pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/chat/jabberd Add patches for CVE-2011-1754. Bump PKGR...
details: https://anonhg.NetBSD.org/pkgsrc/rev/7ebeb1215557
branches: trunk
changeset: 590109:7ebeb1215557
user: obache <obache%pkgsrc.org@localhost>
date: Sun Jul 03 08:26:55 2011 +0000
description:
Add patches for CVE-2011-1754. Bump PKGREVISION.
diffstat:
chat/jabberd/Makefile | 4 ++--
chat/jabberd/distinfo | 4 +++-
chat/jabberd/patches/patch-jabberd_lib_xstream.c | 14 ++++++++++++++
chat/jabberd/patches/patch-jabberd_mio__xml.c | 14 ++++++++++++++
4 files changed, 33 insertions(+), 3 deletions(-)
diffs (66 lines):
diff -r 939a4ff33785 -r 7ebeb1215557 chat/jabberd/Makefile
--- a/chat/jabberd/Makefile Sun Jul 03 08:22:12 2011 +0000
+++ b/chat/jabberd/Makefile Sun Jul 03 08:26:55 2011 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.33 2010/05/04 18:33:35 gdt Exp $
+# $NetBSD: Makefile,v 1.34 2011/07/03 08:26:55 obache Exp $
#
DISTNAME= jabber-1.4.2
PKGNAME= jabberd-1.4.2
-PKGREVISION= 8
+PKGREVISION= 9
CATEGORIES= chat
MASTER_SITES= http://download.jabberd.org/jabberd14/
diff -r 939a4ff33785 -r 7ebeb1215557 chat/jabberd/distinfo
--- a/chat/jabberd/distinfo Sun Jul 03 08:22:12 2011 +0000
+++ b/chat/jabberd/distinfo Sun Jul 03 08:26:55 2011 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2010/05/04 18:33:35 gdt Exp $
+$NetBSD: distinfo,v 1.9 2011/07/03 08:26:55 obache Exp $
SHA1 (jabber-1.4.2.tar.gz) = aa0bc2e9815e4fa4a1ca8ba7f320bfd3c85ba11f
RMD160 (jabber-1.4.2.tar.gz) = bff5a02d3b76243ce59ddb66873ca1c51ef4bb5f
@@ -7,3 +7,5 @@
SHA1 (patch-ab) = 8722b0db3870e14eaf3e40f5493544db8a813fc1
SHA1 (patch-ac) = 3b17761c9ea2d1e17f3194ac8cf54fbca4c80367
SHA1 (patch-ad) = 1eb45d4433731867bc23afebefb54b7e18217a8d
+SHA1 (patch-jabberd_lib_xstream.c) = 7a6eb4012057abb0478ca07d0deb38109ab255cf
+SHA1 (patch-jabberd_mio__xml.c) = 45c57d481bfa7b84dbe5fa73f2b2c9127490d683
diff -r 939a4ff33785 -r 7ebeb1215557 chat/jabberd/patches/patch-jabberd_lib_xstream.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/jabberd/patches/patch-jabberd_lib_xstream.c Sun Jul 03 08:26:55 2011 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-jabberd_lib_xstream.c,v 1.1 2011/07/03 08:26:55 obache Exp $
+
+* fix CVE-2011-1754
+
+--- jabberd/lib/xstream.c.orig 2002-02-08 07:39:24.000000000 +0000
++++ jabberd/lib/xstream.c
+@@ -142,6 +142,7 @@ xstream xstream_new(pool p, xstream_onNo
+
+ /* create expat parser and ensure cleanup */
+ newx->parser = XML_ParserCreate(NULL);
++ XML_SetDefaultHandler(newx->parser, NULL);
+ XML_SetUserData(newx->parser, (void *)newx);
+ XML_SetElementHandler(newx->parser, (void *)_xstream_startElement, (void *)_xstream_endElement);
+ XML_SetCharacterDataHandler(newx->parser, (void *)_xstream_charData);
diff -r 939a4ff33785 -r 7ebeb1215557 chat/jabberd/patches/patch-jabberd_mio__xml.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/jabberd/patches/patch-jabberd_mio__xml.c Sun Jul 03 08:26:55 2011 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-jabberd_mio__xml.c,v 1.1 2011/07/03 08:26:55 obache Exp $
+
+* fix CVE-2011-1754
+
+--- jabberd/mio_xml.c.orig 2002-02-08 07:39:27.000000000 +0000
++++ jabberd/mio_xml.c
+@@ -118,6 +118,7 @@ void _mio_xstream_init(mio m)
+ /* Initialize the parser */
+ m->parser = XML_ParserCreate(NULL);
+ XML_SetUserData(m->parser, m);
++ XML_SetDefaultHandler(m->parser, NULL);
+ XML_SetElementHandler(m->parser, (void*)_mio_xstream_startElement, (void*)_mio_xstream_endElement);
+ XML_SetCharacterDataHandler(m->parser, (void*)_mio_xstream_CDATA);
+ /* Setup a cleanup routine to release the parser when everything is done */
Home |
Main Index |
Thread Index |
Old Index