Chromium: Vulnerability reported in libxml |
||||
Issue descriptionAutomated analysis has detected that the following third party packages have had vulnerabilities publicly reported. NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package. Package Name: libxml Package Version: [cpe:/a:xmlsoft:libxml2:2.7.7] Advisory: CVE-2017-7376 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2017-7376 CVSS severity score: 10/10.0 Confidence: high Description: Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
,
Mar 21 2018
The fix in uri.c (looking at the Android fix https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4%5E%21/#F0) does appear to have been included in https://chromium.googlesource.com/chromium/src/+log/52bfd9b23ead461185b20736e216a73cad1864fe/third_party/libxml/src/uri.c (dating to last April). Looking at the vomit reference to the libxml2 commit indicates a different patch in nanohttp.c, which we also appear to already have patched: Looking at https://cs.chromium.org/chromium/src/third_party/libxml/src/nanohttp.c?l=1432 It looks like we picked up the nanohttp.c fix in our roll last April: https://chromium.googlesource.com/chromium/src/+/01618a2e9695f739ea089db2d7b1a3f4ccd5048c As we appear to include both the Android patch as well as the upstream fix, I'm going mark this as Fixed.
,
Mar 22 2018
,
Jun 28 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||||
►
Sign in to add a comment |
||||
Comment 1 by elawrence@chromium.org
, Mar 21 2018