gnu: libxslt: Add fix for CVE-2015-7995.

* gnu/packages/patches/libxslt-CVE-2015-7995.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxslt)[source]: Add patch.
This commit is contained in:
Mark H Weaver 2015-11-15 14:46:33 -05:00
parent ee6bb0cc76
commit b4a88dc25f
3 changed files with 32 additions and 1 deletions

View File

@ -590,6 +590,7 @@ dist_patch_DATA = \
gnu/packages/patches/libxml2-id-attrs-in-xmlSetTreeDoc.patch \
gnu/packages/patches/libxml2-node-sort-order-pt1.patch \
gnu/packages/patches/libxml2-node-sort-order-pt2.patch \
gnu/packages/patches/libxslt-CVE-2015-7995.patch \
gnu/packages/patches/lirc-localstatedir.patch \
gnu/packages/patches/libpthread-glibc-preparation.patch \
gnu/packages/patches/lm-sensors-hwmon-attrs.patch \

View File

@ -0,0 +1,29 @@
From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Thu, 29 Oct 2015 19:33:23 +0800
Subject: [PATCH] Fix for type confusion in preprocessing attributes
CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
We need to check that the parent node is an element before dereferencing
its namespace
---
libxslt/preproc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libxslt/preproc.c b/libxslt/preproc.c
index 0eb80a0..7f69325 100644
--- a/libxslt/preproc.c
+++ b/libxslt/preproc.c
@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) {
} else if (IS_XSLT_NAME(inst, "attribute")) {
xmlNodePtr parent = inst->parent;
- if ((parent == NULL) || (parent->ns == NULL) ||
+ if ((parent == NULL) ||
+ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
((parent->ns != inst->ns) &&
(!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
--
2.6.3

View File

@ -150,7 +150,8 @@ project (but it is usable outside of the Gnome platform).")
version ".tar.gz"))
(sha256
(base32
"13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz"))))
"13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz"))
(patches (list (search-patch "libxslt-CVE-2015-7995.patch")))))
(build-system gnu-build-system)
(home-page "http://xmlsoft.org/XSLT/index.html")
(synopsis "C library for applying XSLT stylesheets to XML documents")