Author: renodr Date: Fri Jul 5 11:30:00 2019 New Revision: 3957 Log: Add a security patch for libxslt, fixing CVE-2019-11068 (security framework bypass)
Added: trunk/libxslt/libxslt-1.1.33-security_fix-1.patch Added: trunk/libxslt/libxslt-1.1.33-security_fix-1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/libxslt/libxslt-1.1.33-security_fix-1.patch Fri Jul 5 11:30:00 2019 (r3957) @@ -0,0 +1,100 @@ +Submitted By: Douglas R. Reno <renodr at linuxfromscratch dot org> +Date: 2019-07-05 +Initial Package Version: 1.1.33 +Upstream Status: Applied +Origin: https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 +Description: Fixes CVE-2019-11068 in libxslt, a security framework + bypass. + +diff -Naurp libxslt-1.1.33.orig/libxslt/documents.c libxslt-1.1.33/libxslt/documents.c +--- libxslt-1.1.33.orig/libxslt/documents.c 2015-05-10 09:11:29.000000000 -0500 ++++ libxslt-1.1.33/libxslt/documents.c 2019-07-05 13:08:13.976670506 -0500 +@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr + int res; + + res = xsltCheckRead(ctxt->sec, ctxt, URI); +- if (res == 0) { +- xsltTransformError(ctxt, NULL, NULL, +- "xsltLoadDocument: read rights for %s denied\n", +- URI); ++ if (res <= 0) { ++ if (res == 0) ++ xsltTransformError(ctxt, NULL, NULL, ++ "xsltLoadDocument: read rights for %s denied\n", ++ URI); + return(NULL); + } + } +@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr + int res; + + res = xsltCheckRead(sec, NULL, URI); +- if (res == 0) { +- xsltTransformError(NULL, NULL, NULL, +- "xsltLoadStyleDocument: read rights for %s denied\n", +- URI); ++ if (res <= 0) { ++ if (res == 0) ++ xsltTransformError(NULL, NULL, NULL, ++ "xsltLoadStyleDocument: read rights for %s denied\n", ++ URI); + return(NULL); + } + } +diff -Naurp libxslt-1.1.33.orig/libxslt/imports.c libxslt-1.1.33/libxslt/imports.c +--- libxslt-1.1.33.orig/libxslt/imports.c 2017-12-02 02:58:51.000000000 -0600 ++++ libxslt-1.1.33/libxslt/imports.c 2019-07-05 13:08:32.201199584 -0500 +@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheet + int secres; + + secres = xsltCheckRead(sec, NULL, URI); +- if (secres == 0) { +- xsltTransformError(NULL, NULL, NULL, +- "xsl:import: read rights for %s denied\n", +- URI); ++ if (secres <= 0) { ++ if (secres == 0) ++ xsltTransformError(NULL, NULL, NULL, ++ "xsl:import: read rights for %s denied\n", ++ URI); + goto error; + } + } +diff -Naurp libxslt-1.1.33.orig/libxslt/transform.c libxslt-1.1.33/libxslt/transform.c +--- libxslt-1.1.33.orig/libxslt/transform.c 2018-11-22 11:59:38.000000000 -0600 ++++ libxslt-1.1.33/libxslt/transform.c 2019-07-05 13:09:00.994036330 -0500 +@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr + */ + if (ctxt->sec != NULL) { + ret = xsltCheckWrite(ctxt->sec, ctxt, filename); +- if (ret == 0) { +- xsltTransformError(ctxt, NULL, inst, +- "xsltDocumentElem: write rights for %s denied\n", +- filename); ++ if (ret <= 0) { ++ if (ret == 0) ++ xsltTransformError(ctxt, NULL, inst, ++ "xsltDocumentElem: write rights for %s denied\n", ++ filename); + xmlFree(URL); + xmlFree(filename); + return; +diff -Naurp libxslt-1.1.33.orig/libxslt/xslt.c libxslt-1.1.33/libxslt/xslt.c +--- libxslt-1.1.33.orig/libxslt/xslt.c 2017-12-02 02:58:51.000000000 -0600 ++++ libxslt-1.1.33/libxslt/xslt.c 2019-07-05 13:09:25.675754418 -0500 +@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* f + int res; + + res = xsltCheckRead(sec, NULL, filename); +- if (res == 0) { +- xsltTransformError(NULL, NULL, NULL, +- "xsltParseStylesheetFile: read rights for %s denied\n", +- filename); ++ if (res <= 0) { ++ if (res == 0) ++ xsltTransformError(NULL, NULL, NULL, ++ "xsltParseStylesheetFile: read rights for %s denied\n", ++ filename); + return(NULL); + } + } -- http://lists.linuxfromscratch.org/listinfo/patches FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page