pvoqXCukGRP2N1YXz29cQg46zm
hFHHXhbgHV3za26ZYB27BsSvaJMtAskYg3OZmBL+jsctDsZNJQrBmAG7l9sJ1a6J
d1o+tG/r2cvVLnsSPUSPVaKTG4YyIuX06SLg9d0TJcCaPI4O2TsQ4MKpNKjXBjfi
ELzyYGV2l9pPcstlyaAOXmL27Va0W1DVUQhoa8+Smh08deDkV8V/+knINTVoGDny
KoUGUuPnHG8sjcRvhb+W+0pu5s4in3ck/KExtjdIjZws+m+IFrUqwiMJN06vmKcA
T2j47mVRoAYHCnJqP2bssRGDMJKH1sxfG9gewna4R30KrCBjJNGRTahTtxSW6wZd
VbhIQPCJ8+Foxej9xgL85RzjC0j9b99/3d2goaI3nfSXtr+FCZS9R0i2tCwq1Njk
Mve6++QgDgmeZOTijR4QiBN/WSZDBa6gLP4RjSrmjcGTfjxms1e5jhKy4qaRlRMB
wCmzCt7tbYBCYQ3YQ9zAich8bV43v2SHIwxrGn9ZzeLGbIdbQ0H6T7lHI/nIQoD9
BDXGP5AcD5FTzs2nlqFudzXnv4117er/LgFv6fBaEZzdt4NqQUesdKNibpvAH/L+
PO0cXBlihHkyospv1phcXkWzVkM8xUlFZczTBXmJA4rzRtFG2w7jl/Zgh6oEY8Br
yE8Sv8isjLp5
=MtaG
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to