diff options
Diffstat (limited to 'debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch')
-rw-r--r-- | debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch | 58 |
1 files changed, 0 insertions, 58 deletions
diff --git a/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch b/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch deleted file mode 100644 index d9fc108..0000000 --- a/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch +++ /dev/null @@ -1,58 +0,0 @@ -From: Daniel Veillard <veillard@redhat.com> -Date: Wed, 11 Jun 2014 16:54:32 +0800 -Subject: Fix regressions introduced by CVE-2014-0191 patch - -A number of issues have been raised after the fix, and this patch -tries to correct all of them, though most were related to -postvalidation. -https://bugzilla.gnome.org/show_bug.cgi?id=730290 -and other reports on list, off-list and on Red Hat bugzilla ---- - parser.c | 13 +++++++++++-- - 1 file changed, 11 insertions(+), 2 deletions(-) - -diff --git a/parser.c b/parser.c -index 8aad7b4..ea0ea65 100644 ---- a/parser.c -+++ b/parser.c -@@ -2595,8 +2595,8 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { - xmlCharEncoding enc; - - /* -- * Note: external parsed entities will not be loaded, it is -- * not required for a non-validating parser, unless the -+ * Note: external parameter entities will not be loaded, it -+ * is not required for a non-validating parser, unless the - * option of validating, or substituting entities were - * given. Doing so is far more secure as the parser will - * only process data coming from the document entity by -@@ -2605,6 +2605,9 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { - if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && - ((ctxt->options & XML_PARSE_NOENT) == 0) && - ((ctxt->options & XML_PARSE_DTDVALID) == 0) && -+ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) && -+ ((ctxt->options & XML_PARSE_DTDATTR) == 0) && -+ (ctxt->replaceEntities == 0) && - (ctxt->validate == 0)) - return; - -@@ -12609,6 +12612,9 @@ xmlIOParseDTD(xmlSAXHandlerPtr sax, xmlParserInputBufferPtr input, - return(NULL); - } - -+ /* We are loading a DTD */ -+ ctxt->options |= XML_PARSE_DTDLOAD; -+ - /* - * Set-up the SAX context - */ -@@ -12736,6 +12742,9 @@ xmlSAXParseDTD(xmlSAXHandlerPtr sax, const xmlChar *ExternalID, - return(NULL); - } - -+ /* We are loading a DTD */ -+ ctxt->options |= XML_PARSE_DTDLOAD; -+ - /* - * Set-up the SAX context - */ |