Subject: CVS commit: pkgsrc/textproc/libxml2
From: Tim Zingelman
Date: 2017-06-21 02:23:24
Message id: 20170621002324.2D00EFAE8@cvs.NetBSD.org

Log Message:
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 (CVE-2017-9047) and bug 781701 (CVE-2017-9048).
From: \ 
https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74

There were two bugs where parameter-entity references could lead to an
unexpected change of the input buffer in xmlParseNameComplex and
xmlDictLookup being called with an invalid pointer.

Percent sign in DTD Names
=========================
This fixes bug 766956 initially reported by Wei Lei and independently by
Chromium's ClusterFuzz, Hanno Böck, and Marco Grassi. Thanks to everyone
involved.

xmlParseNameComplex with XML_PARSE_OLD10
========================================
This fixes bugs 781205 (CVE-2017-9049) and 781361 (CVE-2017-9050).
Thanks to Marcel Böhme and Thuan Pham for the report.

Additional hardening
====================
A separate check was added in xmlParseNameComplex to validate the
buffer size.

From: \ 
https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3

Files:
RevisionActionfile
1.145modifypkgsrc/textproc/libxml2/Makefile
1.116modifypkgsrc/textproc/libxml2/distinfo
1.2modifypkgsrc/textproc/libxml2/patches/patch-valid.c
1.3addpkgsrc/textproc/libxml2/patches/patch-parser.c