Context Navigation

← Previous Ticket
Next Ticket →

#36499 closed defect (fixed)

libxslt 1.1.26: multiple CVEs

Reported by:	blair (Blair Zajac)	Owned by:	ryandesign (Ryan Carsten Schmidt)
Priority:	High	Milestone:
Component:	ports	Version:	2.1.2
Keywords:	haspatch	Cc:	gjasny@…
Port:	libxslt

Description

The following security issues were fixed in a recent Ubuntu 12.04 upgrade on my system:

libxslt (1.1.26-8ubuntu1.2) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/pattern.c: fix improper loop exit.
    - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
    - CVE-2011-3970
  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/xsltutils.h: check for XML_ELEMENT_NODE
    - e6a0bc8081271f33b9899eb78e1da1a2a0428419
    - CVE-2012-2825
  * SECURITY UPDATE: denial of service via crafted XSLT expression
    - harden code in libexslt/functions.c, libxslt/attributes.c,
      libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
      libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
      libxslt/xslt.c, libxslt/xsltutils.c.
    - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
    - 4da0f7e207f14a03daad4663865c285eb27f93e9
    - 24653072221e76d2f1f06aa71225229b532f8946
    - 1564b30e994602a95863d9716be83612580a2fed
    - CVE-2012-2870
  * SECURITY UPDATE: denial of service and possible code execution during
    handling of XSL transforms
    - libxslt/transform.c: check for XML_NAMESPACE_DECL
    - 937ba2a3eb42d288f53c8adc211bd1122869f0bf
    - CVE-2012-2871
  * SECURITY UPDATE: denial of service and possible code execution via
    double free during XSL transforms
    - libxslt/templates.c: Fix dictionary string usage
    - 54977ed7966847e305a2008cb18892df26eeb065
    - CVE-2012-2893

I noticed that libxslt released 1.1.27 on September 12 which may fix some of these.

Somebody needs to go through the 1.1.27 release and see which issues were fixed and which were not and provide patches for them, or stick with 1.1.26 and use the patches that Ubuntu does.

Attachments (1)

Portfile-libxslt-36499.diff (5.3 KB) - added by gjasny@… 12 years ago.: Bump to 1.1.27 and apply regression fix patch

Download all attachments as: .zip

Change History (4)

comment:1 Changed 12 years ago by gjasny@…

I verified that each of the CVE patches is included in 1.1.27:

CVE-2012-2825 CVE-2012-2870 CVE-2011-3970 CVE-2012-2893 CVE-2012-2871

But I need to add a patch to fix a 1.1.26 -> 1.1.27 regression http://git.gnome.org/browse/libxslt/commit/?id=be264bd3034b352a7c768ba62bf62cca22d074d9

Changed 12 years ago by gjasny@…

Attachment:	Portfile-libxslt-36499.diff added

Bump to 1.1.27 and apply regression fix patch

comment:2 Changed 12 years ago by ryandesign (Ryan Carsten Schmidt)

Cc:	gjasny@… added
Keywords:	haspatch added
Owner:	changed from macports-tickets@… to ryandesign@…
Status:	new → assigned

Thanks!

comment:3 Changed 12 years ago by ryandesign (Ryan Carsten Schmidt)

Resolution:	→ fixed
Status:	assigned → closed

r98917

Note: See TracTickets for help on using tickets.

Download in other formats: