diff options
author | rtr <rtr@pkgsrc.org> | 2008-11-26 11:12:09 +0000 |
---|---|---|
committer | rtr <rtr@pkgsrc.org> | 2008-11-26 11:12:09 +0000 |
commit | 5853e1238b8c8a3e3efda272119a2ef589f31046 (patch) | |
tree | 8de9a75c8612a9cca4c7f2e3fab97ec5e2a56b97 | |
parent | 9f46ba068b4f4a680cf2fe67b4fde643c0beda00 (diff) | |
download | pkgsrc-5853e1238b8c8a3e3efda272119a2ef589f31046.tar.gz |
pullup ticket #2596 - requested by tron
libxml2: update and patch package for security fixes
revisions pulled up:
pkgsrc/textproc/libxml2/Makefile 1.97,1.98,1.99
pkgsrc/textproc/libxml2/distinfo 1.69,1.70
pkgsrc/textproc/libxml2/patches/patch-af r0,1.3
pkgsrc/textproc/libxml2/patches/patch-ag r0,1.5
pkgsrc/textproc/libxml2/patches/patch-ah 1.3
Module Name: pkgsrc
Committed By: drochner
Date: Thu Oct 16 13:31:57 UTC 2008
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
Removed Files:
pkgsrc/textproc/libxml2/patches: patch-af patch-ag
Log Message:
update to 2.7.2
changes:
-Portability fix: fix solaris compilation problem, fix compilation
if XPath is not configured in
-Bug fixes: nasty entity bug introduced in 2.7.0, restore old behaviour
when saving an HTML doc with an xml dump function,
HTML UTF-8 parsing bug, fix reader custom error handlers
-Improvement: xmlSave options for more flexibility to save
as XML/HTML/XHTML, handle leading BOM in HTML documents
------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Oct 17 16:06:04 UTC 2008
Modified Files:
pkgsrc/textproc/libxml2: Makefile
Log Message:
restore the without-threads config arg which I accidentally commented
out in the last update, bump PKGREVISION
fixes PR pkg/39755 by David A. Holland
------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 24 13:59:16 UTC 2008
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
Added Files:
pkgsrc/textproc/libxml2/patches: patch-af patch-ag patch-ah
Log Message:
Add fixes for security vulnerabilities reported in CVE-2008-4225 and
CVE-2008-4226 from "libxml2" SVN repository. Bump package revision.
-rw-r--r-- | textproc/libxml2/Makefile | 6 | ||||
-rw-r--r-- | textproc/libxml2/distinfo | 12 | ||||
-rw-r--r-- | textproc/libxml2/patches/patch-af | 57 | ||||
-rw-r--r-- | textproc/libxml2/patches/patch-ag | 24 | ||||
-rw-r--r-- | textproc/libxml2/patches/patch-ah | 28 |
5 files changed, 100 insertions, 27 deletions
diff --git a/textproc/libxml2/Makefile b/textproc/libxml2/Makefile index b61356afca1..5a5fe48be14 100644 --- a/textproc/libxml2/Makefile +++ b/textproc/libxml2/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.94.4.1 2008/10/12 12:09:10 rtr Exp $ +# $NetBSD: Makefile,v 1.94.4.2 2008/11/26 11:12:09 rtr Exp $ -DISTNAME= libxml2-2.7.1 -PKGREVISION= 1 +DISTNAME= libxml2-2.7.2 +PKGREVISION= 2 CATEGORIES= textproc MASTER_SITES= ftp://xmlsoft.org/libxml2/ \ http://xmlsoft.org/sources/ diff --git a/textproc/libxml2/distinfo b/textproc/libxml2/distinfo index 608bde455a9..460b2ce9a8e 100644 --- a/textproc/libxml2/distinfo +++ b/textproc/libxml2/distinfo @@ -1,11 +1,13 @@ -$NetBSD: distinfo,v 1.66.4.1 2008/10/12 12:09:10 rtr Exp $ +$NetBSD: distinfo,v 1.66.4.2 2008/11/26 11:12:09 rtr Exp $ -SHA1 (libxml2-2.7.1.tar.gz) = 54b2d24ce0b716054628303bff47cf0db2966d84 -RMD160 (libxml2-2.7.1.tar.gz) = 4de3732c39efa95b63abbd60dbb74357075faf63 -Size (libxml2-2.7.1.tar.gz) = 4769568 bytes +SHA1 (libxml2-2.7.2.tar.gz) = 750b2bcd4ee3bf8595baf97e1881f1a57b1ef363 +RMD160 (libxml2-2.7.2.tar.gz) = 2b14531007a705679c7814618dc15baed62bc574 +Size (libxml2-2.7.2.tar.gz) = 4790639 bytes SHA1 (patch-aa) = bf7db00ddf8a36394521baf656cf83d99bd9cbd3 SHA1 (patch-ab) = a8dc745539528db69bf1ccb8977a69c24fa818e3 SHA1 (patch-ac) = 264c75cf9fff5319105b971c122cdf5fc103c04e SHA1 (patch-ad) = cd45da492b02cce9983c46762839f68b8b1e0177 SHA1 (patch-ae) = b9176919edbf3582cb24aff53f7c4f291e2b78c8 -SHA1 (patch-af) = 53757ead74ac0f3bba68adee89a65fcfa544fc59 +SHA1 (patch-af) = 7d748c002fc8c7c2a80c28790c2ae719ab05aa5e +SHA1 (patch-ag) = 91b8fb441d997fc6a0ecf622e96eb3690f2d27fb +SHA1 (patch-ah) = 33996d6f8e9eeffa8d0b813ffc7721436c46eb21 diff --git a/textproc/libxml2/patches/patch-af b/textproc/libxml2/patches/patch-af index fa85f6357ab..0e9b4a41d3c 100644 --- a/textproc/libxml2/patches/patch-af +++ b/textproc/libxml2/patches/patch-af @@ -1,21 +1,40 @@ -$NetBSD: patch-af,v 1.1.2.2 2008/10/12 12:09:10 rtr Exp $ +$NetBSD: patch-af,v 1.1.2.3 2008/11/26 11:12:10 rtr Exp $ -Patch for CVE-2008-4409 taken from here: - -http://bugzilla.gnome.org/show_bug.cgi?id=554660 -http://bugzilla.gnome.org/attachment.cgi?id=119824 - ---- parser.c.orig 2008-09-01 07:22:40.000000000 +0100 -+++ parser.c 2008-10-09 15:22:55.000000000 +0100 -@@ -7225,8 +7225,10 @@ - * Predefined entites override any extra definition - */ - ent = xmlGetPredefinedEntity(name); -- if (ent != NULL) -+ if (ent != NULL) { -+ *str = ptr; - return(ent); -+ } +--- SAX2.c.orig 2008-08-25 10:02:32.000000000 +0100 ++++ SAX2.c 2008-11-24 13:25:21.000000000 +0000 +@@ -11,6 +11,7 @@ + #include "libxml.h" + #include <stdlib.h> + #include <string.h> ++#include <limits.h> + #include <libxml/xmlmemory.h> + #include <libxml/tree.h> + #include <libxml/parser.h> +@@ -26,6 +27,11 @@ + #include <libxml/HTMLtree.h> + #include <libxml/globals.h> + ++/* Define SIZE_T_MAX unless defined through <limits.h>. */ ++#ifndef SIZE_T_MAX ++# define SIZE_T_MAX ((size_t)-1) ++#endif /* !SIZE_T_MAX */ ++ + /* #define DEBUG_SAX2 */ + /* #define DEBUG_SAX2_TREE */ + +@@ -2455,9 +2461,14 @@ + (xmlDictOwns(ctxt->dict, lastChild->content))) { + lastChild->content = xmlStrdup(lastChild->content); + } ++ if ((size_t)ctxt->nodelen > SIZE_T_MAX - (size_t)len || ++ (size_t)ctxt->nodemem + (size_t)len > SIZE_T_MAX / 2) { ++ xmlSAX2ErrMemory(ctxt, "xmlSAX2Characters overflow prevented"); ++ return; ++ } + if (ctxt->nodelen + len >= ctxt->nodemem) { + xmlChar *newbuf; +- int size; ++ size_t size; - /* - * Increate the number of entity references parsed + size = ctxt->nodemem + len; + size *= 2; diff --git a/textproc/libxml2/patches/patch-ag b/textproc/libxml2/patches/patch-ag new file mode 100644 index 00000000000..77035255af9 --- /dev/null +++ b/textproc/libxml2/patches/patch-ag @@ -0,0 +1,24 @@ +$NetBSD: patch-ag,v 1.2.18.1 2008/11/26 11:12:10 rtr Exp $ + +--- parser.c.orig 2008-10-03 08:40:37.000000000 +0100 ++++ parser.c 2008-11-24 13:26:17.000000000 +0000 +@@ -4142,6 +4142,9 @@ + line = ctxt->input->line; + col = ctxt->input->col; + } ++ /* something really bad happened in the SAX callback */ ++ if (ctxt->instate != XML_PARSER_CONTENT) ++ return; + } + ctxt->input->cur = in; + if (*in == 0xD) { +@@ -4222,6 +4225,9 @@ + } + } + nbchar = 0; ++ /* something really bad happened in the SAX callback */ ++ if (ctxt->instate != XML_PARSER_CONTENT) ++ return; + } + count++; + if (count > 50) { diff --git a/textproc/libxml2/patches/patch-ah b/textproc/libxml2/patches/patch-ah new file mode 100644 index 00000000000..bfab31383e2 --- /dev/null +++ b/textproc/libxml2/patches/patch-ah @@ -0,0 +1,28 @@ +$NetBSD: patch-ah,v 1.2.22.1 2008/11/26 11:12:10 rtr Exp $ + +--- tree.c.orig 2008-09-01 08:17:20.000000000 +0100 ++++ tree.c 2008-11-24 13:27:08.000000000 +0000 +@@ -14,7 +14,7 @@ + #include "libxml.h" + + #include <string.h> /* for memset() only ! */ +- ++#include <limits.h> + #ifdef HAVE_CTYPE_H + #include <ctype.h> + #endif +@@ -6996,7 +6996,13 @@ + case XML_BUFFER_ALLOC_DOUBLEIT: + /*take care of empty case*/ + newSize = (buf->size ? buf->size*2 : size + 10); +- while (size > newSize) newSize *= 2; ++ while (size > newSize) { ++ if (newSize > UINT_MAX / 2) { ++ xmlTreeErrMemory("growing buffer"); ++ return 0; ++ } ++ newSize *= 2; ++ } + break; + case XML_BUFFER_ALLOC_EXACT: + newSize = size+10; |