Dear security team, Please find attached the debdiffs for stable and oldstable to fix CVE-2009-3560 (Debian #560901).
Note, that CVE-2009-3720 seems to be equal to CVE-2009-2625, which was fixed in the last upload. So I added this reference to the Debian changelog too. If you don't like it, you can easily revert this change. Regards, Daniel
diff -u expat-1.95.8/debian/changelog expat-1.95.8/debian/changelog
--- expat-1.95.8/debian/changelog
+++ expat-1.95.8/debian/changelog
@@ -1,7 +1,14 @@
+expat (1.95.8-3.4+etch2) oldstable-security; urgency=medium
+
+ * NMU to old stable to fix security issues.
+ * CVE-2009-3560: Fix DoS vulnerability (closes: #560901).
+
+ -- Daniel Leidert (dale) <daniel.leid...@wgdd.de> Sun, 13 Dec 2009 12:08:13 +0100
+
expat (1.95.8-3.4+etch1) oldstable-security; urgency=medium
* NMU to old stable to fix security issues.
- * CVE-2009-2625: Fix DoS vulnerability (closes: #551936).
+ * CVE-2009-2625, CVE-2009-3720: Fix DoS vulnerability (closes: #551936).
-- Daniel Leidert (dale) <daniel.leid...@wgdd.de> Mon, 26 Oct 2009 15:21:49 +0100
only in patch2:
unchanged:
--- expat-1.95.8.orig/lib/xmlparse.c
+++ expat-1.95.8/lib/xmlparse.c
@@ -3637,7 +3637,6 @@
return XML_ERROR_NO_ELEMENTS;
default:
tok = -tok;
- next = end;
break;
}
}
diff -u expat-2.0.1/debian/changelog expat-2.0.1/debian/changelog
--- expat-2.0.1/debian/changelog
+++ expat-2.0.1/debian/changelog
@@ -1,9 +1,19 @@
+expat (2.0.1-4+lenny2) stable-security; urgency=medium
+
+ * Upload to stable to fix security issues.
+ * debian/patches/560901_CVE_2009_3560.dpatch: Added.
+ - lib/xmlparse.c (doProlog): Fix DoS vulnerability CVE-2009-3560 (closes:
+ #560901).
+ * debian/patches/00list: Adjusted.
+
+ -- Daniel Leidert (dale) <daniel.leid...@wgdd.de> Sun, 13 Dec 2009 12:01:05 +0100
+
expat (2.0.1-4+lenny1) stable-security; urgency=medium
* Upload to stable to fix security issues.
* debian/patches/551936_CVE_2009_2625.dpatch: Added.
- lib/xmltok_impl.c (updatePosition): Fix DoS vulnerability CVE-2009-2625
- (closes: #551936).
+ and CVE-2009-3720 (closes: #551936).
* debian/patches/00list: Adjusted.
-- Daniel Leidert (dale) <daniel.leid...@wgdd.de> Mon, 26 Oct 2009 15:13:25 +0100
diff -u expat-2.0.1/debian/patches/00list expat-2.0.1/debian/patches/00list
--- expat-2.0.1/debian/patches/00list
+++ expat-2.0.1/debian/patches/00list
@@ -6,0 +7 @@
+560901_CVE_2009_3560
only in patch2:
unchanged:
--- expat-2.0.1.orig/debian/patches/560901_CVE_2009_3560.dpatch
+++ expat-2.0.1/debian/patches/560901_CVE_2009_3560.dpatch
@@ -0,0 +1,28 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 560901_CVE_2009_3560.dpatch by Daniel Leidert (dale) <daniel.leid...@wgdd.de>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as
+## DP: used in the XML-Twig module for Perl, allows context-dependent attackers
+## DP: to cause a denial of service (application crash) via an XML document
+## DP: with malformed UTF-8 sequences that trigger a buffer over-read, related
+## DP: to the doProlog function in lib/xmlparse.c, a different vulnerability
+## DP: than CVE-2009-2625 and CVE-2009-3720.
+## DP:
+## DP: <URL:http://bugs.debian.org/560901>
+## DP: <URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560>
+## DP: <URL:http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165>
+## DP: <URL:http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165>
+
+...@dpatch@
+diff -urNad lenny~/lib/xmlparse.c lenny/lib/xmlparse.c
+--- lenny~/lib/xmlparse.c 2007-05-08 04:25:35.000000000 +0200
++++ lenny/lib/xmlparse.c 2009-12-13 11:39:18.671629559 +0100
+@@ -3725,7 +3725,6 @@
+ return XML_ERROR_NO_ELEMENTS;
+ default:
+ tok = -tok;
+- next = end;
+ break;
+ }
+ }
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
