diff --git a/0003-fix-cve-CVE-2024-55549-1.patch b/0003-fix-cve-CVE-2024-55549-1.patch new file mode 100644 index 0000000000000000000000000000000000000000..680240cb68c13bc769901633b0c5e6a47dab4751 --- /dev/null +++ b/0003-fix-cve-CVE-2024-55549-1.patch @@ -0,0 +1,56 @@ +From 9c79a3145441c23cea4e821bded4b24f50ca63f3 Mon Sep 17 00:00:00 2001 +From: zhuhongbo +Date: Thu, 15 May 2025 13:46:31 +0800 +Subject: [PATCH] fix cve CVE-2024-55549 + +--- + libxslt/xslt.c | 24 ++++++++---------------- + 1 file changed, 8 insertions(+), 16 deletions(-) + +diff --git a/libxslt/xslt.c b/libxslt/xslt.c +index 448ea9e..7327cce 100644 +--- a/libxslt/xslt.c ++++ b/libxslt/xslt.c +@@ -166,31 +166,23 @@ exclPrefixPush(xsltStylesheetPtr style, xmlChar * orig) + if (value == NULL) + return(-1); + +- if (style->exclPrefixMax == 0) { +- style->exclPrefixMax = 4; +- style->exclPrefixTab = +- (xmlChar * *)xmlMalloc(style->exclPrefixMax * +- sizeof(style->exclPrefixTab[0])); +- if (style->exclPrefixTab == NULL) { +- xmlGenericError(xmlGenericErrorContext, "malloc failed !\n"); +- return (-1); +- } +- } + /* do not push duplicates */ + for (i = 0;i < style->exclPrefixNr;i++) { + if (xmlStrEqual(style->exclPrefixTab[i], value)) + return(-1); + } + if (style->exclPrefixNr >= style->exclPrefixMax) { +- style->exclPrefixMax *= 2; +- style->exclPrefixTab = +- (xmlChar * *)xmlRealloc(style->exclPrefixTab, +- style->exclPrefixMax * +- sizeof(style->exclPrefixTab[0])); +- if (style->exclPrefixTab == NULL) { ++ xmlChar **tmp; ++ size_t max = style->exclPrefixMax ? style->exclPrefixMax * 2 : 4; ++ ++ tmp = xmlRealloc(style->exclPrefixTab, ++ max * sizeof(style->exclPrefixTab[0])); ++ if (tmp == NULL) { + xmlGenericError(xmlGenericErrorContext, "realloc failed !\n"); + return (-1); + } ++ style->exclPrefixTab = tmp; ++ style->exclPrefixMax = max; + } + style->exclPrefixTab[style->exclPrefixNr] = value; + style->exclPrefix = value; +-- +2.39.3 + diff --git a/libxslt.spec b/libxslt.spec index 60ae1dd6d89e3df5aeed4cdcd04592de1db25dff..ac496dadec9900cb481304c0938a6c905ae68bc0 100644 --- a/libxslt.spec +++ b/libxslt.spec @@ -2,7 +2,7 @@ Summary: Library providing the Gnome XSLT engine Name: libxslt Version: 1.1.28 -Release: 8%{anolis_release}%{?dist}%{?extra_release} +Release: 9%{anolis_release}%{?dist}%{?extra_release} License: MIT Group: Development/Libraries Source: ftp://xmlsoft.org/XSLT/libxslt-%{version}.tar.gz @@ -22,6 +22,7 @@ Patch2: libxslt-1.1.28-CVE-2019-18197.patch Patch3: libxslt-1.1.28-CVE-2019-11068.patch Patch4: 0001-fix-cve-CVE-2024-55549.patch Patch5: 0002-fix-cve-CVE-2025-24855.patch +Patch6: 0003-fix-cve-CVE-2024-55549-1.patch %description This C library allows to transform XML files into other XML files @@ -64,6 +65,7 @@ with XPath functions written in Python. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 # Now fix up the timestamps of patched docs files # ChangeLog needs to be retouched before gzip as well # since timestamp affects output @@ -133,6 +135,9 @@ make tests %doc python/tests/*.xsl %changelog +* Thu May 15 2025 zhuhongbo - 1.1.28-9.0.1 +- cve: fix cve CVE-2024-55549 to version libxslt-1.1.28-9 + * Mon Apr 7 2025 zhuhongbo - 1.1.28-8.0.1 - cve: fix cve CVE-2024-55549 CVE-2025-24855