From e225629101ad8a120b4d582f4200e1bf5c5f3cc5 Mon Sep 17 00:00:00 2001 From: Joe Slater Date: Wed, 22 Dec 2021 11:31:09 -0500 Subject: [PATCH] libxml2: fix CVE-2016-4658 Fix use after free memory corruption involving XPointer ranges by advancing to version 2.9.1-6.el7_9.6. Testing build-pkgs; build-iso (not used); create designer patch install patch execute sanity test remove patch execute sanity test --- sanity test --- #!/bin/python import libxml2, sys doc = libxml2.parseFile("/etc/firewalld/zones/public.xml") print doc.name --- Closes-Bug: 1954718 Signed-off-by: Joe Slater Change-Id: I18ca9f179b6db2f95dfd532f62195f69b29add9b --- centos-mirror-tools/config/centos/compiler/rpms_centos.lst | 2 +- centos-mirror-tools/config/centos/distro/rpms_centos.lst | 4 ++-- centos-mirror-tools/config/centos/flock/rpms_centos.lst | 4 ++-- centos-mirror-tools/config/centos/mock/rpms_centos.lst | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/centos-mirror-tools/config/centos/compiler/rpms_centos.lst b/centos-mirror-tools/config/centos/compiler/rpms_centos.lst index 15edec51..156aae82 100644 --- a/centos-mirror-tools/config/centos/compiler/rpms_centos.lst +++ b/centos-mirror-tools/config/centos/compiler/rpms_centos.lst @@ -159,7 +159,7 @@ libXfixes-5.0.3-1.el7.x86_64.rpm libXfixes-devel-5.0.3-1.el7.x86_64.rpm libXft-2.3.2-2.el7.x86_64.rpm libXft-devel-2.3.2-2.el7.x86_64.rpm -# libxml2-2.9.1-6.el7_2.3.x86_64.rpm provided by mock +# libxml2-2.9.1-6.el7_9.6.x86_64.rpm provided by mock libXrender-0.9.10-1.el7.x86_64.rpm libXrender-devel-0.9.10-1.el7.x86_64.rpm libxshmfence-1.2-1.el7.x86_64.rpm diff --git a/centos-mirror-tools/config/centos/distro/rpms_centos.lst b/centos-mirror-tools/config/centos/distro/rpms_centos.lst index 4196fcee..95e0c12e 100644 --- a/centos-mirror-tools/config/centos/distro/rpms_centos.lst +++ b/centos-mirror-tools/config/centos/distro/rpms_centos.lst @@ -536,8 +536,8 @@ libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm libxkbfile-1.0.9-3.el7.x86_64.rpm libxklavier-5.4-7.el7.x86_64.rpm libxklavier-devel-5.4-7.el7.x86_64.rpm -# libxml2-2.9.1-6.el7_2.3.x86_64.rpm provided by mock -libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm +# libxml2-2.9.1-6.el7_9.6.x86_64.rpm provided by mock +libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libXmu-1.1.2-2.el7.x86_64.rpm libXpm-3.5.12-1.el7.x86_64.rpm libXrandr-1.5.1-2.el7.x86_64.rpm diff --git a/centos-mirror-tools/config/centos/flock/rpms_centos.lst b/centos-mirror-tools/config/centos/flock/rpms_centos.lst index c29a1ff8..41c8f791 100644 --- a/centos-mirror-tools/config/centos/flock/rpms_centos.lst +++ b/centos-mirror-tools/config/centos/flock/rpms_centos.lst @@ -523,8 +523,8 @@ libxcb-1.13-1.el7.x86_64.rpm libXext-1.3.3-3.el7.x86_64.rpm libXfont-1.5.4-1.el7.x86_64.rpm libXi-1.7.9-1.el7.x86_64.rpm -# libxml2-2.9.1-6.el7_2.3.x86_64.rpm provided by mock -libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm +# libxml2-2.9.1-6.el7_9.6.x86_64.rpm provided by mock +libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm libXpm-devel-3.5.12-1.el7.x86_64.rpm libxslt-1.1.28-6.el7.x86_64.rpm libxslt-devel-1.1.28-6.el7.x86_64.rpm diff --git a/centos-mirror-tools/config/centos/mock/rpms_centos.lst b/centos-mirror-tools/config/centos/mock/rpms_centos.lst index 72206e83..939e55da 100644 --- a/centos-mirror-tools/config/centos/mock/rpms_centos.lst +++ b/centos-mirror-tools/config/centos/mock/rpms_centos.lst @@ -86,7 +86,7 @@ libuser-0.60-9.el7.x86_64.rpm libutempter-1.1.6-4.el7.x86_64.rpm libuuid-2.23.2-59.el7.x86_64.rpm libverto-0.2.5-4.el7.x86_64.rpm -libxml2-2.9.1-6.el7_2.3.x86_64.rpm +libxml2-2.9.1-6.el7_9.6.x86_64.rpm lua-5.1.4-15.el7.x86_64.rpm lz4-1.7.5-2.el7.x86_64.rpm lzo-2.06-8.el7.x86_64.rpm