Ubuntu
libxml2 package

xmllint 2.9.1+dfsg1-3ubuntu4.1 does not load entities any more

Bug #1321869 reported by Jason Gunthorpe on 2014-05-21

This bug affects 4 people

	Status	Importance	Assigned to
libxml2	Fix Released	High	gnome-bugs #730290
libxml2 (Ubuntu)	Fix Released	Undecided	Marc Deslauriers
Lucid	Fix Released	Undecided	Marc Deslauriers
Precise	Fix Released	Undecided	Marc Deslauriers
Saucy	Fix Released	Undecided	Marc Deslauriers
Trusty	Fix Released	Undecided	Marc Deslauriers
Utopic	Fix Released	Undecided	Marc Deslauriers

Bug Description

This is a regression, 2.9.1+dfsg1-3ubuntu4 and all prior for the last 5 years work fine.

xmllint 2.9.1+dfsg1-3ubuntu4.1 doesn't load entities, for instance attempting to validate a docbook document:

$ xmllint --load-trace --path build-hosted/doc/ --path doc/ --xinclude --nonet --postvalid --noout doc/oss-build.xml
Loaded URL="doc/oss-build.xml" ID="(null)"
Loaded URL="http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" ID="-//OASIS//DTD DocBook XML V4.5//EN"
doc/oss-build.xml:6: element article: validity error : No declaration for element article

While prior versions work fine:

Loaded URL="doc/oss-build.xml" ID="(null)"
Loaded URL="http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" ID="-//OASIS//DTD DocBook XML V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/dbnotnx.mod" ID="-//OASIS//ENTITIES DocBook Notations V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/dbcentx.mod" ID="-//OASIS//ENTITIES DocBook Character Entities V4.5//EN"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamsa.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Arrow Relations//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamsb.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Binary Operators//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamsc.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Delimiters//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamsn.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Negated Relations//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamso.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Ordinary//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOamsr.ent" ID="ISO 8879:1986//ENTITIES Added Math Symbols: Relations//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISObox.ent" ID="ISO 8879:1986//ENTITIES Box and Line Drawing//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOcyr1.ent" ID="ISO 8879:1986//ENTITIES Russian Cyrillic//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOcyr2.ent" ID="ISO 8879:1986//ENTITIES Non-Russian Cyrillic//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOdia.ent" ID="ISO 8879:1986//ENTITIES Diacritical Marks//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOgrk1.ent" ID="ISO 8879:1986//ENTITIES Greek Letters//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOgrk2.ent" ID="ISO 8879:1986//ENTITIES Monotoniko Greek//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOgrk3.ent" ID="ISO 8879:1986//ENTITIES Greek Symbols//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOgrk4.ent" ID="ISO 8879:1986//ENTITIES Alternative Greek Symbols//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOlat1.ent" ID="ISO 8879:1986//ENTITIES Added Latin 1//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOlat2.ent" ID="ISO 8879:1986//ENTITIES Added Latin 2//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOnum.ent" ID="ISO 8879:1986//ENTITIES Numeric and Special Graphic//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOpub.ent" ID="ISO 8879:1986//ENTITIES Publishing//EN//XML"
Loaded URL="file:///usr/share/xml/entities/xml-iso-entities-8879.1986/ISOtech.ent" ID="ISO 8879:1986//ENTITIES General Technical//EN//XML"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/dbpoolx.mod" ID="-//OASIS//ELEMENTS DocBook Information Pool V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/htmltblx.mod" ID="-//OASIS//ELEMENTS DocBook XML HTML Tables V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/calstblx.dtd" ID="-//OASIS//DTD DocBook CALS Table Model V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/dbhierx.mod" ID="-//OASIS//ELEMENTS DocBook Document Hierarchy V4.5//EN"
Loaded URL="file:///usr/share/xml/docbook/schema/dtd/4.5/dbgenent.mod" ID="-//OASIS//ENTITIES DocBook Additional General Entities V4.5//EN"

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libxml2-utils 2.9.1+dfsg1-3ubuntu4.1
ProcVersionSignature: Ubuntu 3.13.0-24.47-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.1
Architecture: amd64
CurrentDesktop: XFCE
Date: Wed May 21 12:21:04 2014
InstallationDate: Installed on 2014-04-16 (35 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140415)
SourcePackage: libxml2
UpgradeStatus: No upgrade log present (probably fresh install)

Tags:

Related branches

lp:ubuntu/utopic-proposed/libxml2

lp:ubuntu/lucid-security/libxml2

lp:ubuntu/precise-security/libxml2

lp:ubuntu/saucy-security/libxml2

lp:ubuntu/trusty-security/libxml2

CVE References

2014-0191

Revision history for this message

Jason Gunthorpe (jgunthorpe) wrote on 2014-05-21:

Dependencies.txt Edit (519 bytes, text/plain; charset="utf-8")
ProcEnviron.txt Edit (96 bytes, text/plain; charset="utf-8")

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-04:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libxml2 (Ubuntu):
status:	New → Confirmed

Matthias Klose (doko) on 2014-06-04

Changed in libxml2 (Ubuntu):
assignee:	nobody → Ubuntu Security Team (ubuntu-security)

Bug Watch Updater (bug-watch-updater) on 2014-06-04

Changed in libxml2:
importance:	Unknown → High
status:	Unknown → New

Revision history for this message

Matthias Klumpp (ximion) wrote on 2014-06-04:

This issue also breaks Publican and similar tools which validate their input Docbook before running.
It's a pretty annoying thing to track down (I initially thought it was a publican issue...), especially because it was introduced by a security bugfix, breaking existing setups.

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2014-06-05:

Also see thread here: https://mail.gnome.org/archives/xml/2014-May/msg00002.html

Changed in libxml2 (Ubuntu Lucid):
status:	New → Confirmed
Changed in libxml2 (Ubuntu Precise):
status:	New → Confirmed
Changed in libxml2 (Ubuntu Saucy):
status:	New → Confirmed
Changed in libxml2 (Ubuntu Trusty):
status:	New → Confirmed
Changed in libxml2 (Ubuntu Lucid):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in libxml2 (Ubuntu Precise):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in libxml2 (Ubuntu Saucy):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in libxml2 (Ubuntu Trusty):
assignee:	nobody → Marc Deslauriers (mdeslaur)
Changed in libxml2 (Ubuntu Utopic):
assignee:	Ubuntu Security Team (ubuntu-security) → Marc Deslauriers (mdeslaur)

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-06:

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu6

---------------
libxml2 (2.9.1+dfsg1-3ubuntu6) utopic; urgency=medium

  * SECURITY REGRESSION: xmllint no longer loads entities with --postvalid
    (LP: #1321869)
    - debian/patches/lp1321869.patch: also check XML_PARSE_DTDLOAD in
      parser.c.
-- Marc Deslauriers <email address hidden> Fri, 06 Jun 2014 12:49:52 -0400

Changed in libxml2 (Ubuntu Utopic):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-09:

This bug was fixed in the package libxml2 - 2.7.6.dfsg-1ubuntu1.12

---------------
libxml2 (2.7.6.dfsg-1ubuntu1.12) lucid-security; urgency=medium

  * SECURITY REGRESSION: xmllint no longer loads entities with --postvalid
    (LP: #1321869)
    - Thanks to Alexey Neyman for proposed patch
    - https://mail.gnome.org/archives/xml/2014-May/msg00003.html
-- Marc Deslauriers <email address hidden> Fri, 06 Jun 2014 13:36:55 -0400

Changed in libxml2 (Ubuntu Lucid):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-09:

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu4.2

---------------
libxml2 (2.9.1+dfsg1-3ubuntu4.2) trusty-security; urgency=medium

Changed in libxml2 (Ubuntu Trusty):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-09:

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu2.2

---------------
libxml2 (2.9.1+dfsg1-3ubuntu2.2) saucy-security; urgency=medium

Changed in libxml2 (Ubuntu Saucy):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-09:

This bug was fixed in the package libxml2 - 2.7.8.dfsg-5.1ubuntu4.8

---------------
libxml2 (2.7.8.dfsg-5.1ubuntu4.8) precise-security; urgency=medium

Changed in libxml2 (Ubuntu Precise):
status:	Confirmed → Fix Released

Bug Watch Updater (bug-watch-updater) on 2014-06-11

Changed in libxml2:
status:	New → Fix Released

Revision history for this message

Unit 193 (unit193) wrote on 2014-06-12:

#10

With the curent patch, and libxml2 (2.9.1+dfsg1-3ubuntu4.2), xubuntu-docs still will not build and validate. To fix this problem, I used the upstream patch here: https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825 and rebuilt.

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2014-06-13:

#11

Thanks, re-opening this bug. I'll release another update with the final upstream commit.

Changed in libxml2 (Ubuntu Saucy):
status:	Fix Released → Confirmed
Changed in libxml2 (Ubuntu Trusty):
status:	Fix Released → Confirmed
Changed in libxml2 (Ubuntu Utopic):
status:	Fix Released → Confirmed
Changed in libxml2 (Ubuntu Lucid):
status:	Fix Released → Confirmed
Changed in libxml2 (Ubuntu Precise):
status:	Fix Released → Confirmed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-13:

#12

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu7

---------------
libxml2 (2.9.1+dfsg1-3ubuntu7) utopic; urgency=medium

  * SECURITY REGRESSION: more xmllint regressions (LP: #1321869)
    - debian/patches/lp1321869.patch: use upstream commit which includes
      additional regression fixes to parser.c.
-- Marc Deslauriers <email address hidden> Fri, 13 Jun 2014 07:26:35 -0400

Changed in libxml2 (Ubuntu Utopic):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-17:

#13

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu2.3

---------------
libxml2 (2.9.1+dfsg1-3ubuntu2.3) saucy-security; urgency=medium

Changed in libxml2 (Ubuntu Saucy):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-17:

#14

This bug was fixed in the package libxml2 - 2.9.1+dfsg1-3ubuntu4.3

---------------
libxml2 (2.9.1+dfsg1-3ubuntu4.3) trusty-security; urgency=medium

Changed in libxml2 (Ubuntu Trusty):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-17:

#15

This bug was fixed in the package libxml2 - 2.7.8.dfsg-5.1ubuntu4.9

---------------
libxml2 (2.7.8.dfsg-5.1ubuntu4.9) precise-security; urgency=medium

  * SECURITY REGRESSION: more xmllint regressions (LP: #1321869)
    - use upstream commit which includes additional regression fixes to
      parser.c.
    - https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825
-- Marc Deslauriers <email address hidden> Fri, 13 Jun 2014 09:11:38 -0400

Changed in libxml2 (Ubuntu Precise):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-06-17:

#16

This bug was fixed in the package libxml2 - 2.7.6.dfsg-1ubuntu1.13

---------------
libxml2 (2.7.6.dfsg-1ubuntu1.13) lucid-security; urgency=medium

Changed in libxml2 (Ubuntu Lucid):
status:	Confirmed → Fix Released

Revision history for this message

Enrico Weigelt, metux ITS (metux) wrote on 2014-12-03:

#17

Just got hit by that bug (while trying to build git-remote-hg, which calls asciidoc), even though that patch seems to be applied in current release (on trusty -> libxml2 version 2.9.1+dfsg1-3ubuntu4.4)