Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits: a4f40a27 by Tobias Frost at 2023-04-17T18:45:01+02:00 libxml2: Fixing links from old git.gnome.org to gitlab.gnome.org. (Migrate URLs from old https://git.gnome.org/browse/libxml2/commit/?id= to https://gitlab.gnome.org/GNOME/libxml2/-/commit/) - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -344066,7 +344066,7 @@ CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzm - libxml2 <not-affected> (Fix for CVE-2017-18258 not applied, cf. bug #895195) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=794914 NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74 - NOTE: Before upstream commit https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb + NOTE: Before upstream commit https://gitlab.gnome.org/GNOME/libxml2/-/commit/e2a9122b8dde53d320750451e9907a7dcb2ca8bb NOTE: the memlimit argument to lzma_auto_decoder was set to UINT64_MAX, possibly NOTE: allowing a malicious LZMA compressed files to consume large amounts of memory NOTE: when decompressed. Setting memlimit to UINT64_MAX the limiter is effectively @@ -344081,7 +344081,7 @@ CVE-2017-18258 (The xz_head function in xzlib.c in libxml2 before 2.9.6 allows r [buster] - libxml2 2.9.4+dfsg1-7+deb10u1 [wheezy] - libxml2 <postponed> (Minor issue; wait for upstream fix for upstream bug 794914) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=786696 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/e2a9122b8dde53d320750451e9907a7dcb2ca8bb NOTE: When fixing this issue make sure to not open CVE-2018-9251 and apply NOTE: the fix for CVE-2018-9251 / https://bugzilla.gnome.org/show_bug.cgi?id=794914 CVE-2018-9250 (interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote ...) @@ -376288,7 +376288,7 @@ CVE-2017-15412 (Use after free in libxml2 before 2.9.5, as used in Google Chrome - libxml2 2.9.4+dfsg1-5.2 (bug #883790) NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=727039 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783160 (not public) - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=0f3b843b3534784ef57a4f9b874238aa1fda5a73 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/0f3b843b3534784ef57a4f9b874238aa1fda5a73 CVE-2017-15411 (Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowe ...) {DSA-4064-1} - chromium-browser 63.0.3239.84-1 @@ -395796,25 +395796,25 @@ CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based - libxml2 2.9.4+dfsg1-3.1 (bug #863018) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not public) NOTE: https://www.openwall.com/lists/oss-security/2017/05/15/1 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/e26630548e7d138d2c560844c43820b6767251e3 CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buff ...) {DSA-3952-1 DLA-1008-1} - libxml2 2.9.4+dfsg1-3.1 (bug #863019) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781205 (not public) NOTE: https://www.openwall.com/lists/oss-security/2017/05/15/1 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/e26630548e7d138d2c560844c43820b6767251e3 CVE-2017-9048 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buf ...) {DSA-3952-1 DLA-1008-1} - libxml2 2.9.4+dfsg1-3.1 (bug #863021) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781701 (not public) NOTE: https://www.openwall.com/lists/oss-security/2017/05/15/1 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab41475d4aa429c27d9afd175959d74 CVE-2017-9047 (A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g074180 ...) {DSA-3952-1 DLA-1008-1} - libxml2 2.9.4+dfsg1-3.1 (bug #863022) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781333 (not public) NOTE: https://www.openwall.com/lists/oss-security/2017/05/15/1 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab41475d4aa429c27d9afd175959d74 CVE-2017-9046 (winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code e ...) NOT-FOR-US: Pegasus Mail CVE-2017-9045 (The Google I/O 2017 application before 5.1.4 for Android downloads mul ...) @@ -401181,7 +401181,7 @@ CVE-2017-7376 (Buffer overflow in libxml2 allows remote attackers to execute arb - libxml2 2.9.4+dfsg1-3.1 (bug #870865) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public) NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 - NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e + NOTE: Fix upstream: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5dca9eea1bd4263bfa4d037ab2443de1cd730f7e NOTE: The upstream patch has the slight consequence that some port values end up NOTE: negative when cast to a 32-bit int. A negative port though in the URL would NOTE: make the URL invalid. It is discussed if instead it would be best to prevent @@ -401191,7 +401191,7 @@ CVE-2017-7375 (A flaw in libxml2 allows remote XML entity inclusion with default - libxml2 2.9.4+dfsg1-3.1 (bug #870867) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780691 (not yet public) NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa - NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e + NOTE: Fix upstream: https://gitlab.gnome.org/GNOME/libxml2/-/commit/90ccb58242866b0ba3edbef8fe44214a101c2b3e CVE-2017-7374 (Use-after-free vulnerability in fs/crypto/ in the Linux kernel before ...) - linux 4.9.25-1 [jessie] - linux <not-affected> (Vulnerable code not present; Introduced in 4.2-rc1) @@ -405541,7 +405541,7 @@ CVE-2017-5969 (** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows r NOTE: https://www.openwall.com/lists/oss-security/2016/11/05/3 NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=778519 NOTE: Duplicate upstream bug (contains patch): https://bugzilla.gnome.org/show_bug.cgi?id=758422 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=94691dc884d1a8ada39f073408b4bb92fe7fe882 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/94691dc884d1a8ada39f073408b4bb92fe7fe882 CVE-2017-5968 RESERVED CVE-2017-5967 (The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIME ...) @@ -408715,8 +408715,8 @@ CVE-2017-5130 (An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as us NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783026 (not public) NOTE: xmlMemoryStrdup is only for debugging with excpetion in xmlint when invoked NOTE: with --maxmem. Similar issue for xmlMallocLoc and xmlReallocLoc. - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed - NOTE: Needs follow up: https://git.gnome.org/browse/libxml2/commit/?id=ed48d65b4d6c5cec7be035ad5eebeba873b4b955 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/897dffbae322b46b83f99a607d527058a72c51ed + NOTE: Needs follow up: https://gitlab.gnome.org/GNOME/libxml2/-/commit/ed48d65b4d6c5cec7be035ad5eebeba873b4b955 CVE-2017-5129 (A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3 ...) {DSA-4020-1} - chromium-browser 62.0.3202.75-1 @@ -420252,7 +420252,7 @@ CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an - libxml2 2.9.4+dfsg1-3.1 (bug #870870) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public) NOTE: https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/92b9e8c8b3787068565a1820ba575d042f9eec66 CVE-2017-0662 RESERVED CVE-2017-0661 @@ -422643,11 +422643,11 @@ CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier a [jessie] - libxml2 <ignored> (Minor issue; intrusive to backport) [wheezy] - libxml2 <no-dsa> (Minor issue) NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=772726 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=2304078555896cf1638c628f50326aeef6f0e0d0 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/2304078555896cf1638c628f50326aeef6f0e0d0 NOTE: The patch introduces a new option that can be specified if this NOTE: behaviour is wanted. Not enforced by default. - NOTE: The option though was reverted in https://git.gnome.org/browse/libxml2/commit/?id=030b1f7a27c22f9237eddca49ec5e620b6258d7d - NOTE: New proposed/commited fix: https://git.gnome.org/browse/libxml2/commit/?id=ad88b54f1a28a8565964a370b5d387927b633c0d + NOTE: The option though was reverted in https://gitlab.gnome.org/GNOME/libxml2/-/commit/030b1f7a27c22f9237eddca49ec5e620b6258d7d + NOTE: New proposed/commited fix: https://gitlab.gnome.org/GNOME/libxml2/-/commit/ad88b54f1a28a8565964a370b5d387927b633c0d CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka libgd) befo ...) {DSA-3777-1 DLA-804-1} - libgd2 2.2.4-1 @@ -436709,8 +436709,8 @@ CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used in [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libxml2 2.9.4+dfsg1-2.1 (bug #840554) NOTE: Google fix: https://codereview.chromium.org/2127493002 - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e - NOTE: Requisite for the test: https://git.gnome.org/browse/libxml2/commit/?id=a005199330b86dada19d162cae15ef9bdcb6baa8 + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e + NOTE: Requisite for the test: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a005199330b86dada19d162cae15ef9bdcb6baa8 CVE-2016-5130 (content/renderer/history_controller.cc in Google Chrome before 52.0.27 ...) {DSA-3637-1} - chromium-browser 52.0.2743.82-1 @@ -438226,7 +438226,7 @@ CVE-2016-4659 CVE-2016-4658 (xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS ...) {DSA-3744-1 DLA-691-1} - libxml2 2.9.4+dfsg1-2.1 (bug #840553) - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1d1f7121194036608bf555f08d3062a36fd344b CVE-2016-4657 (WebKit in Apple iOS before 9.3.5 allows remote attackers to execute ar ...) - webkitgtk <removed> (unimportant) NOTE: https://www.youtube.com/watch?v=xkdPjbaLngE @@ -438916,19 +438916,19 @@ CVE-2016-4449 (XML external entity (XXE) vulnerability in the xmlStringLenDecode {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761430 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4) CVE-2016-4448 (Format string vulnerability in libxml2 before 2.9.4 allows attackers t ...) - libxml2 2.9.4+dfsg1-1 (bug #829718) [jessie] - libxml2 <ignored> (Minor impact; too intrusive to backport) [wheezy] - libxml2 <no-dsa> (Minor impact; too intrusive to backport) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761029 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 (v2.9.4) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/4472c3a5a5b516aaf59b89be602fbce52756c3e9 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b (v2.9.4) CVE-2016-4447 (The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 a ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759573 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/00906759053986b8079985644172085f74331f83 (v2.9.4) CVE-2016-4446 (The allow_execstack plugin for setroubleshoot allows local users to ex ...) NOT-FOR-US: setroubleshoot CVE-2016-4445 (The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 ...) @@ -439038,7 +439038,7 @@ CVE-2016-4483 (The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 (bug #823405) NOTE: Minor issue, only when using libxml2 using recovery mode - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766414 CVE-2016-4477 (wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters ...) {DLA-473-1} @@ -441043,7 +441043,7 @@ CVE-2016-3706 (Stack-based buffer overflow in the getaddrinfo function in sysdep CVE-2016-3705 (The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 (bug #823414) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8f30bdff69edac9075f4663ce3b56b0c52d48ce6 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f30bdff69edac9075f4663ce3b56b0c52d48ce6 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=765207 CVE-2016-3704 (Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate pas ...) NOT-FOR-US: Pulp (Red Hat) @@ -441382,7 +441382,7 @@ CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a d CVE-2016-3627 (The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earli ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 (bug #819006) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4) NOTE: https://www.openwall.com/lists/oss-security/2016/03/21/3 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=762100 CVE-2016-3615 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...) @@ -447269,47 +447269,47 @@ CVE-2016-1841 (libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, CVE-2016-1840 (Heap-based buffer overflow in the xmlFAParsePosCharGroup function in l ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/cbb271655cadeb8dbb258a64701d9a3a0c4835b4 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=757711 CVE-2016-1839 (The xmlDictAddString function in libxml2 before 2.9.4, as used in Appl ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a820dbeac29d330bae4be05d9ecd939ad6b4aa33 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758605 NOTE: https://code.google.com/p/google-security-research/issues/detail?id=637 CVE-2016-1838 (The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4 ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/db07dd613e461df93dde7902c6505629bf0734e9 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758588 NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=639 CVE-2016-1837 (Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiter ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/11ed4a7a90d5ce156a18980a4ad4e53e77384852 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=760263 CVE-2016-1836 (Use-after-free vulnerability in the xmlDictComputeFastKey function in ...) {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 [wheezy] - libxml2 <not-affected> (Vulnerable code not present) - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0 (v2.9.4) - NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=dcc19503193c71596278a252064a8ce66331b3cd (v2.9.2) + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/45752d2c334b50016666d8f0ec3691e2d680f0a0 (v2.9.4) + NOTE: Introduced by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/dcc19503193c71596278a252064a8ce66331b3cd (v2.9.2) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759398 NOTE: Regression applies to Jessie, since fix backported as 0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch CVE-2016-1835 (Use-after-free vulnerability in the xmlSAX2AttributeNs function in lib ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/38eae571111db3b43ffdeb05487c9f60551906fb (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759020 CVE-2016-1834 (Heap-based buffer overflow in the xmlStrncat function in libxml2 befor ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8fbbf5513d609c1770b391b99e33314cd0742704 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=763071 CVE-2016-1833 (The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76 (v2.9.4) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/0bcd05c5cd83dec3406c8f68b769b1d610c72f76 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758606 CVE-2016-1832 (libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1 ...) NOT-FOR-US: Apple @@ -447454,7 +447454,7 @@ CVE-2016-1763 (Messages in Apple iOS before 9.3 does not ensure that an auto-fil CVE-2016-1762 (The xmlNextChar function in libxml2 before 2.9.4 allows remote attacke ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a7a94612aa3b16779e2c74e1fa353b5d9786c602 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671 CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS befo ...) NOT-FOR-US: No public details available, probably Apple specific libxml2 changes @@ -454104,14 +454104,14 @@ CVE-2015-8242 (The xmlSAX2TextNode function in SAX2.c in the push interface in t [wheezy] - libxml2 <not-affected> (Vulnerable code introduced later) [squeeze] - libxml2 <not-affected> (Vulnerable code introduced later) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756372 - NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=826bc320206f70fccd2941a77d363e95e8076898 (v2.9.2-rc1) - NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2 (v2.9.3) + NOTE: Introduced by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/826bc320206f70fccd2941a77d363e95e8076898 (v2.9.2-rc1) + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8fb4a770075628d6441fb17a1e435100e2f3b1a2 (v2.9.3) CVE-2015-8241 (The xmlNextChar function in libxml2 2.9.2 does not properly check the ...) {DSA-3430-1 DLA-355-1} - libxml2 2.9.3+dfsg1-1 (bug #806384) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756263 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe - NOTE: Introduced/Uncovered by https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (fix for CVE-2015-7941) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe + NOTE: Introduced/Uncovered by https://gitlab.gnome.org/GNOME/libxml2/-/commit/a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (fix for CVE-2015-7941) NOTE: https://www.openwall.com/lists/oss-security/2015/11/17/5 CVE-2015-8239 (The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 all ...) - sudo 1.8.17p1-1 (bug #805563) @@ -454378,9 +454378,9 @@ CVE-2015-8317 (The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 {DSA-3430-1 DLA-355-1} - libxml2 2.9.2+zdfsg1-4 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=751631 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/709a952110e98621c9b78c4f26462a9d8333102e NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=751603 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9aa37588ee78a06ca1379a9d9356eab16686099c CVE-2015-XXXX [Kernel: Unprivileged user can freeze journald] - linux <unfixed> (unimportant) - linux-2.6 <not-affected> (Vulnerable code not present) @@ -454677,7 +454677,7 @@ CVE-2015-8035 (The xz_decomp function in xzlib.c in libxml2 2.9.1 does not prope {DSA-3430-1} - libxml2 2.9.3+dfsg1-1 (bug #803942) [squeeze] - libxml2 <not-affected> (No LZMA/XZ support in version 2.7.8) - NOTE: Upstream patch: https://git.gnome.org/browse/libxml2/commit/?id=f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 (v2.9.3) + NOTE: Upstream patch: https://gitlab.gnome.org/GNOME/libxml2/-/commit/f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 (v2.9.3) NOTE: You can use "xmllint --version" to verify if libxml2 is compiled with "Lzma" support. NOTE: sid's 2.9.2+zdfsg1-4 claims to have "Lzma" support but it's broken in fact... NOTE: so it barfs on the problematic file (parser error : Start tag expected, @@ -456426,23 +456426,23 @@ CVE-2015-7502 (Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudFo CVE-2015-7500 (The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows c ...) {DSA-3430-1 DLA-373-1} - libxml2 2.9.3+dfsg1-1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/f1063fdbe7fa66332bbb76874101c2a7b51b519f (v2.9.3) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756525 (upstream bug not yet open) CVE-2015-7499 (Heap-based buffer overflow in the xmlGROW function in parser.c in libx ...) {DSA-3430-1 DLA-373-1} - libxml2 2.9.3+dfsg1-1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc (v2.9.3) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/28cd9cb747a94483f4aea7f0968d202c20bb4cfc (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da (v2.9.3) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756479 (upstream bug not yet open) CVE-2015-7498 (Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c ...) {DSA-3430-1 DLA-373-1} - libxml2 2.9.3+dfsg1-1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43 (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/afd27c21f6b36e22682b7da20d726bce2dcb2f43 (v2.9.3) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756527 (upstream bug not yet open) CVE-2015-7497 (Heap-based buffer overflow in the xmlDictComputeFastQKey function in d ...) {DSA-3430-1 DLA-373-1} - libxml2 2.9.3+dfsg1-1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9 (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/6360a31a84efe69d155ed96306b9a931a40beab9 (v2.9.3) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756528 (upstream bug not yet open) CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proximate ...) - gdm3 3.18.2-1 @@ -462201,7 +462201,7 @@ CVE-2015-5313 (Directory traversal vulnerability in the virStorageBackendFileSys CVE-2015-5312 (The xmlStringLenDecodeEntities function in parser.c in libxml2 before ...) {DSA-3430-1 DLA-373-1} - libxml2 2.9.3+dfsg1-1 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/69030714cde66d525a8884bda01b9e8f0abf8e1e (v2.9.3) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756733 (upstream bug not yet open) CVE-2015-5311 (PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows rem ...) - pdns 3.4.7-1 @@ -467813,23 +467813,23 @@ CVE-2015-7942 (The xmlParseConditionalSections function in parser.c in libxml2 d - libxml2 2.9.3+dfsg1-1 (bug #802827) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756456#c0 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=41ac9049a27f52e7a1f3b341f8714149fc88d450 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/bd0526e66a56e75a18da8c15c4750db8f801c52d + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/41ac9049a27f52e7a1f3b341f8714149fc88d450 CVE-2015-7941 (libxml2 2.9.2 does not properly stop parsing invalid input, which allo ...) {DSA-3430-1 DLA-266-1} - libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980 NOTE: https://www.openwall.com/lists/oss-security/2015/04/19/5 NOTE: https://www.openwall.com/lists/oss-security/2015/10/22/5 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (v2.9.3) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489 (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (v2.9.3) + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9b8512337d14c8ddf662fcb98b0135f225a1c489 (v2.9.3) CVE-2015-8710 (The htmlParseComment function in HTMLparser.c in libxml2 allows attack ...) {DSA-3430-1 DLA-266-1} - libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #782985) NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2015/04/19/4 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746048 - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54c + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/e724879d964d774df9b7969fc846605aa1bac54c CVE-2015-3328 RESERVED CVE-2015-3327 @@ -472557,7 +472557,7 @@ CVE-2015-1820 (REST client for Ruby (aka rest-client) before 1.8.0 allows remote CVE-2015-1819 (The xmlreader in libxml allows remote attackers to cause a denial of s ...) {DSA-3430-1 DLA-266-1} - libxml2 2.9.2+really2.9.1+dfsg1-0.1 (low; bug #782782) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/213f1fe0d76d30eaed6e5853057defc43e6df2c9 NOTE: Concerns by Florian Weimer: https://bugzilla.gnome.org/show_bug.cgi?id=748278 CVE-2015-1818 (XML external entity (XXE) vulnerability in the dashbuilder import faci ...) NOT-FOR-US: JBoss dashbuilder @@ -493314,7 +493314,7 @@ CVE-2014-3660 (parser.c in libxml2 before 2.9.2 does not properly prevent entity [jessie] - libxml2 2.9.1+dfsg1-5 - libxml2 2.9.2+dfsg1-1 (bug #765722) NOTE: https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/be2a7edaf289c5da74a4f9ed3a0b6c733e775230 NOTE: Beware the upstream patch relies on other commits not NOTE: available in the squeeze/wheezy version (at least cff2546f that NOTE: changes how the ent->checked variable is used and likely a3f1e3e5 too) @@ -503634,8 +503634,8 @@ CVE-2014-0192 (Foreman 1.4.0 before 1.5.0 does not properly restrict access to p CVE-2014-0191 (The xmlParserHandlePEReference function in parser.c in libxml2 before ...) {DSA-2978-2 DLA-151-1} - libxml2 2.9.1+dfsg1-4 (bug #747309) - NOTE: The upstream patch we used in DSA-2978-1 and DLA-16-1 is only half of the fix. The other half is likely https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f which is only in libxml 2.9 and newer. This was found out with the test case given in https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-8935085. - NOTE: First patches: https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825 + NOTE: The upstream patch we used in DSA-2978-1 and DLA-16-1 is only half of the fix. The other half is likely https://gitlab.gnome.org/GNOME/libxml2/-/commit/4629ee02ac649c27f9c0cf98ba017c6b5526070f which is only in libxml 2.9 and newer. This was found out with the test case given in https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-8935085. + NOTE: First patches: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9cd1c3cfbd32655d60572c0a413e017260c854df https://gitlab.gnome.org/GNOME/libxml2/-/commit/dd8367da17c2948981a51e52c8a6beb445edf825 CVE-2014-0190 (The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to c ...) - qt4-x11 4:4.8.6+dfsg-1 (low) [wheezy] - qt4-x11 <no-dsa> (Minor issue) @@ -517384,7 +517384,7 @@ CVE-2013-1970 REJECTED CVE-2013-1969 (Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly ...) - libxml2 <not-affected> (Affecting only 2.9.x, see bug #705722) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/de0cc20c29cb3f056062925395e0f68d2250a46f CVE-2013-1968 (Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authent ...) {DSA-2703-1} - subversion 1.7.9-1+nmu2 (bug #711033) @@ -532798,7 +532798,7 @@ CVE-2012-2808 (The PRNG implementation in the DNS resolver in Bionic in Android CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...) {DSA-2521-1} - libxml2 2.8.0+dfsg1-5 (bug #679280) - NOTE: https://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/459eeb9dc752d5185f57ff6b135027f11981a626 CVE-2012-2806 (Heap-based buffer overflow in the get_sos function in jdmarker.c in li ...) - libjpeg-turbo <not-affected> (Fixed before initial release) CVE-2012-2805 (Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to ca ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f40a27689c7162ef47a1146cf09baafbf4579c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f40a27689c7162ef47a1146cf09baafbf4579c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
