tags 607922 + pending thanks Dear maintainer,
I've prepared an NMU for libxml2 (versioned as 2.7.8.dfsg-1.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
diff -u libxml2-2.7.8.dfsg/debian/changelog libxml2-2.7.8.dfsg/debian/changelog --- libxml2-2.7.8.dfsg/debian/changelog +++ libxml2-2.7.8.dfsg/debian/changelog @@ -1,3 +1,11 @@ +libxml2 (2.7.8.dfsg-1.1) unstable; urgency=high + + * Non-maintainer upload. + * CVE-2010-4494: memory corruption (double-free) in xpath.c + (closes: #607922) + + -- Jonathan Wiltshire <j...@debian.org> Fri, 24 Dec 2010 17:55:09 +0000 + libxml2 (2.7.8.dfsg-1) unstable; urgency=low * New upstream release. only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/xpath.c +++ libxml2-2.7.8.dfsg/xpath.c @@ -11763,11 +11763,16 @@ if ((ctxt->error != XPATH_EXPRESSION_OK) || (res == -1)) { xmlXPathObjectPtr tmp; - /* pop the result */ + /* pop the result if any */ tmp = valuePop(ctxt); - xmlXPathReleaseObject(xpctxt, tmp); - /* then pop off contextObj, which will be freed later */ - valuePop(ctxt); + if (tmp != contextObj) { + /* + * Free up the result + * then pop off contextObj, which will be freed later + */ + xmlXPathReleaseObject(xpctxt, tmp); + valuePop(ctxt); + } goto evaluation_error; }
signature.asc
Description: Digital signature