16963 2008-09-01 13:43:07 +0400 Fixes: CVE-2008-3281, without breaking librsvg and others. 2008-09-04 01:20:47 +0400 1 1 4 Development Sisyphus libxml2 unstable all Linux CLOSED FIXED patch P2 critical --- 1 shaba maks1ms maks1ms qa-sisyphus oldest_to_newest 76765 0 2869 shaba 2008-09-01 13:43:07 +0400 Created attachment 2869 CVE-2008-3281, without breaking librsvg and others. upstream fixes CVE-2008-3281 change API/ABI. Please, apply this patch from debian(libxml2-2.6.32.dfsg-3) for fix CVE-2008-3281, without breaking librsvg. 76977 1 shaba 2008-09-04 01:20:47 +0400 спасибо 2869 2008-09-01 13:43:07 +0400 2008-09-01 13:43:07 +0400 CVE-2008-3281, without breaking librsvg and others. CVE-2008-3281.patch text/plain 7089 shaba LS0tIGxpYnhtbDItMi42LjMyLmRmc2cub3JpZy9lbnRpdGllcy5jCisrKyBsaWJ4bWwyLTIuNi4z Mi5kZnNnL2VudGl0aWVzLmMKQEAgLTEwMiw3ICsxMDIsNyBAQAogICAgICAgICBkaWN0ID0gZW50 aXR5LT5kb2MtPmRpY3Q7CiAKIAotICAgIGlmICgoZW50aXR5LT5jaGlsZHJlbikgJiYgKGVudGl0 eS0+b3duZXIgPT0gMSkgJiYKKyAgICBpZiAoKGVudGl0eS0+Y2hpbGRyZW4pICYmIChlbnRpdHkt Pm93bmVyICE9IDApICYmCiAgICAgICAgIChlbnRpdHkgPT0gKHhtbEVudGl0eVB0cikgZW50aXR5 LT5jaGlsZHJlbi0+cGFyZW50KSkKICAgICAgICAgeG1sRnJlZU5vZGVMaXN0KGVudGl0eS0+Y2hp bGRyZW4pOwogICAgIGlmIChkaWN0ICE9IE5VTEwpIHsKLS0tIGxpYnhtbDItMi42LjMyLmRmc2cu b3JpZy9wYXJzZXIuYworKysgbGlieG1sMi0yLjYuMzIuZGZzZy9wYXJzZXIuYwpAQCAtMjM0NCw3 ICsyMzQ0LDcgQEAKIAlyZXR1cm4oTlVMTCk7CiAgICAgbGFzdCA9IHN0ciArIGxlbjsKIAotICAg IGlmIChjdHh0LT5kZXB0aCA+IDQwKSB7CisgICAgaWYgKChjdHh0LT5kZXB0aCA+IDQwKSB8fCAo Y3R4dC0+bmJlbnRpdGllcyA+PSA1MDAwMDApKSB7CiAJeG1sRmF0YWxFcnIoY3R4dCwgWE1MX0VS Ul9FTlRJVFlfTE9PUCwgTlVMTCk7CiAJcmV0dXJuKE5VTEwpOwogICAgIH0KQEAgLTIzODIsNiAr MjM4MiwxMSBAQAogCQkJIlN0cmluZyBkZWNvZGluZyBFbnRpdHkgUmVmZXJlbmNlOiAlLjMwc1xu IiwKIAkJCXN0cik7CiAJICAgIGVudCA9IHhtbFBhcnNlU3RyaW5nRW50aXR5UmVmKGN0eHQsICZz dHIpOworCSAgICBpZiAoY3R4dC0+bGFzdEVycm9yLmNvZGUgPT0gWE1MX0VSUl9FTlRJVFlfTE9P UCkKKwkgICAgICAgIGdvdG8gaW50X2Vycm9yOworCSAgICBjdHh0LT5uYmVudGl0aWVzKys7CisJ ICAgIGlmIChlbnQgIT0gTlVMTCkKKwkgICAgICAgIGN0eHQtPm5iZW50aXRpZXMgKz0gZW50LT5v d25lcjsKIAkgICAgaWYgKChlbnQgIT0gTlVMTCkgJiYKIAkJKGVudC0+ZXR5cGUgPT0gWE1MX0lO VEVSTkFMX1BSRURFRklORURfRU5USVRZKSkgewogCQlpZiAoZW50LT5jb250ZW50ICE9IE5VTEwp IHsKQEAgLTI0MjcsNiArMjQzMiwxMSBAQAogCQl4bWxHZW5lcmljRXJyb3IoeG1sR2VuZXJpY0Vy cm9yQ29udGV4dCwKIAkJCSJTdHJpbmcgZGVjb2RpbmcgUEUgUmVmZXJlbmNlOiAlLjMwc1xuIiwg c3RyKTsKIAkgICAgZW50ID0geG1sUGFyc2VTdHJpbmdQRVJlZmVyZW5jZShjdHh0LCAmc3RyKTsK KwkgICAgaWYgKGN0eHQtPmxhc3RFcnJvci5jb2RlID09IFhNTF9FUlJfRU5USVRZX0xPT1ApCisJ ICAgICAgICBnb3RvIGludF9lcnJvcjsKKwkgICAgY3R4dC0+bmJlbnRpdGllcysrOworCSAgICBp ZiAoZW50ICE9IE5VTEwpCisJICAgICAgICBjdHh0LT5uYmVudGl0aWVzICs9IGVudC0+b3duZXI7 CiAJICAgIGlmIChlbnQgIT0gTlVMTCkgewogICAgICAgICAgICAgICAgIGlmIChlbnQtPmNvbnRl bnQgPT0gTlVMTCkgewogCQkgICAgaWYgKHhtbExvYWRFbnRpdHlDb250ZW50KGN0eHQsIGVudCkg PCAwKSB7CkBAIC0yNDY4LDYgKzI0NzgsNyBAQAogICAgIHhtbEVyck1lbW9yeShjdHh0LCBOVUxM KTsKICAgICBpZiAocmVwICE9IE5VTEwpCiAgICAgICAgIHhtbEZyZWUocmVwKTsKK2ludF9lcnJv cjoKICAgICBpZiAoYnVmZmVyICE9IE5VTEwpCiAgICAgICAgIHhtbEZyZWUoYnVmZmVyKTsKICAg ICByZXR1cm4oTlVMTCk7CkBAIC0zMjgwLDYgKzMyOTEsOSBAQAogCQl9CiAJICAgIH0gZWxzZSB7 CiAJCWVudCA9IHhtbFBhcnNlRW50aXR5UmVmKGN0eHQpOworCQljdHh0LT5uYmVudGl0aWVzKys7 CisJCWlmIChlbnQgIT0gTlVMTCkKKwkJICAgIGN0eHQtPm5iZW50aXRpZXMgKz0gZW50LT5vd25l cjsKIAkJaWYgKChlbnQgIT0gTlVMTCkgJiYKIAkJICAgIChlbnQtPmV0eXBlID09IFhNTF9JTlRF Uk5BTF9QUkVERUZJTkVEX0VOVElUWSkpIHsKIAkJICAgIGlmIChsZW4gPiBidWZfc2l6ZSAtIDEw KSB7CkBAIC00NTY2LDYgKzQ1ODAsNyBAQAogICAgIGludCBpc1BhcmFtZXRlciA9IDA7CiAgICAg eG1sQ2hhciAqb3JpZyA9IE5VTEw7CiAgICAgaW50IHNraXBwZWQ7CisgICAgdW5zaWduZWQgbG9u ZyBvbGRuYmVudCA9IGN0eHQtPm5iZW50aXRpZXM7CiAgICAgCiAgICAgLyogR1JPVzsgZG9uZSBp biB0aGUgY2FsbGVyICovCiAgICAgaWYgKENNUDgoQ1VSX1BUUiwgJzwnLCAnIScsICdFJywgJ04n LCAnVCcsICdJJywgJ1QnLCAnWScpKSB7CkBAIC00NzgzLDYgKzQ3OTgsMTEgQEAKIAkJfQogCSAg ICB9CiAgICAgICAgICAgICBpZiAoY3VyICE9IE5VTEwpIHsKKwkgICAgICAgIGlmICgoY3VyLT5v d25lciAhPSAwKSB8fCAoY3VyLT5jaGlsZHJlbiA9PSBOVUxMKSkgeworCQkgICAgY3VyLT5vd25l ciA9IGN0eHQtPm5iZW50aXRpZXMgLSBvbGRuYmVudDsKKwkJICAgIGlmIChjdXItPm93bmVyID09 ICAwKQorCQkgICAgICAgIGN1ci0+b3duZXIgPSAxOworCQl9CiAJICAgICAgICBpZiAoY3VyLT5v cmlnICE9IE5VTEwpCiAJCSAgICB4bWxGcmVlKG9yaWcpOwogCQllbHNlCkBAIC02MTg5LDYgKzYy MDksMTEgQEAKIAlpZiAoZW50ID09IE5VTEwpIHJldHVybjsKIAlpZiAoIWN0eHQtPndlbGxGb3Jt ZWQpCiAJICAgIHJldHVybjsKKwljdHh0LT5uYmVudGl0aWVzKys7CisJaWYgKGN0eHQtPm5iZW50 aXRpZXMgPj0gNTAwMDAwKSB7CisJICAgIHhtbEZhdGFsRXJyKGN0eHQsIFhNTF9FUlJfRU5USVRZ X0xPT1AsIE5VTEwpOworCSAgICByZXR1cm47CisJfQogCXdhc19jaGVja2VkID0gZW50LT5jaGVj a2VkOwogCWlmICgoZW50LT5uYW1lICE9IE5VTEwpICYmIAogCSAgICAoZW50LT5ldHlwZSAhPSBY TUxfSU5URVJOQUxfUFJFREVGSU5FRF9FTlRJVFkpKSB7CkBAIC02MjQwLDcgKzYyNjUsOCBAQAog CQkJICAgIChlbnQtPmNoaWxkcmVuID09IE5VTEwpKSB7CiAJCQkgICAgZW50LT5jaGlsZHJlbiA9 IGxpc3Q7CiAJCQkgICAgZW50LT5sYXN0ID0gbGlzdDsKLQkJCSAgICBlbnQtPm93bmVyID0gMTsK KwkJCSAgICBpZiAoZW50LT5vd25lciA9PSAwKQorCQkJCWVudC0+b3duZXIgPSAxOwogCQkJICAg IGxpc3QtPnBhcmVudCA9ICh4bWxOb2RlUHRyKSBlbnQ7CiAJCQl9IGVsc2UgewogCQkJICAgIHht bEZyZWVOb2RlTGlzdChsaXN0KTsKQEAgLTYyNDksNiArNjI3NSw3IEBACiAJCQl4bWxGcmVlTm9k ZUxpc3QobGlzdCk7CiAJCSAgICB9CiAJCX0gZWxzZSB7CisJCSAgICB1bnNpZ25lZCBsb25nIG9s ZG5iZW50ID0gY3R4dC0+bmJlbnRpdGllczsKIAkJICAgIC8qCiAJCSAgICAgKiA0LjMuMjogQW4g aW50ZXJuYWwgZ2VuZXJhbCBwYXJzZWQgZW50aXR5IGlzIHdlbGwtZm9ybWVkCiAJCSAgICAgKiBp ZiBpdHMgcmVwbGFjZW1lbnQgdGV4dCBtYXRjaGVzIHRoZSBwcm9kdWN0aW9uIGxhYmVsZWQKQEAg LTYyNzEsNiArNjI5OCw3IEBACiAJCQlyZXQgPSB4bWxQYXJzZUJhbGFuY2VkQ2h1bmtNZW1vcnlJ bnRlcm5hbChjdHh0LAogCQkJCQkgICB2YWx1ZSwgdXNlcl9kYXRhLCAmbGlzdCk7CiAJCQljdHh0 LT5kZXB0aC0tOworCiAJCSAgICB9IGVsc2UgaWYgKGVudC0+ZXR5cGUgPT0KIAkJCSAgICAgICBY TUxfRVhURVJOQUxfR0VORVJBTF9QQVJTRURfRU5USVRZKSB7CiAJCQljdHh0LT5kZXB0aCsrOwpA QCAtNjI4Myw2ICs2MzExLDExIEBACiAJCQl4bWxFcnJNc2dTdHIoY3R4dCwgWE1MX0VSUl9JTlRF Uk5BTF9FUlJPUiwKIAkJCQkgICAgICJpbnZhbGlkIGVudGl0eSB0eXBlIGZvdW5kXG4iLCBOVUxM KTsKIAkJICAgIH0KKwkJICAgIGlmICgoZW50LT5vd25lciAhPSAwKSB8fCAoZW50LT5jaGlsZHJl biA9PSBOVUxMKSkgeworCQkJZW50LT5vd25lciA9IGN0eHQtPm5iZW50aXRpZXMgLSBvbGRuYmVu dDsKKwkJCWlmIChlbnQtPm93bmVyID09IDApCisJCQkgICAgZW50LT5vd25lciA9IDE7CisJCSAg ICB9CiAJCSAgICBpZiAocmV0ID09IFhNTF9FUlJfRU5USVRZX0xPT1ApIHsKIAkJCXhtbEZhdGFs RXJyKGN0eHQsIFhNTF9FUlJfRU5USVRZX0xPT1AsIE5VTEwpOwogCQkJcmV0dXJuOwpAQCAtNjMw MSw3ICs2MzM0LDggQEAKIAkJCQkgICAgKGN0eHQtPnBhcnNlTW9kZSA9PSBYTUxfUEFSU0VfUkVB REVSKSkgewogCQkJCSAgICBsaXN0LT5wYXJlbnQgPSAoeG1sTm9kZVB0cikgZW50OwogCQkJCSAg ICBsaXN0ID0gTlVMTDsKLQkJCQkgICAgZW50LT5vd25lciA9IDE7CisJCQkJICAgIGlmIChlbnQt Pm93bmVyID09IDApCisJCQkJCWVudC0+b3duZXIgPSAxOwogCQkJCX0gZWxzZSB7CiAJCQkJICAg IGVudC0+b3duZXIgPSAwOwogCQkJCSAgICB3aGlsZSAobGlzdCAhPSBOVUxMKSB7CkBAIC02MzE4 LDcgKzYzNTIsOCBAQAogI2VuZGlmIC8qIExJQlhNTF9MRUdBQ1lfRU5BQkxFRCAqLwogCQkJCX0K IAkJCSAgICB9IGVsc2UgewotCQkJCWVudC0+b3duZXIgPSAxOworCQkJICAgICAgICBpZiAoZW50 LT5vd25lciA9PSAwKQorCQkJCSAgICBlbnQtPm93bmVyID0gMTsKIAkJCQl3aGlsZSAobGlzdCAh PSBOVUxMKSB7CiAJCQkJICAgIGxpc3QtPnBhcmVudCA9ICh4bWxOb2RlUHRyKSBlbnQ7CiAJCQkJ ICAgIGlmIChsaXN0LT5uZXh0ID09IE5VTEwpCkBAIC02MzkzLDYgKzY0MjgsNyBAQAogCQl9CiAJ CXJldHVybjsKIAkgICAgfQorCSAgICBjdHh0LT5uYmVudGl0aWVzICs9IGVudC0+b3duZXI7CiAJ ICAgIGlmICgoY3R4dC0+c2F4ICE9IE5VTEwpICYmIChjdHh0LT5zYXgtPnJlZmVyZW5jZSAhPSBO VUxMKSAmJgogCSAgICAgICAgKGN0eHQtPnJlcGxhY2VFbnRpdGllcyA9PSAwKSAmJiAoIWN0eHQt PmRpc2FibGVTQVgpKSB7CiAJCS8qCkBAIC02NDk1LDcgKzY1MzEsOCBAQAogCQkJCWJyZWFrOwog CQkJICAgIGN1ciA9IG5leHQ7CiAJCQl9Ci0JCQllbnQtPm93bmVyID0gMTsKKwkJCWlmIChlbnQt Pm93bmVyID09IDApCisJCQkgICAgZW50LT5vd25lciA9IDE7CiAjaWZkZWYgTElCWE1MX0xFR0FD WV9FTkFCTEVECiAJCQlpZiAoZW50LT5ldHlwZSA9PSBYTUxfRVhURVJOQUxfR0VORVJBTF9QQVJT RURfRU5USVRZKQkJCSAgICAgIAogCQkJICB4bWxBZGRFbnRpdHlSZWZlcmVuY2UoZW50LCBmaXJz dENoaWxkLCBudyk7CkBAIC0xMTQ4MCw3ICsxMTUxNyw3IEBACiAKICAgICBpZiAoY3R4ID09IE5V TEwpIHJldHVybigtMSk7CiAKLSAgICBpZiAoY3R4LT5kZXB0aCA+IDQwKSB7CisgICAgaWYgKChj dHgtPmRlcHRoID4gNDApIHx8IChjdHgtPm5iZW50aXRpZXMgPj0gNTAwMDAwKSkgewogCXJldHVy bihYTUxfRVJSX0VOVElUWV9MT09QKTsKICAgICB9CiAKQEAgLTExNjgxLDcgKzExNzE4LDggQEAK ICAgICB4bWxDaGFyIHN0YXJ0WzRdOwogICAgIHhtbENoYXJFbmNvZGluZyBlbmM7CiAKLSAgICBp ZiAoZGVwdGggPiA0MCkgeworICAgIGlmICgoZGVwdGggPiA0MCkgfHwKKyAgICAgICAgKChvbGRj dHh0ICE9IE5VTEwpICYmIChvbGRjdHh0LT5uYmVudGl0aWVzID49IDUwMDAwMCkpKSB7CiAJcmV0 dXJuKFhNTF9FUlJfRU5USVRZX0xPT1ApOwogICAgIH0KIApAQCAtMTE4MjQsNiArMTE4NjIsNyBA QAogICAgIG9sZGN0eHQtPm5vZGVfc2VxLm1heGltdW0gPSBjdHh0LT5ub2RlX3NlcS5tYXhpbXVt OwogICAgIG9sZGN0eHQtPm5vZGVfc2VxLmxlbmd0aCA9IGN0eHQtPm5vZGVfc2VxLmxlbmd0aDsK ICAgICBvbGRjdHh0LT5ub2RlX3NlcS5idWZmZXIgPSBjdHh0LT5ub2RlX3NlcS5idWZmZXI7Cisg ICAgb2xkY3R4dC0+bmJlbnRpdGllcyArPSBjdHh0LT5uYmVudGl0aWVzOwogICAgIGN0eHQtPm5v ZGVfc2VxLm1heGltdW0gPSAwOwogICAgIGN0eHQtPm5vZGVfc2VxLmxlbmd0aCA9IDA7CiAgICAg Y3R4dC0+bm9kZV9zZXEuYnVmZmVyID0gTlVMTDsKQEAgLTExOTI0LDcgKzExOTYzLDcgQEAKICAg ICBpbnQgc2l6ZTsKICAgICB4bWxQYXJzZXJFcnJvcnMgcmV0ID0gWE1MX0VSUl9PSzsKIAotICAg IGlmIChvbGRjdHh0LT5kZXB0aCA+IDQwKSB7CisgICAgaWYgKChvbGRjdHh0LT5kZXB0aCA+IDQw KSB8fCAob2xkY3R4dC0+bmJlbnRpdGllcyA+PSA1MDAwMDApKSB7CiAJcmV0dXJuKFhNTF9FUlJf RU5USVRZX0xPT1ApOwogICAgIH0KIApAQCAtMTIwNDgsNiArMTIwODcsNyBAQAogICAgICAgICBj dHh0LT5teURvYy0+bGFzdCA9IGxhc3Q7CiAgICAgfQogCQorICAgIG9sZGN0eHQtPm5iZW50aXRp ZXMgKz0gY3R4dC0+bmJlbnRpdGllczsKICAgICBjdHh0LT5zYXggPSBvbGRzYXg7CiAgICAgY3R4 dC0+ZGljdCA9IE5VTEw7CiAgICAgY3R4dC0+YXR0c0RlZmF1bHQgPSBOVUxMOwpAQCAtMTMzNjMs NiArMTM0MDMsNyBAQAogICAgIGN0eHQtPmRlcHRoID0gMDsKICAgICBjdHh0LT5jaGFyc2V0ID0g WE1MX0NIQVJfRU5DT0RJTkdfVVRGODsKICAgICBjdHh0LT5jYXRhbG9ncyA9IE5VTEw7CisgICAg Y3R4dC0+bmJlbnRpdGllcyA9IDA7CiAgICAgeG1sSW5pdE5vZGVJbmZvU2VxKCZjdHh0LT5ub2Rl X3NlcSk7CiAKICAgICBpZiAoY3R4dC0+YXR0c0RlZmF1bHQgIT0gTlVMTCkgewotLS0gbGlieG1s Mi0yLjYuMzIuZGZzZy5vcmlnL2luY2x1ZGUvbGlieG1sL3BhcnNlci5oCisrKyBsaWJ4bWwyLTIu Ni4zMi5kZnNnL2luY2x1ZGUvbGlieG1sL3BhcnNlci5oCkBAIC0yOTcsNiArMjk3LDcgQEAKICAg ICAgKi8KICAgICB4bWxFcnJvciAgICAgICAgICBsYXN0RXJyb3I7CiAgICAgeG1sUGFyc2VyTW9k ZSAgICAgcGFyc2VNb2RlOyAgICAvKiB0aGUgcGFyc2VyIG1vZGUgKi8KKyAgICB1bnNpZ25lZCBs b25nICAgIG5iZW50aXRpZXM7ICAgIC8qIG51bWJlciBvZiBlbnRpdGllcyByZWZlcmVuY2VzICov CiB9OwogCiAvKioKLS0tIGxpYnhtbDItMi42LjMyLmRmc2cub3JpZy9wYXJzZXJJbnRlcm5hbHMu YworKysgbGlieG1sMi0yLjYuMzIuZGZzZy9wYXJzZXJJbnRlcm5hbHMuYwpAQCAtMTY2OSw2ICsx NjY5LDcgQEAKICAgICBjdHh0LT5kZXB0aCA9IDA7CiAgICAgY3R4dC0+Y2hhcnNldCA9IFhNTF9D SEFSX0VOQ09ESU5HX1VURjg7CiAgICAgY3R4dC0+Y2F0YWxvZ3MgPSBOVUxMOworICAgIGN0eHQt Pm5iZW50aXRpZXMgPSAwOwogICAgIHhtbEluaXROb2RlSW5mb1NlcSgmY3R4dC0+bm9kZV9zZXEp OwogICAgIHJldHVybigwKTsKIH0K