fix CVE-2024-34459 for libxml2 (#9186)

realsdx · web-flow · commit 90eef0e1599a · 2024-05-23T13:38:38.000+05:30
diff --git a/SPECS/libxml2/CVE-2024-34459.patch b/SPECS/libxml2/CVE-2024-34459.patch
@@ -0,0 +1,26 @@
+From 8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 8 May 2024 11:49:31 +0200
+Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`
+
+Add a missing bounds check.
+---
+ xmllint.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xmllint.c b/xmllint.c
+index 0e433b721..62f6b0273 100644
+--- a/xmllint.c
++++ b/xmllint.c
+@@ -559,7 +559,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
+     len = strlen(buffer);
+     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
+     cur = input->cur;
+-    while ((*cur == '\n') || (*cur == '\r'))
++    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
+ 	cur--;
+     n = 0;
+     while ((cur != base) && (n++ < 80)) {
+-- 
+GitLab
+
diff --git a/SPECS/libxml2/libxml2.spec b/SPECS/libxml2/libxml2.spec
@@ -1,14 +1,15 @@
 Summary:        Libxml2
 Name:           libxml2
 Version:        2.10.4
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        MIT
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 Group:          System Environment/General Libraries
 URL:            https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home
 Source0:        https://gitlab.gnome.org/GNOME/%{name}/-/archive/v%{version}/%{name}-v%{version}.tar.gz
 Patch0:         CVE-2023-45322.patch
+Patch1:         CVE-2024-34459.patch
 BuildRequires:  python3-devel
 BuildRequires:  python3-xml
 Provides:       %{name}-tools = %{version}-%{release}
@@ -79,6 +80,9 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_libdir}/cmake/libxml2/libxml2-config.cmake
 
 %changelog
+* Mon May 20 2024 Sudipta Pandit <sudpandit@microsoft.com> - 2.10.4-3
+- Apply patch for CVE-2024-34459
+
 * Mon Oct 30 2023 Suresh Thelkar <sthelkar@microsoft.com> - 2.10.4-2
 - Backport upstream patch to fix CVE-2023-45322
 
diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -194,8 +194,8 @@ curl-8.5.0-2.cm2.aarch64.rpm
 curl-devel-8.5.0-2.cm2.aarch64.rpm
 curl-libs-8.5.0-2.cm2.aarch64.rpm
 createrepo_c-0.17.5-1.cm2.aarch64.rpm
-libxml2-2.10.4-2.cm2.aarch64.rpm
-libxml2-devel-2.10.4-2.cm2.aarch64.rpm
+libxml2-2.10.4-3.cm2.aarch64.rpm
+libxml2-devel-2.10.4-3.cm2.aarch64.rpm
 docbook-dtd-xml-4.5-11.cm2.noarch.rpm
 docbook-style-xsl-1.79.1-13.cm2.noarch.rpm
 libsepol-3.2-2.cm2.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
@@ -194,8 +194,8 @@ curl-8.5.0-2.cm2.x86_64.rpm
 curl-devel-8.5.0-2.cm2.x86_64.rpm
 curl-libs-8.5.0-2.cm2.x86_64.rpm
 createrepo_c-0.17.5-1.cm2.x86_64.rpm
-libxml2-2.10.4-2.cm2.x86_64.rpm
-libxml2-devel-2.10.4-2.cm2.x86_64.rpm
+libxml2-2.10.4-3.cm2.x86_64.rpm
+libxml2-devel-2.10.4-3.cm2.x86_64.rpm
 docbook-dtd-xml-4.5-11.cm2.noarch.rpm
 docbook-style-xsl-1.79.1-13.cm2.noarch.rpm
 libsepol-3.2-2.cm2.x86_64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -209,9 +209,9 @@ libtasn1-debuginfo-4.19.0-1.cm2.aarch64.rpm
 libtasn1-devel-4.19.0-1.cm2.aarch64.rpm
 libtool-2.4.6-8.cm2.aarch64.rpm
 libtool-debuginfo-2.4.6-8.cm2.aarch64.rpm
-libxml2-2.10.4-2.cm2.aarch64.rpm
-libxml2-debuginfo-2.10.4-2.cm2.aarch64.rpm
-libxml2-devel-2.10.4-2.cm2.aarch64.rpm
+libxml2-2.10.4-3.cm2.aarch64.rpm
+libxml2-debuginfo-2.10.4-3.cm2.aarch64.rpm
+libxml2-devel-2.10.4-3.cm2.aarch64.rpm
 libxslt-1.1.34-7.cm2.aarch64.rpm
 libxslt-debuginfo-1.1.34-7.cm2.aarch64.rpm
 libxslt-devel-1.1.34-7.cm2.aarch64.rpm
@@ -521,7 +521,7 @@ python3-gpg-1.16.0-2.cm2.aarch64.rpm
 python3-jinja2-3.0.3-3.cm2.noarch.rpm
 python3-libcap-ng-0.8.2-2.cm2.aarch64.rpm
 python3-libs-3.9.19-1.cm2.aarch64.rpm
-python3-libxml2-2.10.4-2.cm2.aarch64.rpm
+python3-libxml2-2.10.4-3.cm2.aarch64.rpm
 python3-lxml-4.9.1-1.cm2.aarch64.rpm
 python3-magic-5.40-2.cm2.noarch.rpm
 python3-markupsafe-2.1.0-1.cm2.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -215,9 +215,9 @@ libtasn1-debuginfo-4.19.0-1.cm2.x86_64.rpm
 libtasn1-devel-4.19.0-1.cm2.x86_64.rpm
 libtool-2.4.6-8.cm2.x86_64.rpm
 libtool-debuginfo-2.4.6-8.cm2.x86_64.rpm
-libxml2-2.10.4-2.cm2.x86_64.rpm
-libxml2-debuginfo-2.10.4-2.cm2.x86_64.rpm
-libxml2-devel-2.10.4-2.cm2.x86_64.rpm
+libxml2-2.10.4-3.cm2.x86_64.rpm
+libxml2-debuginfo-2.10.4-3.cm2.x86_64.rpm
+libxml2-devel-2.10.4-3.cm2.x86_64.rpm
 libxslt-1.1.34-7.cm2.x86_64.rpm
 libxslt-debuginfo-1.1.34-7.cm2.x86_64.rpm
 libxslt-devel-1.1.34-7.cm2.x86_64.rpm
@@ -527,7 +527,7 @@ python3-gpg-1.16.0-2.cm2.x86_64.rpm
 python3-jinja2-3.0.3-3.cm2.noarch.rpm
 python3-libcap-ng-0.8.2-2.cm2.x86_64.rpm
 python3-libs-3.9.19-1.cm2.x86_64.rpm
-python3-libxml2-2.10.4-2.cm2.x86_64.rpm
+python3-libxml2-2.10.4-3.cm2.x86_64.rpm
 python3-lxml-4.9.1-1.cm2.x86_64.rpm
 python3-magic-5.40-2.cm2.noarch.rpm
 python3-markupsafe-2.1.0-1.cm2.x86_64.rpm
