Merge branch '5644-confidential-issue-patch-13-4' into '13-4-stable'

Update libxml2 to version 2.9.10 See merge request gitlab-org/security/omnibus-gitlab!52

Merge branch '5644-confidential-issue-patch-13-4' into '13-4-stable'
ad628432 · GitLab Release Tools Bot · e8c33a34 · 95837045 · ad628432 · ad628432
Commit ad628432 authored 4 years ago by GitLab Release Tools Bot
--- a/changelogs/unreleased/5644-confidential-issue.yml
+++ b/changelogs/unreleased/5644-confidential-issue.yml
+---
+title: Update libxml2 to version 2.9.10
+merge_request:
+author:
+type: security
--- a/config/patches/libxml2/50f06b3efb638efb0abd95dc62dca05ae67882c2.patch
+++ b/config/patches/libxml2/50f06b3efb638efb0abd95dc62dca05ae67882c2.patch
+From 50f06b3efb638efb0abd95dc62dca05ae67882c2 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Fri, 7 Aug 2020 21:54:27 +0200
+Subject: [PATCH] Fix out-of-bounds read with 'xmllint --htmlout'
+
+Make sure that truncated UTF-8 sequences don't cause an out-of-bounds
+array access.
+
+Thanks to @SuhwanSong and the Agency for Defense Development (ADD) for
+the report.
+
+Fixes #178.
+---
+ xmllint.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/xmllint.c b/xmllint.c
+index f6a8e4636..c647486f3 100644
+--- a/xmllint.c
+++ b/xmllint.c
+@@ -528,6 +528,12 @@ static void
+ xmlHTMLEncodeSend(void) {
+     char *result;
+
+    /*
+     * xmlEncodeEntitiesReentrant assumes valid UTF-8, but the buffer might
+     * end with a truncated UTF-8 sequence. This is a hack to at least avoid
+     * an out-of-bounds read.
+     */
+    memset(&buffer[sizeof(buffer)-4], 0, 4);
+     result = (char *) xmlEncodeEntitiesReentrant(NULL, BAD_CAST buffer);
+     if (result) {
+ 	xmlGenericError(xmlGenericErrorContext, "%s", result);
+--
+GitLab
\ No newline at end of file
--- a/config/software/libxml2.rb
+++ b/config/software/libxml2.rb
@@ -15,7 +15,7 @@
 #
  
 name 'libxml2'
-default_version '2.9.9'
+default_version '2.9.10'
  
 license 'MIT'
 license_file 'COPYING'
@@ -27,8 +27,8 @@ dependency 'libiconv'
 dependency 'liblzma'
 dependency 'config_guess'
  
-version '2.9.9' do
-  source md5: 'c04a5a0a042eaa157e8e8c9eabe76bd6'
+version '2.9.10' do
+  source sha256: 'aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f'
 end
  
 source url: "ftp://xmlsoft.org/libxml2/libxml2-#{version}.tar.gz"
@@ -38,6 +38,8 @@ relative_path "libxml2-#{version}"
 build do
  env = with_standard_compiler_flags(with_embedded_path)
  
+  patch source: '50f06b3efb638efb0abd95dc62dca05ae67882c2.patch', env: env
+
  configure_command = [
    "--with-zlib=#{install_dir}/embedded",
    "--with-iconv=#{install_dir}/embedded",