Re: Re: libxml security fix from apple ... any information?

[Thomas Biege <thomas () suse de>]

Hello,
if the code executed is the same on Windows and on Linux I would assume
this affects Linux too. That the bug is not "seen" during fuzzing
means nothing.

Cheers,
Thomas

Am Freitag, 29. Juli 2011, 06:59:22 schrieb Billy Rios:
> The crash was indeed in libxml2, but I could not get the bug to repro in
> Linux.  We took the crash file and fuzzed a bit more on Linux, but no
> crashes were observed.
>
> BK
>
>
> On Thu, Jul 28, 2011 at 6:22 AM, Marcus Meissner <meissner () suse de> wrote:
>
> > Hi folks, Billy, Daniel,
> >
> > On
> > http://support.apple.com/kb/HT4808
> > there is a libxml security issue listed:
> >
> > -----------------------------------------
> > libxml
> >
> > Available for: Windows 7, Vista, XP SP2 or later
> >
> > Impact: Visiting a maliciously crafted website may lead to an unexpected
> > application termination or arbitrary code execution
> >
> > Description: A one-byte heap buffer overflow existed in libxml's handling
> > of XML data. Visiting a maliciously crafted website may lead to an
> > unexpected application termination or arbitrary code execution.
> >
> > CVE-ID
> >
> > CVE-2011-0216 : Billy Rios of the Google Security Team
> > -----------------------------------------
> >
> > I suspect this is libxml2 and it likely also affects Linux?
> >
> > If this is correct, could you identify the commit fixing this issue?
> >
> > Ciao, Marcus


-- 
Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing
SUSE LINUX GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 21284 (AG Nürnberg
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach