Diffusion FreeBSD ports repository 83889bd6875d

textproc/libxml2: add upstream fix for CVE-2021-3541
83889bd6875d
Actions

Description

textproc/libxml2: add upstream fix for CVE-2021-3541

This is relapted to parameter entities expansion and following
the line of the billion laugh attack. Somehow in that path the
counting of parameters was missed and the normal algorithm based
on entities "density" was useless.

PR: 256094
Obtained from: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
Security: CVE-2021-3541

Details

Provenance

yasu	Authored on May 23 2021, 2:27 PM
tcberner	Committed on May 23 2021, 2:31 PM

Parents

R11:b185a2b866b8: sysutils/azure-agent: Update to 2.2.54.2

Branches

Unknown

Tags

Unknown

Event Timeline

tcberner committed R11:83889bd6875d: textproc/libxml2: add upstream fix for CVE-2021-3541 (authored by yasu).May 23 2021, 2:31 PM

tcberner mentioned this in R11:d1aa619eee6b: textproc/libxml2: add upstream fix for CVE-2021-3541.May 23 2021, 2:36 PM

Changes (2)

Path

Size

textproc/

libxml2/

Makefile

files/

patch-CVE-2021-3541

R11:83889bd6875d

View Options

textproc/libxml2/Makefile