Control: tags 974664 + patch Control: tags 974664 + pending
Dear maintainer, I've prepared an NMU for raptor2 (versioned as 2.0.14-1.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards, Salvatore
diff -Nru raptor2-2.0.14/debian/changelog raptor2-2.0.14/debian/changelog --- raptor2-2.0.14/debian/changelog 2020-11-06 22:08:54.000000000 +0100 +++ raptor2-2.0.14/debian/changelog 2021-01-02 11:14:00.000000000 +0100 @@ -1,3 +1,11 @@ +raptor2 (2.0.14-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Malformed input file can lead to a segfault (CVE-2020-25713) + (Closes: #974664) + + -- Salvatore Bonaccorso <car...@debian.org> Sat, 02 Jan 2021 11:14:00 +0100 + raptor2 (2.0.14-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch --- raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch 1970-01-01 01:00:00.000000000 +0100 +++ raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch 2021-01-02 11:14:00.000000000 +0100 @@ -0,0 +1,33 @@ +From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caol...@redhat.com> +Date: Tue, 24 Nov 2020 10:30:20 +0000 +Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a + segfault + +due to an out of bounds array access in +raptor_xml_writer_start_element_common + +See: +https://bugs.mageia.org/show_bug.cgi?id=27605 +https://www.openwall.com/lists/oss-security/2020/11/13/1 +https://gerrit.libreoffice.org/c/core/+/106249 +--- + src/raptor_xml_writer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c +index 56993dc3..4426d38c 100644 +--- a/src/raptor_xml_writer.c ++++ b/src/raptor_xml_writer.c +@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + + /* check it wasn't an earlier declaration too */ + for(j = 0; j < nspace_declarations_count; j++) +- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) { ++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) { + declare_me = 0; + break; + } +-- +2.28.0 + diff -Nru raptor2-2.0.14/debian/patches/series raptor2-2.0.14/debian/patches/series --- raptor2-2.0.14/debian/patches/series 2020-11-06 22:08:54.000000000 +0100 +++ raptor2-2.0.14/debian/patches/series 2021-01-02 11:14:00.000000000 +0100 @@ -1 +1,2 @@ Calcualte-max-nspace-declarations-correctly-for-XML-.patch +CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
