[Bug 200631] www/tidy-devel: buffer overflow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Jun 4 11:04:41 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200631
Bug ID: 200631
Summary: www/tidy-devel: buffer overflow
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: thierry at FreeBSD.org
Reporter: walter at lifeforms.nl
Assignee: thierry at FreeBSD.org
Flags: maintainer-feedback?(thierry at FreeBSD.org)
A security issue (buffer overflow in parsing HTML) has been fixed in tidy
4.9.31.
https://github.com/htacg/tidy-html5/issues/217
It seems there are a few versions of tidy in the ports tree:
- www/tidy-html5 is tidy 4.9.30, which should be bumped to 4.9.31
- www/tidy-devel is libtidy-0.99 or tidy 090315-cvs on sourceforge, which looks
abandoned since 2009
- www/tidy-lib just depends on tidy-devel
- www/tidy is tidy 20000804, and looks abandoned since 2000
If I parse the github issue correctly:
- www/tidy-html5 is vulnerable
- www/tidy-devel is vulnerable. It has the affected code part in tmbstr.c. Bug
report says: "I can confirm this BUG exists in the 2008/9 libtidy.0.99.so last
release, the sourceforge cvs tidy, which is still present in some
distributions. Just the quite unique nature of using 'code' ending in spaces or
a newline just before an attribute with a 'blank' value prevents it from being
seens more often."
- www/tidy seems NOT vulnerable. It does not seem to have the affected code
snippet. Bug report says: "Interestingly, it is NOT present in TidyAug2000
[...]"
The solution for www/tidy-html5 seems a trivial version bump, but the
www/tidy-devel upstream seems unmaintained, so we possibly should add a patch.
Alternatively, if tidy-html5 is more-or-less a drop-in replacement for
tidy-devel, it might be a good moment to get rid of the unmaintained www/tidy
and www/tidy-devel ports.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list