diff --git a/libxml2-2.12.5-CVE-2025-32415.patch b/libxml2-2.12.5-CVE-2025-32415.patch new file mode 100644 index 0000000..295dbb4 --- /dev/null +++ b/libxml2-2.12.5-CVE-2025-32415.patch @@ -0,0 +1,38 @@ +From 384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 6 Apr 2025 12:41:11 +0200 +Subject: [PATCH] [CVE-2025-32415] schemas: Fix heap buffer overflow in + xmlSchemaIDCFillNodeTables + +Don't use local variable which could contain a stale value. + +Fixes #890. +--- + xmlschemas.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index e35c117ef..4bdabd129 100644 +--- a/xmlschemas.c ++++ b/xmlschemas.c +@@ -23324,7 +23324,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, + j++; + } while (j < nbDupls); + } +- if (nbNodeTable) { ++ if (bind->nbNodes) { + j = 0; + do { + if (nbFields == 1) { +@@ -23375,7 +23375,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, + + next_node_table_entry: + j++; +- } while (j < nbNodeTable); ++ } while (j < bind->nbNodes); + } + /* + * If everything is fine, then add the IDC target-node to +-- +GitLab + diff --git a/libxml2.spec b/libxml2.spec index 3ec6808..b25df7b 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,6 +1,6 @@ Name: libxml2 Version: 2.12.5 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Library providing XML and HTML support # list.c, dict.c and few others use ISC-Veillard @@ -33,6 +33,8 @@ Patch6: libxml2-2.12.5-CVE-2025-49794.patch Patch7: libxml2-2.12.5-CVE-2025-49795.patch # https://issues.redhat.com/browse/RHEL-102794 Patch8: libxml2-2.12.5-CVE-2025-7425.patch +# https://issues.redhat.com/browse/RHEL-100174 +Patch9: libxml2-2.12.5-CVE-2025-32415.patch BuildRequires: cmake-rpm-macros BuildRequires: gcc @@ -173,6 +175,9 @@ popd %{python3_sitelib}/__pycache__/drv_libxml2.* %changelog +* Tue Aug 05 2025 David King - 2.12.5-9 +- Fix CVE-2025-32415 (RHEL-100174) + * Mon Jul 21 2025 David King - 2.12.5-8 - Fix CVE-2025-7425 (RHEL-102794)