[xml/sgml-pkgs] Bug#765770: libxml2 security update applied buggy patch later corrected by upstream

Gleim Publications NOC debian_bug_reports at gleim.com
Fri Oct 17 22:05:22 UTC 2014


Package: libxml2
Version: 2.8.0+dfsg1-7+nmu3
Severity: important

Dear Maintainer,

In the process of chasing strange errors in a pacemaker cluster,
I came across a bug introduced into the libxml2 packages by the
2.8.0+dfsg1-7+nmu3 security update.

That update applied a single-line patch to threads.c
(0007-Fix-pthread-memory-corruption.patch), intending to eliminate a
memory corruption issue. However, it actually introduced additional
memory corruption, by assigning non-static data to a structure member.
This was discussed in an upstream mailing list at:

https://mail.gnome.org/archives/xml/2012-September/msg00033.html

The patch described in that posting was included in upstream version
2.9.1. It was described in the 2.9.1 release notes as
"Fix a thread portability problem (Friedrich Haubensak),"
because the issue caused the Solaris compiler to refuse to compile,
but the memory corruption it introduced applies to all pthread-based
platforms including Debian.

-- System Information:
Debian Release: 7.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



More information about the debian-xml-sgml-pkgs mailing list