diff options
| author | drochner <drochner@pkgsrc.org> | 2010-01-26 18:37:01 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2010-01-26 18:37:01 +0000 |
| commit | 0cd59efa20d5dd468c3f8080dfff4919cf1bbd3a (patch) | |
| tree | eb212783b40ae97c5c5aaccd7444eb51c192cffb /textproc/expat | |
| parent | fe8e6c454d555ef72101cb96e18de2bafae53a66 (diff) | |
| download | pkgsrc-0cd59efa20d5dd468c3f8080dfff4919cf1bbd3a.tar.gz | |
add patch from upstream CVS to fix CVE-2009-3560
(possible DOS due to crash on bad input)
bump PKGREVISION
Diffstat (limited to 'textproc/expat')
| -rw-r--r-- | textproc/expat/Makefile | 4 | ||||
| -rw-r--r-- | textproc/expat/distinfo | 3 | ||||
| -rw-r--r-- | textproc/expat/patches/patch-ab | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/textproc/expat/Makefile b/textproc/expat/Makefile index a741f6389f1..3ecb304e9e0 100644 --- a/textproc/expat/Makefile +++ b/textproc/expat/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.24 2009/09/10 09:59:20 drochner Exp $ +# $NetBSD: Makefile,v 1.25 2010/01/26 18:37:01 drochner Exp $ # DISTNAME= expat-2.0.1 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= textproc MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=expat/} diff --git a/textproc/expat/distinfo b/textproc/expat/distinfo index 314bdc271f6..25cc8ff31e2 100644 --- a/textproc/expat/distinfo +++ b/textproc/expat/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.18 2009/11/08 08:34:32 obache Exp $ +$NetBSD: distinfo,v 1.19 2010/01/26 18:37:01 drochner Exp $ SHA1 (expat-2.0.1.tar.gz) = 663548c37b996082db1f2f2c32af060d7aa15c2d RMD160 (expat-2.0.1.tar.gz) = d31bcb152adaff9e358968be1ea901e1b4ed3b2f Size (expat-2.0.1.tar.gz) = 446456 bytes SHA1 (patch-aa) = 79b4caee7c1be8cecb1590b19c220d39e4723a26 +SHA1 (patch-ab) = bdca769ae40099e2e0e0f04c96b9ce7a97b4d66b diff --git a/textproc/expat/patches/patch-ab b/textproc/expat/patches/patch-ab new file mode 100644 index 00000000000..fd7601cedf4 --- /dev/null +++ b/textproc/expat/patches/patch-ab @@ -0,0 +1,16 @@ +$NetBSD: patch-ab,v 1.1 2010/01/26 18:37:01 drochner Exp $ + +CVE-2009-3560 + +--- lib/xmlparse.c.orig 2007-05-08 02:25:35.000000000 +0000 ++++ lib/xmlparse.c +@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ |