[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1004055: buster-pu: package raptor2/2.0.14-1.1~deb10u2

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
The attached debdiff for raptor2 fixes CVE-2020-25713 in Buster. This CVE is marked as no-dsa by the security team. 

The same patch is uploaded to Stretch already and nobody complained yet.

  Thorsten
diff -Nru raptor2-2.0.14/debian/changelog raptor2-2.0.14/debian/changelog
--- raptor2-2.0.14/debian/changelog	2020-11-06 22:46:38.000000000 +0100
+++ raptor2-2.0.14/debian/changelog	2021-12-27 22:03:02.000000000 +0100
@@ -1,3 +1,11 @@
+raptor2 (2.0.14-1.1~deb10u2) buster; urgency=high
+
+  * Non-maintainer upload by the LTS Team.
+  * CVE-2020-25713
+    Malformed input file can lead to a segfault.
+
+ -- Thorsten Alteholz <debian@alteholz.de>  Mon, 27 Dec 2021 22:03:02 +0100
+
 raptor2 (2.0.14-1.1~deb10u1) buster-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
--- raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch	1970-01-01 01:00:00.000000000 +0100
+++ raptor2-2.0.14/debian/patches/CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch	2021-12-27 22:03:02.000000000 +0100
@@ -0,0 +1,30 @@
+From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Tue, 24 Nov 2020 10:30:20 +0000
+Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a
+ segfault
+
+due to an out of bounds array access in
+raptor_xml_writer_start_element_common
+
+See:
+https://bugs.mageia.org/show_bug.cgi?id=27605
+https://www.openwall.com/lists/oss-security/2020/11/13/1
+https://gerrit.libreoffice.org/c/core/+/106249
+---
+ src/raptor_xml_writer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: raptor2-2.0.14/src/raptor_xml_writer.c
+===================================================================
+--- raptor2-2.0.14.orig/src/raptor_xml_writer.c	2021-12-29 23:35:29.272438731 +0100
++++ raptor2-2.0.14/src/raptor_xml_writer.c	2021-12-29 23:35:29.272438731 +0100
+@@ -221,7 +221,7 @@
+           
+           /* check it wasn't an earlier declaration too */
+           for(j = 0; j < nspace_declarations_count; j++)
+-            if(nspace_declarations[j].nspace == element->attributes[j]->nspace) {
++            if(nspace_declarations[j].nspace == element->attributes[i]->nspace) {
+               declare_me = 0;
+               break;
+             }
diff -Nru raptor2-2.0.14/debian/patches/series raptor2-2.0.14/debian/patches/series
--- raptor2-2.0.14/debian/patches/series	2020-11-06 22:46:38.000000000 +0100
+++ raptor2-2.0.14/debian/patches/series	2021-12-27 22:03:02.000000000 +0100
@@ -1 +1,2 @@
 Calcualte-max-nspace-declarations-correctly-for-XML-.patch
+CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
Reply to: