Bugzilla – Bug 1005544
VUL-0: CVE-2016-4658: libxml2: Use after free via namespace node in XPointer ranges
Last modified: 2021-11-11 14:45:10 UTC
rh#1384424 Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. Found with afl-fuzz. References: https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b (upstream commit) https://bugzilla.redhat.com/show_bug.cgi?id=1384424 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4658 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html
bugbot adjusting priority
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-11-09. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/63155
Please submit for openSUSE 13.2
SUSE-SU-2016:2650-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1005544 CVE References: CVE-2016-4658 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libxml2-2.9.1-26.3.1 SUSE Linux Enterprise Server 12-SP1 (src): libxml2-2.9.1-26.3.1, python-libxml2-2.9.1-26.3.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libxml2-2.9.1-26.3.1, python-libxml2-2.9.1-26.3.1
SUSE-SU-2016:2652-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1005544 CVE References: CVE-2016-4658 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): libxml2-2.7.6-0.50.1 SUSE Linux Enterprise Server 11-SP4 (src): libxml2-2.7.6-0.50.1, libxml2-python-2.7.6-0.50.4 SUSE Linux Enterprise Debuginfo 11-SP4 (src): libxml2-2.7.6-0.50.1, libxml2-python-2.7.6-0.50.4
This is an autogenerated message for OBS integration: This bug (1005544) was mentioned in https://build.opensuse.org/request/show/437474 13.2 / libxml2
openSUSE-SU-2016:2711-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1005544 CVE References: CVE-2016-4658 Sources used: openSUSE Leap 42.1 (src): libxml2-2.9.1-22.1, python-libxml2-2.9.1-22.1
openSUSE-SU-2016:2730-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1005544 CVE References: CVE-2016-4658 Sources used: openSUSE 13.2 (src): libxml2-2.9.4-7.20.1, python-libxml2-2.9.4-7.20.1
sle12 sp2 has a libxml2 fork and might need this update too.
SUSE-SU-2017:0380-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 1005544,1010675,1013930,1014873,1017497 CVE References: CVE-2016-4658,CVE-2016-9318,CVE-2016-9597 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): libxml2-2.9.4-33.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): libxml2-2.9.4-33.1, python-libxml2-2.9.4-33.1 SUSE Linux Enterprise Server 12-SP2 (src): libxml2-2.9.4-33.1, python-libxml2-2.9.4-33.1 SUSE Linux Enterprise Desktop 12-SP2 (src): libxml2-2.9.4-33.1, python-libxml2-2.9.4-33.1
openSUSE-SU-2017:0446-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 1005544,1010675,1013930,1014873,1017497 CVE References: CVE-2016-4658,CVE-2016-9318,CVE-2016-9597 Sources used: openSUSE Leap 42.2 (src): libxml2-2.9.4-3.1, python-libxml2-2.9.4-3.1
It seems that everything is fixed here. I'm reassigning it to the security-team. SLE-10-SP3:Update:Test/libxml2 #123492 SLE-11:Update/libxml2 Unnecessary SLE-11-SP1:Update/libxml2 #123000 SLE-12-SP2:Update/libxml2 #127071 SLE-12:Update/libxml2 #123002 Leap:42.1:Update Comes from SLE-12 Leap:42.2:Update Comes from SLE-12-SP2 openSUSE:Factory #477477
all reeased