diff options
author | obache <obache> | 2011-07-03 08:26:55 +0000 |
---|---|---|
committer | obache <obache> | 2011-07-03 08:26:55 +0000 |
commit | 8379b5fb455736e503de2ad8746f3874429db731 (patch) | |
tree | df4e83caad3d5a127492305785e6f3ef869bf92b /chat | |
parent | 60898bc157c5fc5d06038489d01e04c1b70be5a9 (diff) | |
download | pkgsrc-8379b5fb455736e503de2ad8746f3874429db731.tar.gz |
Add patches for CVE-2011-1754. Bump PKGREVISION.
Diffstat (limited to 'chat')
-rw-r--r-- | chat/jabberd/Makefile | 4 | ||||
-rw-r--r-- | chat/jabberd/distinfo | 4 | ||||
-rw-r--r-- | chat/jabberd/patches/patch-jabberd_lib_xstream.c | 14 | ||||
-rw-r--r-- | chat/jabberd/patches/patch-jabberd_mio__xml.c | 14 |
4 files changed, 33 insertions, 3 deletions
diff --git a/chat/jabberd/Makefile b/chat/jabberd/Makefile index ca08a2a688b..5c3c6634082 100644 --- a/chat/jabberd/Makefile +++ b/chat/jabberd/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.33 2010/05/04 18:33:35 gdt Exp $ +# $NetBSD: Makefile,v 1.34 2011/07/03 08:26:55 obache Exp $ # DISTNAME= jabber-1.4.2 PKGNAME= jabberd-1.4.2 -PKGREVISION= 8 +PKGREVISION= 9 CATEGORIES= chat MASTER_SITES= http://download.jabberd.org/jabberd14/ diff --git a/chat/jabberd/distinfo b/chat/jabberd/distinfo index a0b97ac91e7..03044d7f26d 100644 --- a/chat/jabberd/distinfo +++ b/chat/jabberd/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2010/05/04 18:33:35 gdt Exp $ +$NetBSD: distinfo,v 1.9 2011/07/03 08:26:55 obache Exp $ SHA1 (jabber-1.4.2.tar.gz) = aa0bc2e9815e4fa4a1ca8ba7f320bfd3c85ba11f RMD160 (jabber-1.4.2.tar.gz) = bff5a02d3b76243ce59ddb66873ca1c51ef4bb5f @@ -7,3 +7,5 @@ SHA1 (patch-aa) = 5e62a744f35697961fc6708c2be2c374a9782505 SHA1 (patch-ab) = 8722b0db3870e14eaf3e40f5493544db8a813fc1 SHA1 (patch-ac) = 3b17761c9ea2d1e17f3194ac8cf54fbca4c80367 SHA1 (patch-ad) = 1eb45d4433731867bc23afebefb54b7e18217a8d +SHA1 (patch-jabberd_lib_xstream.c) = 7a6eb4012057abb0478ca07d0deb38109ab255cf +SHA1 (patch-jabberd_mio__xml.c) = 45c57d481bfa7b84dbe5fa73f2b2c9127490d683 diff --git a/chat/jabberd/patches/patch-jabberd_lib_xstream.c b/chat/jabberd/patches/patch-jabberd_lib_xstream.c new file mode 100644 index 00000000000..b9a49f7761a --- /dev/null +++ b/chat/jabberd/patches/patch-jabberd_lib_xstream.c @@ -0,0 +1,14 @@ +$NetBSD: patch-jabberd_lib_xstream.c,v 1.1 2011/07/03 08:26:55 obache Exp $ + +* fix CVE-2011-1754 + +--- jabberd/lib/xstream.c.orig 2002-02-08 07:39:24.000000000 +0000 ++++ jabberd/lib/xstream.c +@@ -142,6 +142,7 @@ xstream xstream_new(pool p, xstream_onNo + + /* create expat parser and ensure cleanup */ + newx->parser = XML_ParserCreate(NULL); ++ XML_SetDefaultHandler(newx->parser, NULL); + XML_SetUserData(newx->parser, (void *)newx); + XML_SetElementHandler(newx->parser, (void *)_xstream_startElement, (void *)_xstream_endElement); + XML_SetCharacterDataHandler(newx->parser, (void *)_xstream_charData); diff --git a/chat/jabberd/patches/patch-jabberd_mio__xml.c b/chat/jabberd/patches/patch-jabberd_mio__xml.c new file mode 100644 index 00000000000..d3e022ed856 --- /dev/null +++ b/chat/jabberd/patches/patch-jabberd_mio__xml.c @@ -0,0 +1,14 @@ +$NetBSD: patch-jabberd_mio__xml.c,v 1.1 2011/07/03 08:26:55 obache Exp $ + +* fix CVE-2011-1754 + +--- jabberd/mio_xml.c.orig 2002-02-08 07:39:27.000000000 +0000 ++++ jabberd/mio_xml.c +@@ -118,6 +118,7 @@ void _mio_xstream_init(mio m) + /* Initialize the parser */ + m->parser = XML_ParserCreate(NULL); + XML_SetUserData(m->parser, m); ++ XML_SetDefaultHandler(m->parser, NULL); + XML_SetElementHandler(m->parser, (void*)_mio_xstream_startElement, (void*)_mio_xstream_endElement); + XML_SetCharacterDataHandler(m->parser, (void*)_mio_xstream_CDATA); + /* Setup a cleanup routine to release the parser when everything is done */ |