Bug#928227: unblock: golang-golang-x-net-dev/1:0.0+git20181201.351d144+dfsg-3

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#928227: unblock: golang-golang-x-net-dev/1:0.0+git20181201.351d144+dfsg-3
From: Drew Parsons <dparsons@debian.org>
Date: Tue, 30 Apr 2019 17:07:57 +0800
Message-id: <[🔎] 155661527720.11755.12946865232627914689.reportbug@grendel.emerall.com>
Reply-to: Drew Parsons <dparsons@debian.org>, 928227@bugs.debian.org
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package golang-golang-x-net-dev

Upstream has provided patches addressing security issues 
CVE-2018-17846 / CVE-2018-17847 / CVE-2018-17848
(Debian bug #911795).

This upload applies those patches.


$ debdiff  golang-golang-x-net-dev_0.0+git20181201.351d144+dfsg-2.dsc  golang-golang-x-net-dev_0.0+git20181201.351d144+dfsg-3.dsc
diff -Nru golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/changelog golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/changelog
--- golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/changelog	2018-12-14 21:56:28.000000000 +0800
+++ golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/changelog	2019-04-30 16:42:08.000000000 +0800
@@ -1,3 +1,13 @@
+golang-golang-x-net-dev (1:0.0+git20181201.351d144+dfsg-3) unstable; urgency=medium
+
+  * Team upload.
+  * Apply security patches (upstream commits). Closes: #911795.
+    - CVE-2018-17846: commit d26f9f9a57f3fab6a695bec0d84433c2c50f8bbf
+    - CVE-2018-17847, CVE-2018-17848:
+      commit 4b62a64f59f73840b9ab79204c94fee61cd1ba2c
+
+ -- Drew Parsons <dparsons@debian.org>  Tue, 30 Apr 2019 16:42:08 +0800
+
 golang-golang-x-net-dev (1:0.0+git20181201.351d144+dfsg-2) unstable; urgency=medium
 
   * Remove obsolete patch for s390. Closes: #916236.
diff -Nru golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17846_d26f9f9.patch golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17846_d26f9f9.patch
--- golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17846_d26f9f9.patch	1970-01-01 08:00:00.000000000 +0800
+++ golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17846_d26f9f9.patch	2019-04-30 16:42:08.000000000 +0800
@@ -0,0 +1,108 @@
+From d26f9f9a57f3fab6a695bec0d84433c2c50f8bbf Mon Sep 17 00:00:00 2001
+From: Kunpei Sakai <namusyaka@gmail.com>
+Date: Tue, 25 Sep 2018 22:55:50 +0900
+Subject: [PATCH] html: update inSelectIM and inSelectInTableIM for the latest
+ spec
+
+Fixes golang/go#27842
+
+Change-Id: I06eb3c0c18be3566bd30a29fca5f3f7e6791d2cc
+Reviewed-on: https://go-review.googlesource.com/c/137275
+Run-TryBot: Kunpei Sakai <namusyaka@gmail.com>
+TryBot-Result: Gobot Gobot <gobot@golang.org>
+Reviewed-by: Nigel Tao <nigeltao@golang.org>
+---
+ html/parse.go               | 28 ++++++++++++++++++++++------
+ html/parse_test.go          |  3 ++-
+ html/testdata/go/select.dat | 12 ++++++++++++
+ 3 files changed, 36 insertions(+), 7 deletions(-)
+ create mode 100644 html/testdata/go/select.dat
+
+diff --git a/html/parse.go b/html/parse.go
+index 64a57937..488e8d3c 100644
+--- a/html/parse.go
++++ b/html/parse.go
+@@ -1719,8 +1719,12 @@ func inSelectIM(p *parser) bool {
+ 			}
+ 			p.addElement()
+ 		case a.Select:
+-			p.tok.Type = EndTagToken
+-			return false
++			if p.popUntil(selectScope, a.Select) {
++				p.resetInsertionMode()
++			} else {
++				// Ignore the token.
++				return true
++			}
+ 		case a.Input, a.Keygen, a.Textarea:
+ 			if p.elementInScope(selectScope, a.Select) {
+ 				p.parseImpliedToken(EndTagToken, a.Select, a.Select.String())
+@@ -1750,6 +1754,9 @@ func inSelectIM(p *parser) bool {
+ 		case a.Select:
+ 			if p.popUntil(selectScope, a.Select) {
+ 				p.resetInsertionMode()
++			} else {
++				// Ignore the token.
++				return true
+ 			}
+ 		case a.Template:
+ 			return inHeadIM(p)
+@@ -1775,13 +1782,22 @@ func inSelectInTableIM(p *parser) bool {
+ 	case StartTagToken, EndTagToken:
+ 		switch p.tok.DataAtom {
+ 		case a.Caption, a.Table, a.Tbody, a.Tfoot, a.Thead, a.Tr, a.Td, a.Th:
+-			if p.tok.Type == StartTagToken || p.elementInScope(tableScope, p.tok.DataAtom) {
+-				p.parseImpliedToken(EndTagToken, a.Select, a.Select.String())
+-				return false
+-			} else {
++			if p.tok.Type == EndTagToken && !p.elementInScope(tableScope, p.tok.DataAtom) {
+ 				// Ignore the token.
+ 				return true
+ 			}
++			// This is like p.popUntil(selectScope, a.Select), but it also
++			// matches <math select>, not just <select>. Matching the MathML
++			// tag is arguably incorrect (conceptually), but it mimics what
++			// Chromium does.
++			for i := len(p.oe) - 1; i >= 0; i-- {
++				if n := p.oe[i]; n.DataAtom == a.Select {
++					p.oe = p.oe[:i]
++					break
++				}
++			}
++			p.resetInsertionMode()
++			return false
+ 		}
+ 	}
+ 	return inSelectIM(p)
+diff --git a/html/parse_test.go b/html/parse_test.go
+index 1c232c71..9bba918c 100644
+--- a/html/parse_test.go
++++ b/html/parse_test.go
+@@ -367,7 +367,8 @@ var renderTestBlacklist = map[string]bool{
+ 	`<script><!--<script </s`:                      true,
+ 	// Reconstructing the active formatting elements results in a <plaintext>
+ 	// element that contains an <a> element.
+-	`<!doctype html><p><a><plaintext>b`: true,
++	`<!doctype html><p><a><plaintext>b`:         true,
++	`<table><math><select><mi><select></table>`: true,
+ }
+ 
+ func TestNodeConsistency(t *testing.T) {
+diff --git a/html/testdata/go/select.dat b/html/testdata/go/select.dat
+new file mode 100644
+index 00000000..684554c8
+--- /dev/null
++++ b/html/testdata/go/select.dat
+@@ -0,0 +1,12 @@
++#data
++<table><math><select><mi><select></table>
++#errors
++#document
++| <html>
++|   <head>
++|   <body>
++|     <math math>
++|       <math select>
++|         <math mi>
++|           <select>
++|     <table>
diff -Nru golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17847_CVE-2018-17848_4b62a64.patch golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17847_CVE-2018-17848_4b62a64.patch
--- golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17847_CVE-2018-17848_4b62a64.patch	1970-01-01 08:00:00.000000000 +0800
+++ golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/CVE-2018-17847_CVE-2018-17848_4b62a64.patch	2019-04-30 16:42:08.000000000 +0800
@@ -0,0 +1,67 @@
+From 4b62a64f59f73840b9ab79204c94fee61cd1ba2c Mon Sep 17 00:00:00 2001
+From: Kunpei Sakai <namusyaka@gmail.com>
+Date: Fri, 25 Jan 2019 02:28:59 +0900
+Subject: [PATCH] html: make (*nodeStack)contains distinguish namespace
+
+By proceeding without distinguishing namespace, inconsistency will
+occur.
+This commit makes the method distinguish the HTML namespace.
+
+Fixes golang/go#27846
+
+Change-Id: I8269f670240c0fe31162a16fbe1ac23acacec00f
+Reviewed-on: https://go-review.googlesource.com/c/159397
+Run-TryBot: Kunpei Sakai <namusyaka@gmail.com>
+TryBot-Result: Gobot Gobot <gobot@golang.org>
+Reviewed-by: Nigel Tao <nigeltao@golang.org>
+---
+ html/node.go                  |  2 +-
+ html/testdata/go/template.dat | 25 +++++++++++++++++++++++++
+ 2 files changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/html/node.go b/html/node.go
+index 2c1cade6..633ee15d 100644
+--- a/html/node.go
++++ b/html/node.go
+@@ -177,7 +177,7 @@ func (s *nodeStack) index(n *Node) int {
+ // contains returns whether a is within s.
+ func (s *nodeStack) contains(a atom.Atom) bool {
+ 	for _, n := range *s {
+-		if n.DataAtom == a {
++		if n.DataAtom == a && n.Namespace == "" {
+ 			return true
+ 		}
+ 	}
+diff --git a/html/testdata/go/template.dat b/html/testdata/go/template.dat
+index 98481b9e..ceaf0229 100644
+--- a/html/testdata/go/template.dat
++++ b/html/testdata/go/template.dat
+@@ -35,3 +35,28 @@
+ |         <math mo>
+ |           <template>
+ |             content
++
++#data
++<svg><template><desc><t><svg></template>
++#errors
++#document
++| <html>
++|   <head>
++|   <body>
++|     <svg svg>
++|       <svg template>
++|         <svg desc>
++|           <t>
++|             <svg svg>
++
++#data
++<math><template><mn><b></template>
++#errors
++#document
++| <html>
++|   <head>
++|   <body>
++|     <math math>
++|       <math template>
++|         <math mn>
++|           <b>
diff -Nru golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/series golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/series
--- golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/series	1970-01-01 08:00:00.000000000 +0800
+++ golang-golang-x-net-dev-0.0+git20181201.351d144+dfsg/debian/patches/series	2019-04-30 16:42:08.000000000 +0800
@@ -0,0 +1,2 @@
+CVE-2018-17846_d26f9f9.patch
+CVE-2018-17847_CVE-2018-17848_4b62a64.patch



unblock golang-golang-x-net-dev/1:0.0+git20181201.351d144+dfsg-3

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Reply to:
Prev by Date: Re: Bug#924554: SUCCESS messages: significant behaviour change
Next by Date: Bug#928231: unblock: python-sievelib/1.1.1-2
Previous by thread: Bug#928223: unblock / pre approval: otrs2/6.0.16-2
Next by thread: Bug#928231: unblock: python-sievelib/1.1.1-2
Index(es):
- Date
- Thread