diff -Nru tinyxml-2.6.2/debian/changelog tinyxml-2.6.2/debian/changelog --- tinyxml-2.6.2/debian/changelog 2023-12-06 19:41:06.000000000 +0000 +++ tinyxml-2.6.2/debian/changelog 2024-01-29 13:08:54.000000000 +0000 @@ -1,8 +1,17 @@ -tinyxml (2.6.2-4+deb10u1build0.20.04.1) focal-security; urgency=medium +tinyxml (2.6.2-4+deb10u2build0.20.04.1) focal-security; urgency=medium * fake sync from Debian - -- Amir Naseredini Wed, 06 Dec 2023 19:41:06 +0000 + -- Giampaolo Fresi Roglia Mon, 29 Jan 2024 14:08:54 +0100 + +tinyxml (2.6.2-4+deb10u2) buster-security; urgency=high + + * Non-maintainer upload by the LTS Security Team. + * Fix CVE-2023-34194 / CVE-2023-40462: Reachable assertion (and application + exit) via a crafted XML document with a '\0' located after whitespace. + (Closes: #1059315) + + -- Guilhem Moulin Sat, 30 Dec 2023 15:10:00 +0100 tinyxml (2.6.2-4+deb10u1) buster-security; urgency=high diff -Nru tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch --- tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch 2022-04-29 22:46:45.000000000 +0000 +++ tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch 2023-12-30 14:10:00.000000000 +0000 @@ -5,6 +5,8 @@ the start byte of a three byte character) this leads to an infinite loop. (CVE-2021-42260) Origin: https://sourceforge.net/p/tinyxml/git/merge-requests/1/ +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2021-42260 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40458 --- a/tinyxmlparser.cpp +++ b/tinyxmlparser.cpp diff -Nru tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch --- tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch 1970-01-01 00:00:00.000000000 +0000 +++ tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch 2023-12-30 14:10:00.000000000 +0000 @@ -0,0 +1,28 @@ +From: Guilhem Moulin +Date: Sat, 30 Dec 2023 14:15:54 +0100 +Subject: Avoid reachable assertion via crafted XML document with a '\0' + located after whitespace + +Bug: https://www.forescout.com/resources/sierra21-vulnerabilities +Bug-Debian: https://bugs.debian.org/1059315 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-34194 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40462 +--- + tinyxmlparser.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp +index 8aa0dfa..1601962 100644 +--- a/tinyxmlparser.cpp ++++ b/tinyxmlparser.cpp +@@ -1606,6 +1606,10 @@ const char* TiXmlDeclaration::Parse( const char* p, TiXmlParsingData* data, TiXm + } + + p = SkipWhiteSpace( p, _encoding ); ++ if ( !p || !*p ) ++ { ++ break; ++ } + if ( StringEqual( p, "version", true, _encoding ) ) + { + TiXmlAttribute attrib; diff -Nru tinyxml-2.6.2/debian/patches/series tinyxml-2.6.2/debian/patches/series --- tinyxml-2.6.2/debian/patches/series 2022-04-29 22:46:55.000000000 +0000 +++ tinyxml-2.6.2/debian/patches/series 2023-12-30 14:10:00.000000000 +0000 @@ -2,3 +2,4 @@ entity-encoding.patch CVE-2021-42260.patch +CVE-2023-34194.patch diff -Nru tinyxml-2.6.2/debian/salsa-ci.yml tinyxml-2.6.2/debian/salsa-ci.yml --- tinyxml-2.6.2/debian/salsa-ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ tinyxml-2.6.2/debian/salsa-ci.yml 2023-12-30 14:10:00.000000000 +0000 @@ -0,0 +1,8 @@ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml + +variables: + RELEASE: 'buster' + SALSA_CI_DISABLE_REPROTEST: 1 + SALSA_CI_DISABLE_LINTIAN: 1