summaryrefslogtreecommitdiff
path: root/chat
diff options
context:
space:
mode:
authorobache <obache>2011-07-03 08:26:55 +0000
committerobache <obache>2011-07-03 08:26:55 +0000
commit8379b5fb455736e503de2ad8746f3874429db731 (patch)
treedf4e83caad3d5a127492305785e6f3ef869bf92b /chat
parent60898bc157c5fc5d06038489d01e04c1b70be5a9 (diff)
downloadpkgsrc-8379b5fb455736e503de2ad8746f3874429db731.tar.gz
Add patches for CVE-2011-1754. Bump PKGREVISION.
Diffstat (limited to 'chat')
-rw-r--r--chat/jabberd/Makefile4
-rw-r--r--chat/jabberd/distinfo4
-rw-r--r--chat/jabberd/patches/patch-jabberd_lib_xstream.c14
-rw-r--r--chat/jabberd/patches/patch-jabberd_mio__xml.c14
4 files changed, 33 insertions, 3 deletions
diff --git a/chat/jabberd/Makefile b/chat/jabberd/Makefile
index ca08a2a688b..5c3c6634082 100644
--- a/chat/jabberd/Makefile
+++ b/chat/jabberd/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.33 2010/05/04 18:33:35 gdt Exp $
+# $NetBSD: Makefile,v 1.34 2011/07/03 08:26:55 obache Exp $
#
DISTNAME= jabber-1.4.2
PKGNAME= jabberd-1.4.2
-PKGREVISION= 8
+PKGREVISION= 9
CATEGORIES= chat
MASTER_SITES= http://download.jabberd.org/jabberd14/
diff --git a/chat/jabberd/distinfo b/chat/jabberd/distinfo
index a0b97ac91e7..03044d7f26d 100644
--- a/chat/jabberd/distinfo
+++ b/chat/jabberd/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2010/05/04 18:33:35 gdt Exp $
+$NetBSD: distinfo,v 1.9 2011/07/03 08:26:55 obache Exp $
SHA1 (jabber-1.4.2.tar.gz) = aa0bc2e9815e4fa4a1ca8ba7f320bfd3c85ba11f
RMD160 (jabber-1.4.2.tar.gz) = bff5a02d3b76243ce59ddb66873ca1c51ef4bb5f
@@ -7,3 +7,5 @@ SHA1 (patch-aa) = 5e62a744f35697961fc6708c2be2c374a9782505
SHA1 (patch-ab) = 8722b0db3870e14eaf3e40f5493544db8a813fc1
SHA1 (patch-ac) = 3b17761c9ea2d1e17f3194ac8cf54fbca4c80367
SHA1 (patch-ad) = 1eb45d4433731867bc23afebefb54b7e18217a8d
+SHA1 (patch-jabberd_lib_xstream.c) = 7a6eb4012057abb0478ca07d0deb38109ab255cf
+SHA1 (patch-jabberd_mio__xml.c) = 45c57d481bfa7b84dbe5fa73f2b2c9127490d683
diff --git a/chat/jabberd/patches/patch-jabberd_lib_xstream.c b/chat/jabberd/patches/patch-jabberd_lib_xstream.c
new file mode 100644
index 00000000000..b9a49f7761a
--- /dev/null
+++ b/chat/jabberd/patches/patch-jabberd_lib_xstream.c
@@ -0,0 +1,14 @@
+$NetBSD: patch-jabberd_lib_xstream.c,v 1.1 2011/07/03 08:26:55 obache Exp $
+
+* fix CVE-2011-1754
+
+--- jabberd/lib/xstream.c.orig 2002-02-08 07:39:24.000000000 +0000
++++ jabberd/lib/xstream.c
+@@ -142,6 +142,7 @@ xstream xstream_new(pool p, xstream_onNo
+
+ /* create expat parser and ensure cleanup */
+ newx->parser = XML_ParserCreate(NULL);
++ XML_SetDefaultHandler(newx->parser, NULL);
+ XML_SetUserData(newx->parser, (void *)newx);
+ XML_SetElementHandler(newx->parser, (void *)_xstream_startElement, (void *)_xstream_endElement);
+ XML_SetCharacterDataHandler(newx->parser, (void *)_xstream_charData);
diff --git a/chat/jabberd/patches/patch-jabberd_mio__xml.c b/chat/jabberd/patches/patch-jabberd_mio__xml.c
new file mode 100644
index 00000000000..d3e022ed856
--- /dev/null
+++ b/chat/jabberd/patches/patch-jabberd_mio__xml.c
@@ -0,0 +1,14 @@
+$NetBSD: patch-jabberd_mio__xml.c,v 1.1 2011/07/03 08:26:55 obache Exp $
+
+* fix CVE-2011-1754
+
+--- jabberd/mio_xml.c.orig 2002-02-08 07:39:27.000000000 +0000
++++ jabberd/mio_xml.c
+@@ -118,6 +118,7 @@ void _mio_xstream_init(mio m)
+ /* Initialize the parser */
+ m->parser = XML_ParserCreate(NULL);
+ XML_SetUserData(m->parser, m);
++ XML_SetDefaultHandler(m->parser, NULL);
+ XML_SetElementHandler(m->parser, (void*)_mio_xstream_startElement, (void*)_mio_xstream_endElement);
+ XML_SetCharacterDataHandler(m->parser, (void*)_mio_xstream_CDATA);
+ /* Setup a cleanup routine to release the parser when everything is done */