Control: tags 1039991 + patch Control: tags 1039991 + pending
Dear maintainer, I've prepared an NMU for libxml2 (versioned as 2.9.14+dfsg-1.3) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Note, I'm aware DELAYED/2 might here be unappropriate, bug given the last uploads were NMus I hope you are fine with it; main goal is that I can use the same basis for a bookworm-pu update which needs to be done before the upcoming weekend. Let me know if you allow me to reschedule it to upload earlier. Regards, Salvatore
diff -Nru libxml2-2.9.14+dfsg/debian/changelog libxml2-2.9.14+dfsg/debian/changelog --- libxml2-2.9.14+dfsg/debian/changelog 2023-04-15 16:25:06.000000000 +0200 +++ libxml2-2.9.14+dfsg/debian/changelog 2023-07-08 21:18:29.000000000 +0200 @@ -1,3 +1,11 @@ +libxml2 (2.9.14+dfsg-1.3) unstable; urgency=medium + + * Non-maintainer upload. + * Reset nsNr in xmlCtxtReset (CVE-2022-2309) (Closes: #1039991) + * Also reset nsNr in htmlCtxtReset (CVE-2022-2309) (Closes: #1039991) + + -- Salvatore Bonaccorso <car...@debian.org> Sat, 08 Jul 2023 21:18:29 +0200 + libxml2 (2.9.14+dfsg-1.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch --- libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch 1970-01-01 01:00:00.000000000 +0100 +++ libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch 2023-07-08 21:18:29.000000000 +0200 @@ -0,0 +1,27 @@ +From: Nick Wellnhofer <wellnho...@aevum.de> +Date: Thu, 28 Jul 2022 21:35:17 +0200 +Subject: Also reset nsNr in htmlCtxtReset +origin: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a82ea25fc83f563c574ddb863d6c17d9c5abdbd2 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309 +Bug-Debian: https://bugs.debian.org/1039991 + +--- + HTMLparser.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/HTMLparser.c b/HTMLparser.c +index 9079fa8aa52d..1520663ba2af 100644 +--- a/HTMLparser.c ++++ b/HTMLparser.c +@@ -6743,6 +6743,8 @@ htmlCtxtReset(htmlParserCtxtPtr ctxt) + ctxt->nameNr = 0; + ctxt->name = NULL; + ++ ctxt->nsNr = 0; ++ + DICT_FREE(ctxt->version); + ctxt->version = NULL; + DICT_FREE(ctxt->encoding); +-- +2.40.1 + diff -Nru libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch --- libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch 1970-01-01 01:00:00.000000000 +0100 +++ libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch 2023-07-08 21:18:29.000000000 +0200 @@ -0,0 +1,27 @@ +From: Nick Wellnhofer <wellnho...@aevum.de> +Date: Mon, 18 Jul 2022 20:59:45 +0200 +Subject: Reset nsNr in xmlCtxtReset +origin: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5930fe01963136ab92125feec0c6204d9c9225dc +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309 +Bug-Debian: https://bugs.debian.org/1039991 + +--- + parser.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/parser.c b/parser.c +index d278638dd6d4..e660b0a7d499 100644 +--- a/parser.c ++++ b/parser.c +@@ -14820,6 +14820,8 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt) + ctxt->nameNr = 0; + ctxt->name = NULL; + ++ ctxt->nsNr = 0; ++ + DICT_FREE(ctxt->version); + ctxt->version = NULL; + DICT_FREE(ctxt->encoding); +-- +2.40.1 + diff -Nru libxml2-2.9.14+dfsg/debian/patches/series libxml2-2.9.14+dfsg/debian/patches/series --- libxml2-2.9.14+dfsg/debian/patches/series 2023-04-15 16:25:06.000000000 +0200 +++ libxml2-2.9.14+dfsg/debian/patches/series 2023-07-08 21:18:29.000000000 +0200 @@ -6,3 +6,5 @@ schemas-Fix-null-pointer-deref-in-xmlSchemaCheckCOSS.patch CVE-2023-28484-Fix-null-deref-in-xmlSchemaFixupCompl.patch CVE-2023-29469-Hashing-of-empty-dict-strings-isn-t-d.patch +Reset-nsNr-in-xmlCtxtReset.patch +Also-reset-nsNr-in-htmlCtxtReset.patch
