When calculating port value in xmlParse3986Port function, incorrect limit is used. Android patch: https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 References: https://source.android.com/security/bulletin/2017-06-01#libraries
Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1462226] Created mingw-libxml2 tracking bugs for this issue: Affects: epel-7 [bug 1462227] Affects: fedora-all [bug 1462228]
The port filtering functionality was introduced in 2.9.4
Upstream fixed this slightly differently than different commit than Android did: https://github.com/GNOME/libxml2/commit/5dca9eea1bd4