We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Overview

File libxml2-CVE-2021-3516.patch of Package libxml2.42447

From 1358d157d0bd83be1dfe356a69213df9fac0b539 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 21 Apr 2021 13:23:27 +0200
Subject: [PATCH] Fix use-after-free with `xmllint --html --push`

Call htmlCtxtUseOptions to make sure that names aren't stored in
dictionaries.

Note that this issue only affects xmllint using the HTML push parser.

Fixes #230.
---
 xmllint.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: libxml2-2.9.10/xmllint.c
===================================================================
--- libxml2-2.9.10.orig/xmllint.c
+++ libxml2-2.9.10/xmllint.c
@@ -2204,7 +2204,7 @@ static void parseAndPrintFile(char *file
             if (res > 0) {
                 ctxt = htmlCreatePushParserCtxt(NULL, NULL,
                             chars, res, filename, XML_CHAR_ENCODING_NONE);
-                xmlCtxtUseOptions(ctxt, options);
+                htmlCtxtUseOptions(ctxt, options);
                 while ((res = fread(chars, 1, pushsize, f)) > 0) {
                     htmlParseChunk(ctxt, chars, res, 0);
                 }
openSUSE Build Service is sponsored by
Places