3 files changed, 21 insertions, 0 deletions

diff --git a/bugs/README.md b/bugs/README.md
index c4160be..59b420c 100644
--- a/bugs/README.md
+++ b/bugs/README.md
@@ -79,6 +79,11 @@
 
 ## libxml2
 
+- CVE-2012-5134: [heap buffer overflow][chromium-40076524]
+
+      guix shell libxml2@2.9.0
+      xmllint cve/2012/5134/bad.xml
+
 - CVE-2016-1838: [heap buffer overflow][chromium-42452154]
 
       guix shell libxml2@2.9.3
@@ -103,6 +108,7 @@
       potrace cve/2013/7437/2.bmp
 
 [chromium-40058947]: https://issues.chromium.org/issues/40058947
+[chromium-40076524]: https://issues.chromium.org/issues/40076524
 [chromium-42452152]: https://project-zero.issues.chromium.org/issues/42452152
 [chromium-42452154]: https://project-zero.issues.chromium.org/issues/42452154
 [jasper-22]: https://github.com/jasper-software/jasper/issues/22
diff --git a/bugs/cve/2012/5134/bad.xml b/bugs/cve/2012/5134/bad.xml
new file mode 100644
index 0000000..0bf2524
--- /dev/null
+++ b/bugs/cve/2012/5134/bad.xml
@@ -0,0 +1,2 @@
+<!DOCTYPE e [<!ATTLIST e a ID #REQUIRED>]>
+<e a="&#32; "/>
diff --git a/loftix/bugs.scm b/loftix/bugs.scm
index 74f86e1..32774dc 100644
--- a/loftix/bugs.scm
+++ b/loftix/bugs.scm
@@ -215,6 +215,19 @@
                  ;; Tests fail with ASan enabled^
                  #:tests? #f))))
 
+(define-public libxml2-2.9.0-asan
+  (package
+    (inherit libxml2-2.9.3-asan)
+    (name "libxml2")
+    (version "2.9.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "10ib8bpar2pl68aqksfinvfmqknwnk7i35ibq6yjl8dpb0cxj9dd"))))))
+
 (define-public potrace-1.11
   (package
     (inherit potrace)