From 8c9b6399067030f768bcdd7b901446d4f96a5114 Mon Sep 17 00:00:00 2001 From: "deepin-community-bot[bot]" <156989552+deepin-community-bot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 10:11:34 +0000 Subject: [PATCH] feat: update tinyxml to 2.6.2-7 --- .gitignore | 1 - debian/changelog | 31 ++++++++++++++++++++++++++--- debian/control | 2 +- debian/patches/CVE-2021-42260.patch | 25 +++++++++++++++++++++++ debian/patches/CVE-2023-34194.patch | 28 ++++++++++++++++++++++++++ debian/patches/series | 2 ++ debian/rules | 4 ++-- debian/upstream/metadata | 1 + 8 files changed, 87 insertions(+), 7 deletions(-) delete mode 100644 .gitignore create mode 100644 debian/patches/CVE-2021-42260.patch create mode 100644 debian/patches/CVE-2023-34194.patch diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 224e7f0..0000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -.pc/ diff --git a/debian/changelog b/debian/changelog index 539a8ef..8080727 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,33 @@ -tinyxml (2.6.2-5deepin0) unstable; urgency=medium +tinyxml (2.6.2-7) unstable; urgency=medium - * No source change upload against GCC 12. + * Fix passing -DTIXML_USE_STL to the build. (Closes: #1076929) - -- Tianyu Chen Fri, 20 Sep 2024 12:20:07 +0800 + -- Felix Geyer Fri, 26 Jul 2024 17:29:19 +0200 + +tinyxml (2.6.2-6.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Debian Janitor ] + * Set upstream metadata fields: Bug-Database. + + [ Felix Geyer ] + * Set Homepage to the SourceForge project since the original website + is offline. + + [ Guilhem Moulin ] + * Fix CVE-2023-34194 / CVE-2023-40462: Reachable assertion (and application + exit) via a crafted XML document with a '\0' located after whitespace. + (Closes: #1059315) + + -- Guilhem Moulin Sat, 30 Dec 2023 22:49:10 +0100 + +tinyxml (2.6.2-6) unstable; urgency=medium + + * Import fix for CVE-2021-42260. + - Add CVE-2021-42260.patch + + -- Felix Geyer Sun, 12 Dec 2021 23:53:05 +0100 tinyxml (2.6.2-5) unstable; urgency=medium diff --git a/debian/control b/debian/control index 70e46d5..6b00905 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: optional Maintainer: Felix Geyer Build-Depends: debhelper-compat (= 13) Standards-Version: 4.1.3 -Homepage: http://www.grinninglizard.com/tinyxml/ +Homepage: https://sourceforge.net/projects/tinyxml/ Vcs-Git: https://salsa.debian.org/debian/tinyxml.git Vcs-Browser: https://salsa.debian.org/debian/tinyxml diff --git a/debian/patches/CVE-2021-42260.patch b/debian/patches/CVE-2021-42260.patch new file mode 100644 index 0000000..36d738b --- /dev/null +++ b/debian/patches/CVE-2021-42260.patch @@ -0,0 +1,25 @@ +Description: In stamp always advance the pointer if *p= 0xef + . + The current implementation only advanced if 0xef is followed + by two non-zero bytes. In case of malformed input (0xef should be + the start byte of a three byte character) this leads to an infinite + loop. (CVE-2021-42260) +Origin: https://sourceforge.net/p/tinyxml/git/merge-requests/1/ +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2021-42260 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40458 + +--- a/tinyxmlparser.cpp ++++ b/tinyxmlparser.cpp +@@ -274,6 +274,12 @@ void TiXmlParsingData::Stamp( const char* now, TiXmlEncoding encoding ) + else + { p +=3; ++col; } // A normal character. + } ++ else ++ { ++ // TIXML_UTF_LEAD_0 (239) is the start character of a 3 byte sequence, so ++ // there is something wrong here. Just advance the pointer to evade infinite loops ++ ++p; ++ } + } + else + { diff --git a/debian/patches/CVE-2023-34194.patch b/debian/patches/CVE-2023-34194.patch new file mode 100644 index 0000000..dee0aa1 --- /dev/null +++ b/debian/patches/CVE-2023-34194.patch @@ -0,0 +1,28 @@ +From: Guilhem Moulin +Date: Sat, 30 Dec 2023 14:15:54 +0100 +Subject: Avoid reachable assertion via crafted XML document with a '\0' + located after whitespace + +Bug: https://www.forescout.com/resources/sierra21-vulnerabilities +Bug-Debian: https://bugs.debian.org/1059315 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-34194 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40462 +--- + tinyxmlparser.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp +index 8aa0dfa..1601962 100644 +--- a/tinyxmlparser.cpp ++++ b/tinyxmlparser.cpp +@@ -1606,6 +1606,10 @@ const char* TiXmlDeclaration::Parse( const char* p, TiXmlParsingData* data, TiXm + } + + p = SkipWhiteSpace( p, _encoding ); ++ if ( !p || !*p ) ++ { ++ break; ++ } + if ( StringEqual( p, "version", true, _encoding ) ) + { + TiXmlAttribute attrib; diff --git a/debian/patches/series b/debian/patches/series index 124b36f..555eb67 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,4 @@ enforce-use-stl.patch entity-encoding.patch +CVE-2021-42260.patch +CVE-2023-34194.patch diff --git a/debian/rules b/debian/rules index a625182..d7d919f 100755 --- a/debian/rules +++ b/debian/rules @@ -1,12 +1,12 @@ #!/usr/bin/make -f +DEB_CPPFLAGS_MAINT_APPEND = -DTIXML_USE_STL + include /usr/share/dpkg/default.mk ifeq ($(origin CXX),default) CXX = $(DEB_HOST_GNU_TYPE)-g++ endif -CXXFLAGS += -DTIXML_USE_STL - OBJ_FILES := tinyxml.o tinyxmlparser.o tinyxmlerror.o %: diff --git a/debian/upstream/metadata b/debian/upstream/metadata index 21c2aeb..0f191ea 100644 --- a/debian/upstream/metadata +++ b/debian/upstream/metadata @@ -1,3 +1,4 @@ --- Archive: SourceForge +Bug-Database: http://sourceforge.net/projects/tinyxml/forums/forum/42748 Repository: https://git.code.sf.net/p/tinyxml/git