From 656ac299136518d05330adcc39fba4b05e4716c5 Mon Sep 17 00:00:00 2001
From: David King <dking@redhat.com>
Date: Mon, 18 May 2026 09:44:37 +0100
Subject: [PATCH] Fix CVE-2024-34459 (RHEL-36782)

Resolves: RHEL-36782
---
 libxml2-2.12.5-CVE-2024-34459.patch | 28 ++++++++++++++++++++++++++++
 libxml2.spec                        |  7 ++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 libxml2-2.12.5-CVE-2024-34459.patch

diff --git a/libxml2-2.12.5-CVE-2024-34459.patch b/libxml2-2.12.5-CVE-2024-34459.patch
new file mode 100644
index 0000000..8935501
--- /dev/null
+++ b/libxml2-2.12.5-CVE-2024-34459.patch
@@ -0,0 +1,28 @@
+From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 8 May 2024 11:49:31 +0200
+Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`
+
+Add a missing bounds check.
+
+Fixes #720.
+---
+ xmllint.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xmllint.c b/xmllint.c
+index b2afbe969..35c328578 100644
+--- a/xmllint.c
++++ b/xmllint.c
+@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
+     len = strlen(buffer);
+     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
+     cur = input->cur;
+-    while ((*cur == '\n') || (*cur == '\r'))
++    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
+ 	cur--;
+     n = 0;
+     while ((cur != base) && (n++ < 80)) {
+-- 
+GitLab
+
diff --git a/libxml2.spec b/libxml2.spec
index b590f2d..669c5a7 100644
--- a/libxml2.spec
+++ b/libxml2.spec
@@ -1,6 +1,6 @@
 Name:           libxml2
 Version:        2.12.5
-Release:        10%{?dist}
+Release:        11%{?dist}
 Summary:        Library providing XML and HTML support
 
 # list.c, dict.c and few others use ISC-Veillard
@@ -39,6 +39,8 @@ Patch9:         libxml2-2.12.5-CVE-2025-32415.patch
 Patch10:        libxml2-2.12.5-CVE-2025-32414.patch
 # https://issues.redhat.com/browse/RHEL-126768
 Patch11:        libxml2-2.12.5-xmllint-error-code.patch
+# https://redhat.atlassian.net/browse/RHEL-36782
+Patch12:        libxml2-2.12.5-CVE-2024-34459.patch
 
 BuildRequires:  cmake-rpm-macros
 BuildRequires:  gcc
@@ -179,6 +181,9 @@ popd
 %{python3_sitelib}/__pycache__/drv_libxml2.*
 
 %changelog
+* Mon May 18 2026 David King <dking@redhat.com> - 2.12.5-11
+- Fix CVE-2024-34459 (RHEL-36782)
+
 * Mon Jan 26 2026 David King <dking@redhat.com> - 2.12.5-10
 - Fix xmllint error code (RHEL-126768)