Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
This is a proposal to fix CVE-2017-9765 in stretch. debdiff is attached. Mattias Ellert
diff -Nru gsoap-2.8.35/debian/changelog gsoap-2.8.35/debian/changelog
--- gsoap-2.8.35/debian/changelog 2016-12-06 09:32:36.000000000 +0100
+++ gsoap-2.8.35/debian/changelog 2017-08-16 11:58:11.000000000 +0200
@@ -1,3 +1,9 @@
+gsoap (2.8.35-4+deb9u1) stretch; urgency=medium
+
+ * Fix for CVE-2017-9765 (Closes: xxxx)
+
+ -- Mattias Ellert <mattias.ell...@physics.uu.se> Wed, 16 Aug 2017 11:58:11 +0200
+
gsoap (2.8.35-4) unstable; urgency=medium
* Rebuild for OpenSSL 1.1.0
diff -Nru gsoap-2.8.35/debian/patches/gsoap-CVE-2017-9765.patch gsoap-2.8.35/debian/patches/gsoap-CVE-2017-9765.patch
--- gsoap-2.8.35/debian/patches/gsoap-CVE-2017-9765.patch 1970-01-01 01:00:00.000000000 +0100
+++ gsoap-2.8.35/debian/patches/gsoap-CVE-2017-9765.patch 2017-08-16 11:54:02.000000000 +0200
@@ -0,0 +1,54 @@
+diff -ur gsoap-2.8.orig/gsoap/stdsoap2.c gsoap-2.8/gsoap/stdsoap2.c
+--- gsoap-2.8.orig/gsoap/stdsoap2.c 2016-04-03 03:33:31.000000000 +0200
++++ gsoap-2.8/gsoap/stdsoap2.c 2017-08-01 14:51:44.141083499 +0200
+@@ -1711,17 +1711,16 @@
+ soap_get_pi(struct soap *soap)
+ { char buf[64];
+ char *s = buf;
+- int i = sizeof(buf);
+- soap_wchar c = soap_getchar(soap);
+- /* This is a quick way to parse XML PI and we could use a callback instead to
+- * enable applications to intercept processing instructions */
+- while ((int)c != EOF && c != '?')
+- { if (--i > 0)
++ size_t i = sizeof(buf);
++ soap_wchar c;
++ /* Parse the XML PI encoding declaration and look for <?xml ... encoding=X ?> */
++ while ((int)(c = soap_getchar(soap)) != EOF && c != '?')
++ { if (i > 1)
+ { if (soap_blank(c))
+ c = ' ';
+ *s++ = (char)c;
++ i--;
+ }
+- c = soap_getchar(soap);
+ }
+ *s = '\0';
+ DBGLOG(TEST, SOAP_MESSAGE(fdebug, "XML PI <?%s?>\n", buf));
+diff -ur gsoap-2.8.orig/gsoap/stdsoap2.cpp gsoap-2.8/gsoap/stdsoap2.cpp
+--- gsoap-2.8.orig/gsoap/stdsoap2.cpp 2016-04-03 03:33:31.000000000 +0200
++++ gsoap-2.8/gsoap/stdsoap2.cpp 2017-08-01 14:51:44.143083498 +0200
+@@ -1711,17 +1711,16 @@
+ soap_get_pi(struct soap *soap)
+ { char buf[64];
+ char *s = buf;
+- int i = sizeof(buf);
+- soap_wchar c = soap_getchar(soap);
+- /* This is a quick way to parse XML PI and we could use a callback instead to
+- * enable applications to intercept processing instructions */
+- while ((int)c != EOF && c != '?')
+- { if (--i > 0)
++ size_t i = sizeof(buf);
++ soap_wchar c;
++ /* Parse the XML PI encoding declaration and look for <?xml ... encoding=X ?> */
++ while ((int)(c = soap_getchar(soap)) != EOF && c != '?')
++ { if (i > 1)
+ { if (soap_blank(c))
+ c = ' ';
+ *s++ = (char)c;
++ i--;
+ }
+- c = soap_getchar(soap);
+ }
+ *s = '\0';
+ DBGLOG(TEST, SOAP_MESSAGE(fdebug, "XML PI <?%s?>\n", buf));
diff -Nru gsoap-2.8.35/debian/patches/series gsoap-2.8.35/debian/patches/series
--- gsoap-2.8.35/debian/patches/series 2016-09-26 14:49:01.000000000 +0200
+++ gsoap-2.8.35/debian/patches/series 2017-08-16 11:57:36.000000000 +0200
@@ -10,3 +10,6 @@
# Backport fix from upstream
gsoap-backport.patch
+
+# CVE-2017-9765
+gsoap-CVE-2017-9765.patch
signature.asc
Description: This is a digitally signed message part
