Fix CVE-2017-7376: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376 https://security-tracker.debian.org/tracker/CVE-2017-7376 Patch copied from upstream source repository: https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e From 5dca9eea1bd4263bfa4d037ab2443de1cd730f7e Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Fri, 7 Apr 2017 17:13:28 +0200 Subject: [PATCH] Increase buffer space for port in HTTP redirect support For https://bugzilla.gnome.org/show_bug.cgi?id=780690 nanohttp.c: the code wrongly assumed a short int port value. --- nanohttp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nanohttp.c b/nanohttp.c index e109ad75..373425de 100644 --- a/nanohttp.c +++ b/nanohttp.c @@ -1423,9 +1423,9 @@ retry: if (ctxt->port != 80) { /* reserve space for ':xxxxx', incl. potential proxy */ if (proxy) - blen += 12; + blen += 17; else - blen += 6; + blen += 11; } bp = (char*)xmlMallocAtomic(blen); if ( bp == NULL ) { -- 2.14.1