From 76bb85b5aad8cf6e9e71ec2c894adbf9390d8e07 Mon Sep 17 00:00:00 2001
From: Muhammad Falak R Wani <falakreyaz@gmail.com>
Date: Thu, 26 Dec 2024 12:47:12 +0530
Subject: [PATCH 1/3] libxml2: address CVE-2024-40896

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
---
 SPECS/libxml2/CVE-2024-40896.patch | 37 ++++++++++++++++++++++++++++++
 SPECS/libxml2/libxml2.spec         |  6 ++++-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 SPECS/libxml2/CVE-2024-40896.patch

diff --git a/SPECS/libxml2/CVE-2024-40896.patch b/SPECS/libxml2/CVE-2024-40896.patch
new file mode 100644
index 00000000000..9fddd1ec7cd
--- /dev/null
+++ b/SPECS/libxml2/CVE-2024-40896.patch
@@ -0,0 +1,37 @@
+From ae8f0ac0a2900219c3d762ae0b513e199dcf19a5 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat, 6 Jul 2024 01:03:46 +0200
+Subject: [PATCH] [CVE-2024-40896] Fix XXE protection in downstream code
+
+Some users set an entity's children manually in the getEntity SAX
+callback to restrict entity expansion. This stopped working after
+renaming the "checked" member of xmlEntity, making at least one
+downstream project and its dependants susceptible to XXE attacks.
+
+See #761.
+---
+ parser.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index 4feb21a28..8fe0a064d 100644
+--- a/parser.c
++++ b/parser.c
+@@ -7148,6 +7148,14 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
+ 	return;
+     }
+ 
++    /*
++     * Some users try to parse entities on their own and used to set
++     * the renamed "checked" member. Fix the flags to cover this
++     * case.
++     */
++    if (((ent->flags & XML_ENT_PARSED) == 0) && (ent->children != NULL))
++        ent->flags |= XML_ENT_PARSED;
++
+     /*
+      * The first reference to the entity trigger a parsing phase
+      * where the ent->children is filled with the result from
+-- 
+GitLab
+
diff --git a/SPECS/libxml2/libxml2.spec b/SPECS/libxml2/libxml2.spec
index f8efb567465..5e0ca582c4d 100644
--- a/SPECS/libxml2/libxml2.spec
+++ b/SPECS/libxml2/libxml2.spec
@@ -1,13 +1,14 @@
 Summary:        Libxml2
 Name:           libxml2
 Version:        2.11.5
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        MIT
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Group:          System Environment/General Libraries
 URL:            https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home
 Source0:        https://gitlab.gnome.org/GNOME/%{name}/-/archive/v%{version}/%{name}-v%{version}.tar.gz
+Patch0:         CVE-2024-40896.patch
 BuildRequires:  python3-devel
 BuildRequires:  python3-xml
 Provides:       %{name}-tools = %{version}-%{release}
@@ -78,6 +79,9 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_libdir}/cmake/libxml2/libxml2-config.cmake
 
 %changelog
+* Thu Dec 26 2024 Muhammad Falak <mwani@microsoft.com> - 2.11.5-2
+- Patch CVE-2024-40896
+
 * Tue Nov 21 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 2.11.5-1
 - Auto-upgrade to 2.11.5 - Azure Linux 3.0 - package upgrades
 

From 5ce9e0f6754ba5bd5b36f2c0b2f04d4fb55468ce Mon Sep 17 00:00:00 2001
From: Muhammad Falak R Wani <falakreyaz@gmail.com>
Date: Thu, 26 Dec 2024 12:49:57 +0530
Subject: [PATCH 2/3] libxml2: manifest: update entries

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
---
 toolkit/resources/manifests/package/pkggen_core_aarch64.txt | 4 ++--
 toolkit/resources/manifests/package/pkggen_core_x86_64.txt  | 4 ++--
 toolkit/resources/manifests/package/toolchain_aarch64.txt   | 6 +++---
 toolkit/resources/manifests/package/toolchain_x86_64.txt    | 6 +++---
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
index 17c58aadf4a..ace4de02d41 100644
--- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -199,8 +199,8 @@ curl-8.8.0-3.azl3.aarch64.rpm
 curl-devel-8.8.0-3.azl3.aarch64.rpm
 curl-libs-8.8.0-3.azl3.aarch64.rpm
 createrepo_c-1.0.3-1.azl3.aarch64.rpm
-libxml2-2.11.5-1.azl3.aarch64.rpm
-libxml2-devel-2.11.5-1.azl3.aarch64.rpm
+libxml2-2.11.5-2.azl3.aarch64.rpm
+libxml2-devel-2.11.5-2.azl3.aarch64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
index bce53741307..3a74fd00e84 100644
--- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
@@ -199,8 +199,8 @@ curl-8.8.0-3.azl3.x86_64.rpm
 curl-devel-8.8.0-3.azl3.x86_64.rpm
 curl-libs-8.8.0-3.azl3.x86_64.rpm
 createrepo_c-1.0.3-1.azl3.x86_64.rpm
-libxml2-2.11.5-1.azl3.x86_64.rpm
-libxml2-devel-2.11.5-1.azl3.x86_64.rpm
+libxml2-2.11.5-2.azl3.x86_64.rpm
+libxml2-devel-2.11.5-2.azl3.x86_64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.x86_64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
index 77c9b8e282a..b2228d38433 100644
--- a/toolkit/resources/manifests/package/toolchain_aarch64.txt
+++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -240,9 +240,9 @@ libtool-debuginfo-2.4.7-1.azl3.aarch64.rpm
 libxcrypt-4.4.36-2.azl3.aarch64.rpm
 libxcrypt-debuginfo-4.4.36-2.azl3.aarch64.rpm
 libxcrypt-devel-4.4.36-2.azl3.aarch64.rpm
-libxml2-2.11.5-1.azl3.aarch64.rpm
-libxml2-debuginfo-2.11.5-1.azl3.aarch64.rpm
-libxml2-devel-2.11.5-1.azl3.aarch64.rpm
+libxml2-2.11.5-2.azl3.aarch64.rpm
+libxml2-debuginfo-2.11.5-2.azl3.aarch64.rpm
+libxml2-devel-2.11.5-2.azl3.aarch64.rpm
 libxslt-1.1.39-1.azl3.aarch64.rpm
 libxslt-debuginfo-1.1.39-1.azl3.aarch64.rpm
 libxslt-devel-1.1.39-1.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
index 45538673532..5582cedf424 100644
--- a/toolkit/resources/manifests/package/toolchain_x86_64.txt
+++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -243,9 +243,9 @@ libtasn1-debuginfo-4.19.0-1.azl3.x86_64.rpm
 libtasn1-devel-4.19.0-1.azl3.x86_64.rpm
 libtool-2.4.7-1.azl3.x86_64.rpm
 libtool-debuginfo-2.4.7-1.azl3.x86_64.rpm
-libxml2-2.11.5-1.azl3.x86_64.rpm
-libxml2-debuginfo-2.11.5-1.azl3.x86_64.rpm
-libxml2-devel-2.11.5-1.azl3.x86_64.rpm
+libxml2-2.11.5-2.azl3.x86_64.rpm
+libxml2-debuginfo-2.11.5-2.azl3.x86_64.rpm
+libxml2-devel-2.11.5-2.azl3.x86_64.rpm
 libxcrypt-4.4.36-2.azl3.x86_64.rpm
 libxcrypt-debuginfo-4.4.36-2.azl3.x86_64.rpm
 libxcrypt-devel-4.4.36-2.azl3.x86_64.rpm

From 7af5dbd1a0bf98ff9d5b0424a3ac1588b41a230a Mon Sep 17 00:00:00 2001
From: Muhammad Falak R Wani <falakreyaz@gmail.com>
Date: Thu, 26 Dec 2024 12:54:56 +0530
Subject: [PATCH 3/3] libxml2: manifest: update python3-libxml2 entries

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
---
 toolkit/resources/manifests/package/toolchain_aarch64.txt | 2 +-
 toolkit/resources/manifests/package/toolchain_x86_64.txt  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
index b2228d38433..7b9eb17092d 100644
--- a/toolkit/resources/manifests/package/toolchain_aarch64.txt
+++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -541,7 +541,7 @@ python3-gpg-1.23.2-2.azl3.aarch64.rpm
 python3-jinja2-3.1.2-1.azl3.noarch.rpm
 python3-libcap-ng-0.8.4-1.azl3.aarch64.rpm
 python3-libs-3.12.3-5.azl3.aarch64.rpm
-python3-libxml2-2.11.5-1.azl3.aarch64.rpm
+python3-libxml2-2.11.5-2.azl3.aarch64.rpm
 python3-lxml-4.9.3-1.azl3.aarch64.rpm
 python3-magic-5.45-1.azl3.noarch.rpm
 python3-markupsafe-2.1.3-1.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
index 5582cedf424..8bf1cde27dc 100644
--- a/toolkit/resources/manifests/package/toolchain_x86_64.txt
+++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -547,7 +547,7 @@ python3-gpg-1.23.2-2.azl3.x86_64.rpm
 python3-jinja2-3.1.2-1.azl3.noarch.rpm
 python3-libcap-ng-0.8.4-1.azl3.x86_64.rpm
 python3-libs-3.12.3-5.azl3.x86_64.rpm
-python3-libxml2-2.11.5-1.azl3.x86_64.rpm
+python3-libxml2-2.11.5-2.azl3.x86_64.rpm
 python3-lxml-4.9.3-1.azl3.x86_64.rpm
 python3-magic-5.45-1.azl3.noarch.rpm
 python3-markupsafe-2.1.3-1.azl3.x86_64.rpm