Hello community,
here is the log from the commit of package libxslt for openSUSE:Factory checked
in at 2016-05-25 21:21:17
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libxslt (Old)
and /work/SRC/openSUSE:Factory/.libxslt.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxslt"
Changes:
--------
--- /work/SRC/openSUSE:Factory/libxslt/libxslt-python.changes 2013-01-17
09:46:55.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.libxslt.new/libxslt-python.changes
2016-05-25 21:21:19.000000000 +0200
@@ -1,0 +2,7 @@
+Fri May 20 13:55:16 UTC 2016 - kstreit...@suse.com
+
+- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
+ type confusion in preprocessing attributes [bnc#952474],
+ [CVE-2015-7995]
+
+-------------------------------------------------------------------
--- /work/SRC/openSUSE:Factory/libxslt/libxslt.changes 2015-04-12
00:09:39.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.libxslt.new/libxslt.changes 2016-05-25
21:21:19.000000000 +0200
@@ -1,0 +2,7 @@
+Fri May 20 13:53:45 UTC 2016 - kstreit...@suse.com
+
+- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
+ type confusion in preprocessing attributes [bnc#952474],
+ [CVE-2015-7995]
+
+-------------------------------------------------------------------
New:
----
libxslt-1.1.28-type_confusion_preprocess_attr.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libxslt-python.spec ++++++
--- /var/tmp/diff_new_pack.BwS7Ve/_old 2016-05-25 21:21:20.000000000 +0200
+++ /var/tmp/diff_new_pack.BwS7Ve/_new 2016-05-25 21:21:20.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libxslt-python
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,8 @@
# pbleser: don't build the doc subdir as it's broken and we don't install
# it anyway; neither build the xsltproc subdir (not packaged here, faster)
Patch1: libxslt-do_not_build_doc_nor_xsltproc.patch
+# PATCH-FIX-UPSTREAM bnc#952474 CVE-2015-7995 kstreit...@suse.com -- fix for
type confusion in preprocessing attributes
+Patch2: libxslt-1.1.28-type_confusion_preprocess_attr.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%{py_requires}
Url: http://xmlsoft.org/XSLT/
@@ -62,6 +64,7 @@
%setup -q -n libxslt-%{version}
%patch0
%patch1
+%patch2 -p1
%build
autoreconf --force --install
++++++ libxslt.spec ++++++
--- /var/tmp/diff_new_pack.BwS7Ve/_old 2016-05-25 21:21:20.000000000 +0200
+++ /var/tmp/diff_new_pack.BwS7Ve/_new 2016-05-25 21:21:20.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libxslt
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,8 @@
Patch0: %{name}-1.1.24-no-net-autobuild.patch
Patch1: libxslt-config-fixes.patch
Patch2: 0009-Make-generate-id-deterministic.patch
+# PATCH-FIX-UPSTREAM bnc#952474 CVE-2015-7995 kstreit...@suse.com -- fix for
type confusion in preprocessing attributes
+Patch3: libxslt-1.1.28-type_confusion_preprocess_attr.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: libgcrypt-devel
BuildRequires: libgpg-error-devel
@@ -122,6 +124,7 @@
%patch0
%patch1
%patch2 -p1
+%patch3 -p1
%build
autoreconf --force --install --verbose
++++++ libxslt-1.1.28-type_confusion_preprocess_attr.patch ++++++
>From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veill...@redhat.com>
Date: Thu, 29 Oct 2015 19:33:23 +0800
Subject: Fix for type confusion in preprocessing attributes
CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
We need to check that the parent node is an element before dereferencing
its namespace
---
libxslt/preproc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libxslt/preproc.c b/libxslt/preproc.c
index 0eb80a0..7f69325 100644
--- a/libxslt/preproc.c
+++ b/libxslt/preproc.c
@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr
inst) {
} else if (IS_XSLT_NAME(inst, "attribute")) {
xmlNodePtr parent = inst->parent;
- if ((parent == NULL) || (parent->ns == NULL) ||
+ if ((parent == NULL) ||
+ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
((parent->ns != inst->ns) &&
(!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
--
cgit v0.12
