group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1652325] Re: Libxml2 2.9.3 fails to parse multi-byte character in large CDATA section that is split across buffer

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1652325@xxxxxxxxxxxxxxxxxx>
Date: Thu, 16 Mar 2017 11:37:47 -0000
Reply-to: Bug 1652325 <1652325@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package libxml2 - 2.9.3+dfsg1-1ubuntu0.2

---------------
libxml2 (2.9.3+dfsg1-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: format string vulnerabilities
    - debian/patches/CVE-2016-4448-1.patch: fix format string warnings in
      HTMLparser.c, SAX2.c, catalog.c, configure.ac, debugXML.c,
      encoding.c, entities.c, error.c, include/libxml/parserInternals.h,
      include/libxml/xmlerror.h, include/libxml/xmlstring.h, libxml.h,
      parser.c, parserInternals.c, relaxng.c, schematron.c, testModule.c,
      valid.c, xinclude.c, xmlIO.c, xmllint.c, xmlreader.c, xmlschemas.c,
      xmlstring.c, xmlwriter.c, xpath.c, xpointer.c.
    - debian/patches/CVE-2016-4448-2.patch: fix format string warnings in
      libxml.h, relaxng.c, xmlschemas.c, xmlstring.c.
    - debian/libxml2.symbols: added new symbol.
    - CVE-2016-4448
  * SECURITY UPDATE: use-after-free via namespace nodes in XPointer ranges
    - debian/patches/CVE-2016-4658.patch: disallow namespace nodes in
      XPointer ranges in xpointer.c.
    - CVE-2016-4658
  * SECURITY UPDATE: use-after-free in XPointer range-to function
    - debian/patches/CVE-2016-5131-1.patch: fix XPointer paths beginning
      with range-to in xpath.c, xpointer.c.
    - debian/patches/CVE-2016-5131-2.patch: fix comparison with root node
      in xmlXPathCmpNodes in xpath.c.
    - CVE-2016-5131
  * debian/patches/lp1652325.patch: XML push parser fails with bogus
    UTF-8 encoding error when multi-byte character in large CDATA section
    is split across buffer (LP: #1652325)

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Tue, 14 Mar 2017
16:06:13 -0400

** Changed in: libxml2 (Ubuntu Xenial)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4448

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4658

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5131

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1652325

Title:
  Libxml2 2.9.3 fails to parse multi-byte character in large CDATA
  section that is split across buffer

Status in libxml2:
  Fix Released
Status in libxml2 package in Ubuntu:
  Invalid
Status in libxml2 source package in Xenial:
  Fix Released

Bug description:
  Ubuntu 16.04 packages libxml2 version 2.9.3*, which contains a
  regression documented here:
  https://git.gnome.org/browse/libxml2/commit/?id=4f8606c13cb7f2684839f850b83de5ce647d3ca7

  Full release notes of 2.9.4 can be seen here:
  http://xmlsoft.org/news.html

  The bug will affect XML push parser that fails with bogus UTF-8
  encoding error when multi-byte character in large CDATA section is
  split across buffer, which can be quite common.

  As Xenial is an LTS version and this bug is quite *critical*, I wonder
  if we should provide an update to fix this one. If I remember
  correctly, we're not supposed to update to a newer version a given
  package for a given version of Ubuntu, but as this version of Ubuntu
  will be used in many servers in the coming years and XML parsing is
  quite a common task, it may help a lot of developers to have a
  backported fix of this issue.

  Let me know you if you need more information.

To manage notifications about this bug go to:
https://bugs.launchpad.net/libxml2/+bug/1652325/+subscriptions