FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

raptor2 -- buffer overflow

Affected packages
raptor2 < 2.0.15_16

Details

VuXML ID 07c7ae7a-224b-11eb-aa6e-e0d55e2a8bf9
Discovery 2017-04-16
Entry 2020-11-09

CVE MITRE reports:

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).

References

CVE Name CVE-2017-18926
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18926
URL https://github.com/LibreOffice/core/blob/master/external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1