Version in base suite: 2.6.2-4+deb11u1

Base version: tinyxml_2.6.2-4+deb11u1
Target version: tinyxml_2.6.2-4+deb11u2
Base file: /srv/ftp-master.debian.org/ftp/pool/main/t/tinyxml/tinyxml_2.6.2-4+deb11u1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/t/tinyxml/tinyxml_2.6.2-4+deb11u2.dsc

 changelog                    |    9 +++++++++
 patches/CVE-2023-34194.patch |   27 +++++++++++++++++++++++++++
 patches/series               |    1 +
 3 files changed, 37 insertions(+)

diff -Nru tinyxml-2.6.2/debian/changelog tinyxml-2.6.2/debian/changelog
--- tinyxml-2.6.2/debian/changelog	2022-10-20 14:32:51.000000000 +0000
+++ tinyxml-2.6.2/debian/changelog	2024-01-25 03:12:05.000000000 +0000
@@ -1,3 +1,12 @@
+tinyxml (2.6.2-4+deb11u2) bullseye; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2023-34194: Reachable assertion (and application exit) via a
+    crafted XML document with a '\0' located after whitespace.
+    (Closes: #1059315)
+
+ -- Guilhem Moulin <guilhem@debian.org>  Thu, 25 Jan 2024 04:12:05 +0100
+
 tinyxml (2.6.2-4+deb11u1) bullseye; urgency=medium
 
   * Import fix for CVE-2021-42260.
diff -Nru tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch
--- tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch	1970-01-01 00:00:00.000000000 +0000
+++ tinyxml-2.6.2/debian/patches/CVE-2023-34194.patch	2024-01-25 03:12:05.000000000 +0000
@@ -0,0 +1,27 @@
+From: Guilhem Moulin <guilhem@debian.org>
+Date: Sat, 30 Dec 2023 14:15:54 +0100
+Subject: Avoid reachable assertion via crafted XML document with a '\0'
+ located after whitespace
+
+Bug: https://www.forescout.com/resources/sierra21-vulnerabilities
+Bug-Debian: https://bugs.debian.org/1059315
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-34194
+---
+ tinyxmlparser.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp
+index 8aa0dfa..1601962 100644
+--- a/tinyxmlparser.cpp
++++ b/tinyxmlparser.cpp
+@@ -1606,6 +1606,10 @@ const char* TiXmlDeclaration::Parse( const char* p, TiXmlParsingData* data, TiXm
+ 		}
+ 
+ 		p = SkipWhiteSpace( p, _encoding );
++		if ( !p || !*p )
++		{
++			break;
++		}
+ 		if ( StringEqual( p, "version", true, _encoding ) )
+ 		{
+ 			TiXmlAttribute attrib;
diff -Nru tinyxml-2.6.2/debian/patches/series tinyxml-2.6.2/debian/patches/series
--- tinyxml-2.6.2/debian/patches/series	2022-10-20 14:32:49.000000000 +0000
+++ tinyxml-2.6.2/debian/patches/series	2024-01-25 03:12:05.000000000 +0000
@@ -1,3 +1,4 @@
 enforce-use-stl.patch
 entity-encoding.patch
 CVE-2021-42260.patch
+CVE-2023-34194.patch