From 2879c75f1dbf35259c54a37e4da649ca803ef4ee Mon Sep 17 00:00:00 2001 From: drochner Date: Sat, 15 Dec 2012 12:39:24 +0000 Subject: add patch from upstream to fix possible array underflow, leading to DOS or possible code injection (CVE-2012-5134) bump PKGREV --- textproc/libxml2/Makefile | 3 ++- textproc/libxml2/distinfo | 3 ++- textproc/libxml2/patches/patch-CVE-2012-5134 | 13 +++++++++++++ 3 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 textproc/libxml2/patches/patch-CVE-2012-5134 (limited to 'textproc/libxml2') diff --git a/textproc/libxml2/Makefile b/textproc/libxml2/Makefile index b9c917d4b92..2fa24a11816 100644 --- a/textproc/libxml2/Makefile +++ b/textproc/libxml2/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.121 2012/10/25 06:56:04 asau Exp $ +# $NetBSD: Makefile,v 1.122 2012/12/15 12:39:24 drochner Exp $ DISTNAME= libxml2-2.9.0 +PKGREVISION= 1 CATEGORIES= textproc MASTER_SITES= ftp://xmlsoft.org/libxml2/ \ http://xmlsoft.org/sources/ diff --git a/textproc/libxml2/distinfo b/textproc/libxml2/distinfo index 594ef2771be..ae3b0736c9b 100644 --- a/textproc/libxml2/distinfo +++ b/textproc/libxml2/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.95 2012/09/15 10:23:38 adam Exp $ +$NetBSD: distinfo,v 1.96 2012/12/15 12:39:24 drochner Exp $ SHA1 (libxml2-2.9.0.tar.gz) = a43d7c0a8e463ac5a7846254f2a732a9af146fab RMD160 (libxml2-2.9.0.tar.gz) = d025639320bb34adbc45a43f46354190f6bbb7b5 Size (libxml2-2.9.0.tar.gz) = 5161069 bytes +SHA1 (patch-CVE-2012-5134) = 22caaed2b03334d42253b2b1c5a43473e6c8b4dc SHA1 (patch-aa) = 6fcfb2e1ac374a7a047ee188a61ef218106ee54a SHA1 (patch-ab) = c399ed5bfd429c2bac1de6f500d2ef47ab06f2fd SHA1 (patch-ac) = 101cd554fd22e8e9817e21591240eb784b1219b5 diff --git a/textproc/libxml2/patches/patch-CVE-2012-5134 b/textproc/libxml2/patches/patch-CVE-2012-5134 new file mode 100644 index 00000000000..a81f5d908a0 --- /dev/null +++ b/textproc/libxml2/patches/patch-CVE-2012-5134 @@ -0,0 +1,13 @@ +$NetBSD: patch-CVE-2012-5134,v 1.1 2012/12/15 12:39:24 drochner Exp $ + +--- parser.c.orig 2012-09-11 04:24:08.000000000 +0000 ++++ parser.c +@@ -4075,7 +4075,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr + goto error; + + if ((in_space) && (normalize)) { +- while (buf[len - 1] == 0x20) len--; ++ while ((len > 0) && (buf[len - 1] == 0x20)) len--; + } + buf[len] = 0; + if (RAW == '<') { -- cgit v1.2.3