diff options
| author | obache <obache@pkgsrc.org> | 2012-04-01 08:52:43 +0000 |
|---|---|---|
| committer | obache <obache@pkgsrc.org> | 2012-04-01 08:52:43 +0000 |
| commit | a74f4b1c6228858d0512b3bf74fe678a6c01dd45 (patch) | |
| tree | adbe2d0a8545f9018edd7a77164e7c028f7ee98e | |
| parent | 3ddc53fcf2c7ac51e790bbb012659413aaef95e1 (diff) | |
| download | pkgsrc-a74f4b1c6228858d0512b3bf74fe678a6c01dd45.tar.gz | |
Update expat to 2.1.0, contains security fixes.
Release 2.1.0 Sat March 24 2012
- Bug Fixes:
#1742315: Harmful XML_ParserCreateNS suggestion.
#2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
#1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
#1983953, 2517952, 2517962, 2649838:
Build modifications using autoreconf instead of buildconf.sh.
#2815947, #2884086: OBJEXT and EXEEXT support while building.
#1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
#2517938: xmlwf should return non-zero exit status if not well-formed.
#2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
#2855609: Dangling positionPtr after error.
#2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
#2958794: CVE-2012-1148 - Memory leak in poolGrow.
#2990652: CMake support.
#3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
#3206497: Unitialized memory returned from XML_Parse.
#3287849: make check fails on mingw-w64.
#3496608: CVE-2012-0876 - Hash DOS attack.
- Patches:
#1749198: pkg-config support.
#3010222: Fix for bug #3010819.
#3312568: CMake support.
#3446384: Report byte offsets for attr names and values.
- New Features / API changes:
Added new API member XML_SetHashSalt() that allows setting an intial
value (salt) for hash calculations. This is part of the fix for
bug #3496608 to randomize hash parameters.
When compiled with XML_ATTR_INFO defined, adds new API member
XML_GetAttributeInfo() that allows retrieving the byte
offsets for attribute names and values (patch #3446384).
Added CMake build system.
See bug #2990652 and patch #3312568.
Added run-benchmark target to Makefile.in - relies on testdata module
present in the same relative location as in the repository.
| -rw-r--r-- | textproc/expat/Makefile | 8 | ||||
| -rw-r--r-- | textproc/expat/PLIST | 3 | ||||
| -rw-r--r-- | textproc/expat/distinfo | 10 | ||||
| -rw-r--r-- | textproc/expat/patches/patch-aa | 15 | ||||
| -rw-r--r-- | textproc/expat/patches/patch-ab | 16 |
5 files changed, 11 insertions, 41 deletions
diff --git a/textproc/expat/Makefile b/textproc/expat/Makefile index 3ecb304e9e0..7d92f2968b8 100644 --- a/textproc/expat/Makefile +++ b/textproc/expat/Makefile @@ -1,14 +1,14 @@ -# $NetBSD: Makefile,v 1.25 2010/01/26 18:37:01 drochner Exp $ +# $NetBSD: Makefile,v 1.26 2012/04/01 08:52:43 obache Exp $ # -DISTNAME= expat-2.0.1 -PKGREVISION= 2 +DISTNAME= expat-2.1.0 CATEGORIES= textproc MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=expat/} MAINTAINER= drochner@NetBSD.org HOMEPAGE= http://expat.sourceforge.net/ COMMENT= XML parser library written in C +LICENSE= mit PKG_INSTALLATION_TYPES= overwrite pkgviews PKG_DESTDIR_SUPPORT= user-destdir @@ -17,6 +17,8 @@ GNU_CONFIGURE= YES USE_LIBTOOL= YES USE_TOOLS+= gmake +PKGCONFIG_OVERRIDE+= expat.pc.in + DOCDIR= ${PREFIX}/share/doc/html/expat post-install: diff --git a/textproc/expat/PLIST b/textproc/expat/PLIST index a0aba02bff1..42d13107e9c 100644 --- a/textproc/expat/PLIST +++ b/textproc/expat/PLIST @@ -1,8 +1,9 @@ -@comment $NetBSD: PLIST,v 1.8 2009/06/14 18:17:15 joerg Exp $ +@comment $NetBSD: PLIST,v 1.9 2012/04/01 08:52:43 obache Exp $ bin/xmlwf include/expat.h include/expat_external.h lib/libexpat.la +lib/pkgconfig/expat.pc man/man1/xmlwf.1 share/doc/html/expat/reference.html share/doc/html/expat/style.css diff --git a/textproc/expat/distinfo b/textproc/expat/distinfo index 25cc8ff31e2..7da9a0e4da4 100644 --- a/textproc/expat/distinfo +++ b/textproc/expat/distinfo @@ -1,7 +1,5 @@ -$NetBSD: distinfo,v 1.19 2010/01/26 18:37:01 drochner Exp $ +$NetBSD: distinfo,v 1.20 2012/04/01 08:52:43 obache Exp $ -SHA1 (expat-2.0.1.tar.gz) = 663548c37b996082db1f2f2c32af060d7aa15c2d -RMD160 (expat-2.0.1.tar.gz) = d31bcb152adaff9e358968be1ea901e1b4ed3b2f -Size (expat-2.0.1.tar.gz) = 446456 bytes -SHA1 (patch-aa) = 79b4caee7c1be8cecb1590b19c220d39e4723a26 -SHA1 (patch-ab) = bdca769ae40099e2e0e0f04c96b9ce7a97b4d66b +SHA1 (expat-2.1.0.tar.gz) = b08197d146930a5543a7b99e871cba3da614f6f0 +RMD160 (expat-2.1.0.tar.gz) = bffca083d29fe7688f106a902ef9b909c3321c5d +Size (expat-2.1.0.tar.gz) = 562616 bytes diff --git a/textproc/expat/patches/patch-aa b/textproc/expat/patches/patch-aa deleted file mode 100644 index 9c21a0929dc..00000000000 --- a/textproc/expat/patches/patch-aa +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-aa,v 1.8 2009/11/08 08:34:32 obache Exp $ - -CVE-2009-3720 - ---- lib/xmltok_impl.c.orig 2009-09-10 11:37:45.000000000 +0200 -+++ lib/xmltok_impl.c -@@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *e - const char *end, - POSITION *pos) - { -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ diff --git a/textproc/expat/patches/patch-ab b/textproc/expat/patches/patch-ab deleted file mode 100644 index fd7601cedf4..00000000000 --- a/textproc/expat/patches/patch-ab +++ /dev/null @@ -1,16 +0,0 @@ -$NetBSD: patch-ab,v 1.1 2010/01/26 18:37:01 drochner Exp $ - -CVE-2009-3560 - ---- lib/xmlparse.c.orig 2007-05-08 02:25:35.000000000 +0000 -+++ lib/xmlparse.c -@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, - return XML_ERROR_UNCLOSED_TOKEN; - case XML_TOK_PARTIAL_CHAR: - return XML_ERROR_PARTIAL_CHAR; -+ case -XML_TOK_PROLOG_S: -+ tok = -tok; -+ break; - case XML_TOK_NONE: - #ifdef XML_DTD - /* for internal PE NOT referenced between declarations */ |