[3.3] libxml2: out-of-bounds read in htmlParseNameComplex() (CVE-2016-2073)
libxml2 is vulnerable to a heap-based buffer overflow, caused by an
out-of-bounds read in the htmlParseNameComplex() function.
By persuading a victim to open a specially crafted XML file, a remote
attacker could overflow a buffer and execute arbitrary code on the
system or cause the application to crash.
Currently there is no known patch available for this issue.
References:
http://www.openwall.com/lists/oss-security/2016/01/25/6
(from redmine: issue id 5441, created on 2016-04-19, closed on 2016-06-15)
- Relations:
- parent #5439 (closed)
- Changesets:
- Revision b3cf54c1 by Natanael Copa on 2016-06-14T10:05:53Z:
main/libxml2: security upgrade to 2.9.4
Fixes:
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-2073 (NOTE: same fix as CVE-2016-1839)
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
fixes #5441
(cherry picked from commit 8aa7dd816ba978268e23e1e87cd0942e65be872c)
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>