Bug 1396540 – CVE-2016-9063 firefox: Possible integer overflow to fix inside XML_Parse in Expat

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1396540 - (CVE-2016-9063) CVE-2016-9063 firefox: Possible integer overflow to fix inside XML_Parse in Expat

Summary:	CVE-2016-9063 firefox: Possible integer overflow to fix inside XML_Parse in E...

Status:	NEW

Aliases:	CVE-2016-9063

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20161115,reported=2...
Keywords:	Reopened, Security

Depends On:	1462755 1462757 1462756 1462758 1478230
Blocks:	1392803 1462763
	Show dependency tree / graph

Reported:	2016-11-18 10:24 EST by Adam Mariš
Modified:	2018-10-19 17:38 EDT (History)
CC List:	49 users (show)

See Also:
Fixed In Version:	firefox 50
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2016-11-24 00:23:49 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Adam Mariš 2016-11-18 10:24:54 EST

An integer overflow during the parsing of XML using the Expat library.

External References:

https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/#CVE-2016-9063

Comment 1 Adam Mariš 2016-11-18 10:25:06 EST

Acknowledgments:

Name: the Mozilla project
Upstream: Gustavo Grieco

Comment 2 Huzaifa S. Sidhpurwala 2016-11-24 00:23:49 EST

Statement:

This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5, 6 and 7.

Comment 3 Adam Mariš 2017-06-19 09:09:51 EDT

Upstream patch:

https://github.com/libexpat/libexpat/commit/d4f735b88d9932bd5039df2335eefdd0723dbe20

Comment 4 Adam Mariš 2017-06-19 09:10:36 EDT

Created compat-expat1 tracking bugs for this issue:

Affects: fedora-all [bug 1462758]


Created expat tracking bugs for this issue:

Affects: fedora-all [bug 1462756]


Created expat21 tracking bugs for this issue:

Affects: epel-all [bug 1462755]


Created mingw-expat tracking bugs for this issue:

Affects: epel-7 [bug 1462757]

Comment 5 Huzaifa S. Sidhpurwala 2017-07-03 03:44:40 EDT

Expat upstream fixed this issue via the following commit:

https://github.com/libexpat/libexpat/commit/d4f735b88d9932bd5039df2335eefdd0723dbe20

Comment 6 Huzaifa S. Sidhpurwala 2017-08-03 23:52:54 EDT

Created mingw-expat tracking bugs for this issue:

Affects: fedora-all [bug 1478230]

Note You need to log in before you can comment on or make changes to this bug.

apintea
besser82
bmaxwell
bmcclain
cdewolf
cfergeau
chazlett
cschalle
csutherl
darran.lofthouse
dblechte
dimitris
dosoudil
eedri
erik-fedora
fgavrilo
gecko-bugs-nobody
gklein
gzaronik
jawilson
jclere
jhorak
jondruse
jorton
jshepherd
lgao
lsurette
lupinix.fedora
mbabacek
mgoldboi
michal.skrivanek
myarboro
pgier
pjurak
ppalaga
psakar
pslavice
rh-spice-bugs
rjones
rnetuka
rstancel
rsvoboda
srevivo
stransky
twalsh
vtunka
weli
ykaul
ylavi