Fix CVE-2017-0663:

https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
https://security-tracker.debian.org/tracker/CVE-2017-0663

Patch copied from upstream source repository:

https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66

From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Tue, 6 Jun 2017 12:56:28 +0200
Subject: [PATCH] Fix type confusion in xmlValidateOneNamespace

Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
namespace declarations make no practical sense anyway.

Fixes bug 780228.

Found with libFuzzer and ASan.
---
 valid.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/valid.c b/valid.c
index 8075d3a0..c51ea290 100644
--- a/valid.c
+++ b/valid.c
@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
 	}
     }
 
+    /*
+     * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
+     * xmlAddID and xmlAddRef for namespace declarations, but it makes
+     * no practical sense to use ID types anyway.
+     */
+#if 0
     /* Validity Constraint: ID uniqueness */
     if (attrDecl->atype == XML_ATTRIBUTE_ID) {
         if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
         if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
 	    ret = 0;
     }
+#endif
 
     /* Validity Constraint: Notation Attributes */
     if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
-- 
2.14.1

8dba35cc7dfd857fb179659a14b0a1e583'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=a3c6998dba35cc7dfd857fb179659a14b0a1e583'>root</a>/<a href='/guix/log/gnu?id=a3c6998dba35cc7dfd857fb179659a14b0a1e583'>gnu</a>/<a href='/guix/log/gnu/build?id=a3c6998dba35cc7dfd857fb179659a14b0a1e583'>build</a>/<a href='/guix/log/gnu/build/file-systems.scm?id=a3c6998dba35cc7dfd857fb179659a14b0a1e583'>file-systems.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/build/file-systems.scm?id=a3c6998dba35cc7dfd857fb179659a14b0a1e583&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-11-20 21:27:10 +0100'>2022-11-20</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=c585b4bc68813a351d6a87d19b9adf4041506355'>file-systems: Always do recursive bind mounts.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://issues.guix.gnu.org/59185&gt;.

* guix/build/syscalls.scm (MS_REC): New variable.
* gnu/build/file-systems.scm (mount-flags-&gt;bit-mask): Set MS_REC bit when
bind-mounting.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2022-11-03 20:00:31 +0100'>2022-11-03</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=c1261b3a5d5c704737e6a02538f014967cf05f3e'>file-systems: Gracefully handle EMEDIUMTYPE in 'read-partitions'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/build/file-systems.scm (ENOENT-safe): Catch EMEDIUMTYPE and warn.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2022-10-20 23:07:37 +0200'>2022-10-20</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=c0773455397746b10194bc14c7cef144f4095b65'>file-systems: Support the 'no-diratime' mount flag.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/build/file-systems.scm (mount-flags-&gt;bit-mask): Handle 'no-diratime'.
* doc/guix.texi (File Systems): Document it.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-09-08 16:22:21 +0200'>2022-09-08</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=e05f7c55d78b90062aad26d8badc689ea72fe88b'>file-systems: Open files with O_CLOEXEC.</a><span class='msg-avail'>...<span class='msg-tooltip'>Since this code is run from PID 1, this ensures file descriptors to
sensitive files and devices are not accidentally leaked to
sub-processes.

* gnu/build/file-systems.scm (call-with-input-file): New procedure.
(mount-file-system): Use 'close-fdes' + 'open-fdes'.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-08-10 07:12:25 +0300'>2022-08-10</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=4b494878380920c8c7eecccd1f299164dd4a2c3f'>gnu: system: file-systems: Add shared flag.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/build/file-systems.scm (mount-flags-&gt;bit-mask, mount-file-system):
Handle shared flag.
* gnu/system/file-systems.scm (invalid-file-system-flags): Add shared to known
flags.
* guix/build/syscalls.scm (MS_SHARED): New variable.
* doc/guix.texi (File Systems): Document shared flag.
</span></span></td><td>Oleg Pykhalov</td></tr>
<tr><td><span title='2022-07-01 12:10:28 +0200'>2022-07-01</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=4636640de8ecd9e3702bca75c9ce0649ac5d4979'>file-systems: Add 'cleanly-unmounted-ext2?'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/build/file-systems.scm (ext2-superblock-cleanly-unmounted?)
(cleanly-unmounted-ext2?): New procedures.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-04-08 18:14:35 +0200'>2022-04-08</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=dcb0e54a4f78e04b51f6820b9bbafb1716cb2d73'>file-systems: Invoke fsck tools with 'system*/tty'.</a><span class='msg-avail'>...<span class='msg-tooltip'>This ensures those programs, if invoked by shepherd (where standard
input is /dev/null), can still interact with the user if needed.

* gnu/build/file-systems.scm (check-ext2-file-system)
(check-bcachefs-file-system, check-btrfs-file-system):
(check-fat-file-system, check-jfs-file-system):
(check-f2fs-file-system, check-ntfs-file-system):
(check-xfs-file-system): Use 'system*/tty' instead of 'system*'.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-04-08 18:14:35 +0200'>2022-04-08</span></td><td><a href='/guix/commit/gnu/build/file-systems.scm?id=931f13840bad7bd3cb98b7806f09ca2b3cf7cd10'>mapped-devices: Ensure 'cryptsetup open' gets a tty.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://issues.guix.gnu.org/54770&gt;.
Regression introduced in 400c9ed3d779308e56038305d40cd93acb496180.

Previously, for an encrypted /home (say), "cryptsetup open" would be
invoked by shepherd, with /dev/null as its standard input.  It would
thus run in non-interactive mode and, instead of asking for a
passphrase, fail with:

  Nothing to read on input.

This change ensures it runs in interactive mode.

* gnu/build/file-systems.scm (system*/console, system*/tty): New
procedures.
* gnu/system/mapped-devices.scm (open-luks-device): Use 'system*/tty'
instead of 'system*'.
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2022-11-20	file-systems: Always do recursive bind mounts....Fixes <https://issues.guix.gnu.org/59185>. * guix/build/syscalls.scm (MS_REC): New variable. * gnu/build/file-systems.scm (mount-flags->bit-mask): Set MS_REC bit when bind-mounting.	Ricardo Wurmus
2022-11-03	file-systems: Gracefully handle EMEDIUMTYPE in 'read-partitions'....* gnu/build/file-systems.scm (ENOENT-safe): Catch EMEDIUMTYPE and warn.	Marius Bakke
2022-10-20	file-systems: Support the 'no-diratime' mount flag....* gnu/build/file-systems.scm (mount-flags->bit-mask): Handle 'no-diratime'. * doc/guix.texi (File Systems): Document it.	Ludovic Courtès
2022-09-08	file-systems: Open files with O_CLOEXEC....Since this code is run from PID 1, this ensures file descriptors to sensitive files and devices are not accidentally leaked to sub-processes. * gnu/build/file-systems.scm (call-with-input-file): New procedure. (mount-file-system): Use 'close-fdes' + 'open-fdes'.	Ludovic Courtès
2022-08-10	gnu: system: file-systems: Add shared flag....* gnu/build/file-systems.scm (mount-flags->bit-mask, mount-file-system): Handle shared flag. * gnu/system/file-systems.scm (invalid-file-system-flags): Add shared to known flags. * guix/build/syscalls.scm (MS_SHARED): New variable. * doc/guix.texi (File Systems): Document shared flag.	Oleg Pykhalov
2022-07-01	file-systems: Add 'cleanly-unmounted-ext2?'....* gnu/build/file-systems.scm (ext2-superblock-cleanly-unmounted?) (cleanly-unmounted-ext2?): New procedures.	Ludovic Courtès
2022-04-08	file-systems: Invoke fsck tools with 'system/tty'....This ensures those programs, if invoked by shepherd (where standard input is /dev/null), can still interact with the user if needed. gnu/build/file-systems.scm (check-ext2-file-system) (check-bcachefs-file-system, check-btrfs-file-system): (check-fat-file-system, check-jfs-file-system): (check-f2fs-file-system, check-ntfs-file-system): (check-xfs-file-system): Use 'system/tty' instead of 'system'.	Ludovic Courtès
2022-04-08	mapped-devices: Ensure 'cryptsetup open' gets a tty....Fixes <https://issues.guix.gnu.org/54770>. Regression introduced in 400c9ed3d779308e56038305d40cd93acb496180. Previously, for an encrypted /home (say), "cryptsetup open" would be invoked by shepherd, with /dev/null as its standard input. It would thus run in non-interactive mode and, instead of asking for a passphrase, fail with: Nothing to read on input. This change ensures it runs in interactive mode. * gnu/build/file-systems.scm (system/console, system/tty): New procedures. * gnu/system/mapped-devices.scm (open-luks-device): Use 'system/tty' instead of 'system'.	Ludovic Courtès