Bug 2112766 (CVE-2016-3709)

Summary: CVE-2016-3709 libxml2: Incorrect server side include parsing can lead to XSS
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: bdettelb, caswilli, csutherl, dffrench, dhalasz, dking, dkuc, erik-fedora, fjansen, gzaronik, jary, jburrell, jclere, jkoehler, jplesnik, jwong, jwon, kaycoth, kde-sig, kevin, kshier, ktietz, micjohns, mturk, ngough, ohudlick, peholase, pjindal, plodge, psegedy, rdieter, rfreiman, rgodfrey, rh-spice-bugs, rjones, stcannon, sthirugn, szappis, tcarlin, tfister, tkasparek, tmeszaro, tohughes, tsasak, veillard, vkrizan, vkumar, vmugicag
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: libxml2 2.9.11 Doc Type: If docs needed, set a value
Doc Text:
A Cross-site scripting (XSS) vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-12-04 05:33:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2121133, 2112780, 2112781, 2120780, 2120781, 2120782, 2121134    
Bug Blocks: 2112769    

Description Sandipan Roy 2022-08-01 05:31:37 UTC 
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

https://mail.gnome.org/archives/xml/2018-January/msg00010.html
Comment 1 Sandipan Roy 2022-08-01 05:45:02 UTC 
Created libxml2 tracking bugs for this issue:

Affects: fedora-all [bug 2112780]


Created mingw-libxml2 tracking bugs for this issue:

Affects: fedora-all [bug 2112781]
Comment 4 Guilherme de Almeida Suckevicz 2022-08-23 17:48:44 UTC 
Reference:
https://bugzilla.gnome.org/show_bug.cgi?id=769760

Upstream patch:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f
Comment 6 Guilherme de Almeida Suckevicz 2022-08-24 14:45:49 UTC 
Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-8 [bug 2121133]
Affects: fedora-all [bug 2121134]
Comment 9 errata-xmlrpc 2022-11-08 10:15:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:7715 https://access.redhat.com/errata/RHSA-2022:7715
Comment 10 Product Security DevOps Team 2022-12-04 05:33:10 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2016-3709
Comment 11 errata-xmlrpc 2023-08-28 12:58:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:4767 https://access.redhat.com/errata/RHSA-2023:4767