diff options
author | obache <obache> | 2011-09-01 14:29:04 +0000 |
---|---|---|
committer | obache <obache> | 2011-09-01 14:29:04 +0000 |
commit | 1fd8083a31162c7c832fb2df9d442954f77b7287 (patch) | |
tree | fabac49a522763c6a5886b6b7867bad570d90f47 /textproc | |
parent | 3b44f5a11bca4780f626c8ec18415fed7e1892b5 (diff) | |
download | pkgsrc-1fd8083a31162c7c832fb2df9d442954f77b7287.tar.gz |
Add a patch to fix CVE-2009-2414 and CVE-2009-2616,
taken from openSUSE 10.3 libxml-CVE-2009-2414_CVE-2009-2616.patch.
Bump PKGREVISION.
Diffstat (limited to 'textproc')
-rw-r--r-- | textproc/libxml/Makefile | 4 | ||||
-rw-r--r-- | textproc/libxml/distinfo | 3 | ||||
-rw-r--r-- | textproc/libxml/patches/patch-parser.c | 81 |
3 files changed, 85 insertions, 3 deletions
diff --git a/textproc/libxml/Makefile b/textproc/libxml/Makefile index f42fa95a929..b28debddc40 100644 --- a/textproc/libxml/Makefile +++ b/textproc/libxml/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.39 2008/07/14 12:56:13 joerg Exp $ +# $NetBSD: Makefile,v 1.40 2011/09/01 14:29:04 obache Exp $ # DISTNAME= libxml-1.8.17 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= textproc devel lang gnome MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libxml/1.8/} diff --git a/textproc/libxml/distinfo b/textproc/libxml/distinfo index 9f27e27377c..7022119ef19 100644 --- a/textproc/libxml/distinfo +++ b/textproc/libxml/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.10 2005/02/24 14:48:44 agc Exp $ +$NetBSD: distinfo,v 1.11 2011/09/01 14:29:05 obache Exp $ SHA1 (libxml-1.8.17.tar.gz) = ebe7b76bb2b62c882000c1a846a6f8f8346e3bb4 RMD160 (libxml-1.8.17.tar.gz) = 3d01879e6e5a38f4453d009ea8bd2d2fc9e86bcc @@ -8,3 +8,4 @@ SHA1 (patch-ab) = 6c72ef59fe094ddbb4901b0f35eb681a4d0b4ff2 SHA1 (patch-ac) = b94818200397d6c6457053fa5fe02a6049d52c44 SHA1 (patch-ad) = 1513deb92711d9b17114ce4a00d9d5f1714234d3 SHA1 (patch-ae) = 7f3f56ff649f3718b855da9a2d8e6f64dee95086 +SHA1 (patch-parser.c) = 23f69d3f7bf97cbfea51f5ca435064f8d423132e diff --git a/textproc/libxml/patches/patch-parser.c b/textproc/libxml/patches/patch-parser.c new file mode 100644 index 00000000000..59d8af39228 --- /dev/null +++ b/textproc/libxml/patches/patch-parser.c @@ -0,0 +1,81 @@ +$NetBSD: patch-parser.c,v 1.1 2011/09/01 14:29:05 obache Exp $ + +* fixes CVE-2009-2414 and CVE-2009-2616. + +--- parser.c.orig 2001-09-14 14:09:41.000000000 +0000 ++++ parser.c +@@ -5164,11 +5164,15 @@ xmlParseNotationType(xmlParserCtxtPtr ct + "Name expected in NOTATION declaration\n"); + ctxt->wellFormed = 0; + ctxt->disableSAX = 1; +- return(ret); ++ xmlFreeEnumeration(ret); ++ return(NULL); + } + cur = xmlCreateEnumeration(name); + xmlFree(name); +- if (cur == NULL) return(ret); ++ if (cur == NULL) { ++ xmlFreeEnumeration(ret); ++ return(NULL); ++ } + if (last == NULL) ret = last = cur; + else { + last->next = cur; +@@ -5183,9 +5187,8 @@ xmlParseNotationType(xmlParserCtxtPtr ct + "')' required to finish NOTATION declaration\n"); + ctxt->wellFormed = 0; + ctxt->disableSAX = 1; +- if ((last != NULL) && (last != ret)) +- xmlFreeEnumeration(last); +- return(ret); ++ xmlFreeEnumeration(ret); ++ return(NULL); + } + NEXT; + return(ret); +@@ -5236,7 +5239,10 @@ xmlParseEnumerationType(xmlParserCtxtPtr + } + cur = xmlCreateEnumeration(name); + xmlFree(name); +- if (cur == NULL) return(ret); ++ if (cur == NULL) { ++ xmlFreeEnumeration(ret); ++ return(NULL); ++ } + if (last == NULL) ret = last = cur; + else { + last->next = cur; +@@ -5715,13 +5721,22 @@ xmlParseElementChildrenContentDecl + xmlChar *elem; + xmlChar type = 0; + ++ if (ctxt->depth > 128) { ++ ctxt->sax->error(ctxt->userData, ++ "xmlParseElementChildrenContentDecl : depth %d too deep\n", ++ ctxt->depth); ++ return(NULL); ++ } ++ + SKIP_BLANKS; + GROW; + if (RAW == '(') { + /* Recurse on first child */ + NEXT; + SKIP_BLANKS; ++ ctxt->depth++; + cur = ret = xmlParseElementChildrenContentDecl(ctxt); ++ ctxt->depth--; + SKIP_BLANKS; + GROW; + } else { +@@ -5865,7 +5880,9 @@ xmlParseElementChildrenContentDecl + /* Recurse on second child */ + NEXT; + SKIP_BLANKS; ++ ctxt->depth++; + last = xmlParseElementChildrenContentDecl(ctxt); ++ ctxt->depth--; + SKIP_BLANKS; + } else { + elem = xmlParseNameComplex(ctxt); |