...
 
Commits (2)
  • William Blough's avatar
    Fix CVE-2017-12627 · fcec2861
    William Blough authored
    Fix CVE-2017-12627: Alberto Garcia, Francisco Oca and Suleman Ali of
      Offensive Research discovered that the Xerces-C XML parser mishandles
      certain kinds of external DTD references, resulting in dereference of a
      NULL pointer while processing the path to the DTD. The bug allows for a
      denial of service attack in applications that allow DTD processing and do
      not prevent external DTD usage, and could conceivably result in remote code
      execution.
    fcec2861
  • William Blough's avatar
    Fix sse2 regression (bug 895068) · 1002fe01
    William Blough authored
    1002fe01
xerces-c (3.1.4+debian-2+deb9u1) stretch; urgency=medium
* Fix CVE-2017-12627: Alberto Garcia, Francisco Oca and Suleman Ali of
Offensive Research discovered that the Xerces-C XML parser mishandles
certain kinds of external DTD references, resulting in dereference of a
NULL pointer while processing the path to the DTD. The bug allows for a
denial of service attack in applications that allow DTD processing and do
not prevent external DTD usage, and could conceivably result in remote code
execution.
* Fix a regression that forced gcc to use SSE2, even on platforms that do not
support it (e.g., i386). This caused program crashes due to invalid CPU
instructions.
-- William Blough <devel@blough.us> Thu, 26 Apr 2018 00:35:59 -0400
xerces-c (3.1.4+debian-2) unstable; urgency=medium
* Fix AC_LANG_SOURCE warnings.
......
From: Markus Koschany <apo@debian.org>
Date: Thu, 29 Mar 2018 20:58:48 +0200
Subject: CVE-2017-12627
Origin: https://svn.apache.org/viewvc?view=revision&revision=1819998
Upstream-Advisory: https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt
---
src/xercesc/util/PlatformUtils.cpp | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/xercesc/util/PlatformUtils.cpp b/src/xercesc/util/PlatformUtils.cpp
index eee1dc5..39c71ac 100644
--- a/src/xercesc/util/PlatformUtils.cpp
+++ b/src/xercesc/util/PlatformUtils.cpp
@@ -920,7 +920,10 @@ XMLCh* XMLPlatformUtils::weavePaths(const XMLCh* const basePath
XMLString::subString(tmpBuf, basePath, 0, (basePtr - basePath + 1), manager);
tmpBuf[basePtr - basePath + 1] = 0;
- XMLString::catString(tmpBuf, relativePath);
+ if (relativePath)
+ {
+ XMLString::catString(tmpBuf, relativePath);
+ }
removeDotSlash(tmpBuf, manager);
psviwriter_strrchr_fix
fix_fprintf_warnings.diff
fix_ac_lang_source_warnings
CVE-2017-12627.patch
......@@ -15,7 +15,10 @@ endif
dh $@ --with autoreconf
override_dh_auto_configure:
dh_auto_configure -- --disable-pretty-make --enable-netaccessor-curl
dh_auto_configure -- --disable-pretty-make --enable-netaccessor-curl --disable-sse2
# Note: This disables explicit passing of -msse2 to gcc. It does not
# actually disable sse2 extensions for platforms such as x86_64
# (amd64) which enable sse2 extensions by default.
override_dh_compress:
dh_compress -plibxerces-c-dev -Xexamples
......