[libxml-libxml-perl] 01/02: Add CVE-2015-3451.patch patch
Salvatore Bonaccorso
carnil at debian.org
Fri May 1 12:47:17 UTC 2015
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch wheezy
in repository libxml-libxml-perl.
commit 9e3c36263f80395c6d8c794788acc24f8533408b
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Fri May 1 13:47:24 2015 +0200
Add CVE-2015-3451.patch patch
CVE-2015-3451: expand_entities set to 0 is not preserved after a
_clone() call.
Closes: #783443
---
debian/patches/CVE-2015-3451.patch | 80 ++++++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 81 insertions(+)
diff --git a/debian/patches/CVE-2015-3451.patch b/debian/patches/CVE-2015-3451.patch
new file mode 100644
index 0000000..f12433d
--- /dev/null
+++ b/debian/patches/CVE-2015-3451.patch
@@ -0,0 +1,80 @@
+Description: Fix CVE-2015-3451: expand_entities set to 0 is not preserved after a _clone() call
+Origin: upstream, https://bitbucket.org/shlomif/perl-xml-libxml/commits/5962fd067580767777e94640b129ae8930a68a30,
+ https://bitbucket.org/shlomif/perl-xml-libxml/commits/915f1dbaf21c5f3c21d7c519c70fd93859e47152
+Bug-Debian: https://bugs.debian.org/783443
+Forwarded: not-needed
+Author: Shlomi Fish <shlomif at shlomifish.org>
+Last-Update: 2015-05-01
+Applied-Upstream: 2.0120
+
+--- a/LibXML.pm
++++ b/LibXML.pm
+@@ -392,8 +392,11 @@ sub _clone {
+ line_nubers => $self->{XML_LIBXML_LINENUMBERS},
+ base_uri => $self->{XML_LIBXML_BASE_URI},
+ gdome => $self->{XML_LIBXML_GDOME},
+- set_parser_flags => $self->{XML_LIBXML_PARSER_OPTIONS},
+ });
++ # The parser options may contain some options that were zeroed from the
++ # defaults so set_parser_flags won't work here. We need to assign them
++ # explicitly.
++ $new->{XML_LIBXML_PARSER_OPTIONS} = $self->{XML_LIBXML_PARSER_OPTIONS};
+ $new->input_callbacks($self->input_callbacks());
+ return $new;
+ }
+--- a/t/43options.t
++++ b/t/43options.t
+@@ -3,7 +3,7 @@
+ use strict;
+ use warnings;
+
+-use Test::More tests => 289;
++use Test::More tests => 290;
+
+ use XML::LibXML;
+
+@@ -125,6 +125,44 @@ no_network
+ }
+
+ {
++ my $XML = <<'EOT';
++<?xml version="1.0" encoding="UTF-8"?>
++<!DOCTYPE title [ <!ELEMENT title ANY >
++<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
++<rss version="2.0">
++<channel>
++ <link>example.com</link>
++ <description>XXE</description>
++ <item>
++ <title>&xxe;</title>
++ <link>example.com</link>
++ <description>XXE here</description>
++ </item>
++</channel>
++</rss>
++EOT
++
++ my $sys_line = <<'EOT';
++<title>&xxe;</title>
++EOT
++
++ chomp ($sys_line);
++
++ my $parser = XML::LibXML->new(
++ expand_entities => 0,
++ load_ext_dtd => 0,
++ no_network => 1,
++ expand_xinclude => 0,
++ );
++ my $XML_DOC = $parser->load_xml( string => $XML, );
++
++ # TEST
++ ok (scalar($XML_DOC->toString() =~ m{\Q$sys_line\E}),
++ "expand_entities is preserved after _clone()/etc."
++ );
++}
++
++{
+ my $p = XML::LibXML->new(map { $_=>1 } @all);
+ for my $opt (@all) {
+ # TEST*$all
diff --git a/debian/patches/series b/debian/patches/series
index 770c395..fd61da0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
fix-spelling-errors.patch
+CVE-2015-3451.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libxml-libxml-perl.git
More information about the Pkg-perl-cvs-commits
mailing list