diff --git a/libxml2-2.9.7-CVE-2024-25062.patch b/libxml2-2.9.7-CVE-2024-25062.patch new file mode 100644 index 0000000..936004d --- /dev/null +++ b/libxml2-2.9.7-CVE-2024-25062.patch @@ -0,0 +1,29 @@ +From b9d4ab2fd6b7da380edab777a0414ef254804f0d Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sat, 14 Oct 2023 22:45:54 +0200 +Subject: [PATCH] [CVE-2024-25062] xmlreader: Don't expand XIncludes when + backtracking + +Fixes a use-after-free if XML Reader if used with DTD validation and +XInclude expansion. + +Fixes #604. +--- + xmlreader.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/xmlreader.c b/xmlreader.c +index 34c4c6bc..8f2f9131 100644 +--- a/xmlreader.c ++++ b/xmlreader.c +@@ -1511,6 +1511,7 @@ node_found: + * Handle XInclude if asked for + */ + if ((reader->xinclude) && (reader->node != NULL) && ++ (reader->state != XML_TEXTREADER_BACKTRACK) && + (reader->node->type == XML_ELEMENT_NODE) && + (reader->node->ns != NULL) && + ((xmlStrEqual(reader->node->ns->href, XINCLUDE_NS)) || +-- +2.44.0 + diff --git a/libxml2.spec b/libxml2.spec index 4007dcc..f44d626 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -7,7 +7,7 @@ Name: libxml2 Version: 2.9.7 -Release: 18%{?dist} +Release: 18%{?dist}.1 Summary: Library providing XML and HTML support License: MIT @@ -62,6 +62,8 @@ Patch22: libxml2-2.9.13-CVE-2023-28484.2.patch Patch23: libxml2-2.9.7-CVE-2023-29469.patch # https://issues.redhat.com/browse/RHEL-5179 Patch24: libxml2-2.11.0-fix-CVE-2023-39615.patch +# https://issues.redhat.com/browse/RHEL-31056 +Patch25: libxml2-2.9.7-CVE-2024-25062.patch BuildRequires: gcc BuildRequires: cmake-rpm-macros @@ -233,6 +235,9 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz %{python3_sitearch}/libxml2mod.so %changelog +* Mon Apr 29 2024 David King - 2.9.7-18.1 +- Fix CVE-2024-25062 (RHEL-31056) + * Thu Sep 14 2023 David King - 2.9.7-18 - Fix CVE-2023-39615 (RHEL-5179)