Skip to content

fix: add CVE-2026-6653 patch for entity amplification check rework#11

Merged
Zeno-sole merged 1 commit into
deepin-community:masterfrom
Zeno-sole:cve-for-ubuntu
Jun 29, 2026
Merged

fix: add CVE-2026-6653 patch for entity amplification check rework#11
Zeno-sole merged 1 commit into
deepin-community:masterfrom
Zeno-sole:cve-for-ubuntu

Conversation

@Zeno-sole

@Zeno-sole Zeno-sole commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Add debian/patches/CVE-2026-6653.patch to fix billion-laughs entity amplification attack detection.

Changes in this patch:

  • Rework entity amplification check to fix billion-laughs attack.
  • Limit document size after entity substitution to 10x before expansion.
  • Add saturation arithmetic to prevent 32-bit integer overflow.
  • Enable entity amplification check even when XML_PARSE_HUGE is set.
  • Add echeck and elength fields to xmlEntity struct.

Log: Add CVE-2026-6653 entity amplification check patch

Influence:

  1. Package builds successfully
  2. Patch applies cleanly with quilt
  3. No regression on existing CVE patches

fix: 添加 CVE-2026-6653 实体放大检查补丁

添加 debian/patches/CVE-2026-6653.patch 修复实体放大攻击检测

本次补丁的变更:

  • 重新设计实体放大检查机制,修复检测
  • 限制实体替换后文档大小不超过展开前的 10 倍
  • 添加饱和算术防止 32 位整数溢出
  • 即使设置了 XML_PARSE_HUGE 也启用实体放大检查
  • 在 xmlEntity 结构中添加 echeck 和 elength 字段

Log: 添加 CVE-2026-6653 实体放大检查补丁

Influence:

  1. 软件包构建成功
  2. 补丁可通过 quilt 干净应用
  3. 现有 CVE 补丁无回归

repo: libxml2 #cve-for-ubuntu

@deepin-ci-robot deepin-ci-robot requested a review from myml June 26, 2026 13:56
@deepin-ci-robot

Copy link
Copy Markdown
Contributor

/hold
因为该quilt包的上游版本号变更,详情见: deepin-community/infra-settings#134

@github-actions

github-actions Bot commented Jun 26, 2026

Copy link
Copy Markdown

TAG Bot

TAG: 2.12.7+dfsg+really2.9.14-2.1+deb13u3deepin1
EXISTED: no
DISTRIBUTION: unstable

@Zeno-sole

Copy link
Copy Markdown
Contributor Author

Add debian/patches/CVE-2026-6653.patch to fix billion-laughs entity
amplification attack detection.

Changes in this patch:
- Rework entity amplification check to fix billion-laughs attack.
- Limit document size after entity substitution to 10x before expansion.
- Add saturation arithmetic to prevent 32-bit integer overflow.
- Enable entity amplification check even when XML_PARSE_HUGE is set.
- Add echeck and elength fields to xmlEntity struct.

Log: Add CVE-2026-6653 entity amplification check patch

Influence:
1. Package builds successfully
2. Patch applies cleanly with quilt
3. No regression on existing CVE patches

fix: 添加 CVE-2026-6653 实体放大检查补丁

添加 debian/patches/CVE-2026-6653.patch 修复实体放大攻击检测

本次补丁的变更:
- 重新设计实体放大检查机制,修复检测
- 限制实体替换后文档大小不超过展开前的 10 倍
- 添加饱和算术防止 32 位整数溢出
- 即使设置了 XML_PARSE_HUGE 也启用实体放大检查
- 在 xmlEntity 结构中添加 echeck 和 elength 字段

Log: 添加 CVE-2026-6653 实体放大检查补丁

Influence:
1. 软件包构建成功
2. 补丁可通过 quilt 干净应用
3. 现有 CVE 补丁无回归

repo: libxml2 #cve-for-ubuntu
@Zeno-sole

Copy link
Copy Markdown
Contributor Author

@UTsweetyfish add review

@deepin-ci-robot

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hudeng-go, wxphaha

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@Zeno-sole Zeno-sole merged commit dc2bc66 into deepin-community:master Jun 29, 2026
6 of 7 checks passed
@Zeno-sole

Copy link
Copy Markdown
Contributor Author

/integrate

@github-actions

Copy link
Copy Markdown

AutoIntegrationPr Bot
auto integrate with pr url: deepin-community/Repository-Integration#4199
PrNumber: 4199
PrBranch: auto-integration-28343716055

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants