diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2016-12-28 17:14:20 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2016-12-28 17:14:20 +0000 |
| commit | cf13894f196ecc0d510f201da10e960b92e3fbf1 (patch) | |
| tree | 09563c5e2482f00010ac6ce8f87d72fb9d8ba941 /textproc/libxml2/patches/patch-xpath.c | |
| parent | 9606a53ef5334d52a848b4b1e8feeb5cf0550b1c (diff) | |
| download | pkgsrc-cf13894f196ecc0d510f201da10e960b92e3fbf1.tar.gz | |
Pullup ticket #5175 - requested by sevan
textproc/libxml2: security fix
Revisions pulled up:
- textproc/libxml2/Makefile.common 1.4
- textproc/libxml2/distinfo 1.114
- textproc/libxml2/patches/patch-result_XPath_xptr_vidbase 1.1
- textproc/libxml2/patches/patch-test_XPath_xptr_vidbase 1.1
- textproc/libxml2/patches/patch-xpath.c 1.1
- textproc/libxml2/patches/patch-xpointer.c 1.4
---
Module Name: pkgsrc
Committed By: sevan
Date: Tue Dec 27 02:34:34 UTC 2016
Modified Files:
pkgsrc/textproc/libxml2: Makefile.common distinfo
Added Files:
pkgsrc/textproc/libxml2/patches: patch-result_XPath_xptr_vidbase
patch-test_XPath_xptr_vidbase patch-xpath.c patch-xpointer.c
Log Message:
Patch for CVE-2016-4658 & CVE-2016-5131
Bump rev
Diffstat (limited to 'textproc/libxml2/patches/patch-xpath.c')
| -rw-r--r-- | textproc/libxml2/patches/patch-xpath.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/textproc/libxml2/patches/patch-xpath.c b/textproc/libxml2/patches/patch-xpath.c new file mode 100644 index 00000000000..e1ce2a83d91 --- /dev/null +++ b/textproc/libxml2/patches/patch-xpath.c @@ -0,0 +1,27 @@ +$NetBSD: patch-xpath.c,v 1.1.2.2 2016/12/28 17:14:20 bsiegert Exp $ + +CVE-2016-5131 +https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e + +--- xpath.c.orig 2016-12-27 02:21:53.000000000 +0000 ++++ xpath.c +@@ -10691,13 +10691,18 @@ xmlXPathCompPathExpr(xmlXPathParserConte + lc = 1; + break; + } else if ((NXT(len) == '(')) { +- /* Note Type or Function */ ++ /* Node Type or Function */ + if (xmlXPathIsNodeType(name)) { + #ifdef DEBUG_STEP + xmlGenericError(xmlGenericErrorContext, + "PathExpr: Type search\n"); + #endif + lc = 1; ++#ifdef LIBXML_XPTR_ENABLED ++ } else if (ctxt->xptr && ++ xmlStrEqual(name, BAD_CAST "range-to")) { ++ lc = 1; ++#endif + } else { + #ifdef DEBUG_STEP + xmlGenericError(xmlGenericErrorContext, |