Commit 1e15f8d4 authored by Salvatore Bonaccorso's avatar Salvatore Bonaccorso Committed by William Blough

Import Debian changes 3.1.1-5.1+deb8u2

xerces-c (3.1.1-5.1+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * CVE-2016-2099: Use-after-free in heap on specially crafted XML input
    (Closes: #823863)
parent 8a74d5e5
xerces-c (3.1.1-5.1+deb8u2) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2016-2099: Use-after-free in heap on specially crafted XML input
(Closes: #823863)
-- Salvatore Bonaccorso <carnil@debian.org> Sat, 14 May 2016 05:45:10 +0200
xerces-c (3.1.1-5.1+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
......
Description: CVE-2016-2099: Use-after-free in heap on specially crafted XML input
Origin: upstream, https://issues.apache.org/jira/browse/XERCESC-2066
Bug: https://issues.apache.org/jira/browse/XERCESC-2066
Bug-Debian: https://bugs.debian.org/823863
Forwarded: not-needed
Author: Salvatore Bonaccorso <carnil@debian.org>
Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2016-05-14
---
--- a/src/xercesc/validators/DTD/DTDScanner.cpp
+++ b/src/xercesc/validators/DTD/DTDScanner.cpp
@@ -2509,7 +2509,15 @@ void DTDScanner::scanExtSubsetDecl(const
{
while (true)
{
- const XMLCh nextCh = fReaderMgr->peekNextChar();
+ XMLCh nextCh;
+
+ try {
+ nextCh = fReaderMgr->peekNextChar();
+ }
+ catch (XMLException& ex) {
+ fScanner->emitError(XMLErrs::XMLException_Fatal, ex.getCode(), ex.getMessage(), NULL, NULL);
+ nextCh = chNull;
+ }
if (!nextCh)
{
hurd-path-max.patch
CVE-2015-0252.patch
CVE-2016-0729.patch
CVE-2016-2099.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment