Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Dear Stable Release Team, There's an old bug reported against xml-security-c (#922984), which was fixed in the 2.0 branch in buster but still lingers around in 1.7 in stretch. I'm ready to upload with the following debdiff: $ debdiff xml-security-c_1.7.3-4+deb9u[23].dsc diff -Nru xml-security-c-1.7.3/debian/changelog xml-security-c-1.7.3/debian/changelog --- xml-security-c-1.7.3/debian/changelog 2018-12-10 11:45:41.000000000 +0100 +++ xml-security-c-1.7.3/debian/changelog 2020-07-04 12:47:24.000000000 +0200 @@ -1,3 +1,10 @@ +xml-security-c (1.7.3-4+deb9u3) stretch; urgency=medium + + * [02c3993] New patch: Fix a length bug in concat method. + Thanks to Scott Cantor (Closes: #922984 ) + + -- Ferenc Wágner <wf...@debian.org> Sat, 04 Jul 2020 12:47:24 +0200 + xml-security-c (1.7.3-4+deb9u2) stretch; urgency=medium * [12dd825] New patches: DSA verification crashes OpenSSL on invalid diff -Nru xml-security-c-1.7.3/debian/patches/Fix-a-length-bug-in-concat-method.patch xml-security-c-1.7.3/debian/patches/Fix-a-length-bug-in-concat-method.patch --- xml-security-c-1.7.3/debian/patches/Fix-a-length-bug-in-concat-method.patch 1970-01-01 01:00:00.000000000 +0100 +++ xml-security-c-1.7.3/debian/patches/Fix-a-length-bug-in-concat-method.patch 2020-07-04 12:47:01.000000000 +0200 @@ -0,0 +1,24 @@ +From: Scott Cantor <scan...@apache.org> +Date: Mon, 4 Sep 2017 18:41:41 +0000 +Subject: Fix a length bug in concat method. + +git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1807280 13f79535-47bb-0310-9956-ffa450edef68 + +Closes: #922984 +--- + xsec/utils/XSECSafeBuffer.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/xsec/utils/XSECSafeBuffer.cpp b/xsec/utils/XSECSafeBuffer.cpp +index 71ae9a0..6d0798b 100644 +--- a/xsec/utils/XSECSafeBuffer.cpp ++++ b/xsec/utils/XSECSafeBuffer.cpp +@@ -639,7 +639,7 @@ void safeBuffer::sbXMLChCat(const char * str) { + + assert (t != NULL); + +- len += XMLString::stringLen(t); ++ len += XMLString::stringLen(t) * size_XMLCh; + len += (xsecsize_t) (2 * size_XMLCh); + + checkAndExpand(len); diff -Nru xml-security-c-1.7.3/debian/patches/series xml-security-c-1.7.3/debian/patches/series --- xml-security-c-1.7.3/debian/patches/series 2018-12-10 11:45:41.000000000 +0100 +++ xml-security-c-1.7.3/debian/patches/series 2020-07-04 12:47:01.000000000 +0200 @@ -24,3 +24,4 @@ Default-KeyInfo-resolver-doesn-t-check-for-empty-element-.patch SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch +Fix-a-length-bug-in-concat-method.patch