Skip to content

bpo-30610: [Security] Python's libexpat vulnerable to CVE-2016-0718 #2021

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

bpo-30610: [Security] Python's libexpat vulnerable to CVE-2016-0718 #2021

wants to merge 1 commit into from

Conversation

matrixise
Copy link
Member

CVE-2016-0718: Expat allows context-dependent attackers to cause a
denial of service (crash) or possibly execute arbitrary code via a
malformed input document, which triggers a buffer overflow.

https://nvd.nist.gov/vuln/detail/CVE-2016-0718

Upgrade to Expat 2.2.0, which is not vulnerable

https://github.com/libexpat/libexpat/blob/R_2_2_0/expat/Changes

Read the description: https://bugs.python.org/issue30610

@vstinner vstinner added the type-security A security issue label Jun 9, 2017
@vstinner
Copy link
Member

vstinner commented Jun 9, 2017

Please add an entry in Misc/NEWS, you may add [Security] prefix in your message.

@matrixise matrixise changed the title bpo-30610: Python's libexpat vulnerable to CVE-2016-0718 bpo-30610: [Security] Python's libexpat vulnerable to CVE-2016-0718 Jun 9, 2017
@matrixise
bpo-30610: [Security] Python's libexpat vulnerable to CVE-2016-0718
d10bccc 
CVE-2016-0718: Expat allows context-dependent attackers to cause a
denial of service (crash) or possibly execute arbitrary code via a
malformed input document, which triggers a buffer overflow.

https://nvd.nist.gov/vuln/detail/CVE-2016-0718

Upgrade to Expat 2.2.0, which is not vulnerable

https://github.com/libexpat/libexpat/blob/R_2_2_0/expat/Changes

Read the description: https://bugs.python.org/issue30610
@matrixise
Copy link
Member Author

@Haypo fixed with Misc/NEWS, please could you review ? thanks

@matrixise
Copy link
Member Author

For the update of this library, just clone the repository and use the tag R_2_2_0
this tag contains the fix for CVE-2016-0718.

now, there is no experts (in https://github.com/python/devguide/blob/master/experts.rst#stdlib) for the xml.parsers.expat module, and in this case, I am not sure about this update, but all the tests passed.

git clone https://github.com/libexpat/libexpat
cd libexpat
git checkout R_2_2_0
cp expat/lib/*.{c,h} ~/cpython/Modules/expat/

@matrixise matrixise mentioned this pull request Jun 13, 2017
Merged
@matrixise
Copy link
Member Author

I close this PR because the PR #2164 of @Haypo has a better solution to this issue.

@matrixise matrixise closed this Jun 14, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type-security A security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@matrixise @vstinner @the-knights-who-say-ni