Hello community, here is the log from the commit of package libxslt for openSUSE:Factory checked in at 2016-05-25 21:21:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxslt (Old) and /work/SRC/openSUSE:Factory/.libxslt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxslt" Changes: -------- --- /work/SRC/openSUSE:Factory/libxslt/libxslt-python.changes 2013-01-17 09:46:55.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libxslt.new/libxslt-python.changes 2016-05-25 21:21:19.000000000 +0200 @@ -1,0 +2,7 @@ +Fri May 20 13:55:16 UTC 2016 - kstreit...@suse.com + +- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix + type confusion in preprocessing attributes [bnc#952474], + [CVE-2015-7995] + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libxslt/libxslt.changes 2015-04-12 00:09:39.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libxslt.new/libxslt.changes 2016-05-25 21:21:19.000000000 +0200 @@ -1,0 +2,7 @@ +Fri May 20 13:53:45 UTC 2016 - kstreit...@suse.com + +- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix + type confusion in preprocessing attributes [bnc#952474], + [CVE-2015-7995] + +------------------------------------------------------------------- New: ---- libxslt-1.1.28-type_confusion_preprocess_attr.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxslt-python.spec ++++++ --- /var/tmp/diff_new_pack.BwS7Ve/_old 2016-05-25 21:21:20.000000000 +0200 +++ /var/tmp/diff_new_pack.BwS7Ve/_new 2016-05-25 21:21:20.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package libxslt-python # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,6 +29,8 @@ # pbleser: don't build the doc subdir as it's broken and we don't install # it anyway; neither build the xsltproc subdir (not packaged here, faster) Patch1: libxslt-do_not_build_doc_nor_xsltproc.patch +# PATCH-FIX-UPSTREAM bnc#952474 CVE-2015-7995 kstreit...@suse.com -- fix for type confusion in preprocessing attributes +Patch2: libxslt-1.1.28-type_confusion_preprocess_attr.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %{py_requires} Url: http://xmlsoft.org/XSLT/ @@ -62,6 +64,7 @@ %setup -q -n libxslt-%{version} %patch0 %patch1 +%patch2 -p1 %build autoreconf --force --install ++++++ libxslt.spec ++++++ --- /var/tmp/diff_new_pack.BwS7Ve/_old 2016-05-25 21:21:20.000000000 +0200 +++ /var/tmp/diff_new_pack.BwS7Ve/_new 2016-05-25 21:21:20.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package libxslt # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -32,6 +32,8 @@ Patch0: %{name}-1.1.24-no-net-autobuild.patch Patch1: libxslt-config-fixes.patch Patch2: 0009-Make-generate-id-deterministic.patch +# PATCH-FIX-UPSTREAM bnc#952474 CVE-2015-7995 kstreit...@suse.com -- fix for type confusion in preprocessing attributes +Patch3: libxslt-1.1.28-type_confusion_preprocess_attr.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libgcrypt-devel BuildRequires: libgpg-error-devel @@ -122,6 +124,7 @@ %patch0 %patch1 %patch2 -p1 +%patch3 -p1 %build autoreconf --force --install --verbose ++++++ libxslt-1.1.28-type_confusion_preprocess_attr.patch ++++++ >From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veill...@redhat.com> Date: Thu, 29 Oct 2015 19:33:23 +0800 Subject: Fix for type confusion in preprocessing attributes CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 We need to check that the parent node is an element before dereferencing its namespace --- libxslt/preproc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libxslt/preproc.c b/libxslt/preproc.c index 0eb80a0..7f69325 100644 --- a/libxslt/preproc.c +++ b/libxslt/preproc.c @@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { } else if (IS_XSLT_NAME(inst, "attribute")) { xmlNodePtr parent = inst->parent; - if ((parent == NULL) || (parent->ns == NULL) || + if ((parent == NULL) || + (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || ((parent->ns != inst->ns) && (!xmlStrEqual(parent->ns->href, inst->ns->href))) || (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { -- cgit v0.12