pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2017Q1]: pkgsrc/textproc/libxml2 Pullup ticket #5478 - request...
details: https://anonhg.NetBSD.org/pkgsrc/rev/af3fb1ba548a
branches: pkgsrc-2017Q1
changeset: 360422:af3fb1ba548a
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Wed Jun 21 18:17:36 2017 +0000
description:
Pullup ticket #5478 - requested by sevan
textproc/libxml2: security fix
Revisions pulled up:
- textproc/libxml2/Makefile 1.144
- textproc/libxml2/distinfo 1.115
- textproc/libxml2/patches/patch-valid.c 1.1
---
Module Name: pkgsrc
Committed By: maya
Date: Sun Jun 11 04:40:53 UTC 2017
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
Added Files:
pkgsrc/textproc/libxml2/patches: patch-valid.c
Log Message:
libxml2: Apply upstream patch for CVE-2017-5969.
(Minor issue, only a denial-of-service when using recover mode)
bump PKGREVISION
diffstat:
textproc/libxml2/Makefile | 4 +-
textproc/libxml2/distinfo | 3 +-
textproc/libxml2/patches/patch-valid.c | 55 ++++++++++++++++++++++++++++++++++
3 files changed, 59 insertions(+), 3 deletions(-)
diffs (90 lines):
diff -r ebac19d18da9 -r af3fb1ba548a textproc/libxml2/Makefile
--- a/textproc/libxml2/Makefile Tue Jun 13 19:35:55 2017 +0000
+++ b/textproc/libxml2/Makefile Wed Jun 21 18:17:36 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.143 2016/12/30 02:17:48 dholland Exp $
+# $NetBSD: Makefile,v 1.143.2.1 2017/06/21 18:17:36 bsiegert Exp $
.include "../../textproc/libxml2/Makefile.common"
-PKGREVISION= 2
+PKGREVISION= 3
COMMENT= XML parser library from the GNOME project
LICENSE= modified-bsd
diff -r ebac19d18da9 -r af3fb1ba548a textproc/libxml2/distinfo
--- a/textproc/libxml2/distinfo Tue Jun 13 19:35:55 2017 +0000
+++ b/textproc/libxml2/distinfo Wed Jun 21 18:17:36 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.114 2016/12/27 02:34:33 sevan Exp $
+$NetBSD: distinfo,v 1.114.4.1 2017/06/21 18:17:36 bsiegert Exp $
SHA1 (libxml2-2.9.4.tar.gz) = 958ae70baf186263a4bd801a81dd5d682aedd1db
RMD160 (libxml2-2.9.4.tar.gz) = bb59656e0683d64a38a2f1a45ca9d918837e1e56
@@ -16,6 +16,7 @@
SHA1 (patch-test_XPath_xptr_vidbase) = a9b497505f914924388145c6266aa517152f9da3
SHA1 (patch-testlimits.c) = 8cba18464b619469abbb8488fd950a32a567be7b
SHA1 (patch-timsort.h) = e09118e7c99d53f71c28fe4d54269c4801244959
+SHA1 (patch-valid.c) = e6ff3a9aed6b985fcc69d214efa953a90a055d6b
SHA1 (patch-xmlIO.c) = 5efcc5e43a8b3139832ab69af6b5ab94e5a6ad59
SHA1 (patch-xpath.c) = ec94ab2116f99a08f51630dee6b9e7e25d2b5c00
SHA1 (patch-xpointer.c) = 8ca75f64b89369106c0d088ff7fd36b38005e032
diff -r ebac19d18da9 -r af3fb1ba548a textproc/libxml2/patches/patch-valid.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-valid.c Wed Jun 21 18:17:36 2017 +0000
@@ -0,0 +1,55 @@
+$NetBSD: patch-valid.c,v 1.2.2.2 2017/06/21 18:17:36 bsiegert Exp $
+
+Upstream commit by Daniel Veillard
+
+Fix NULL pointer deref in xmlDumpElementContent
+Can only be triggered in recovery mode.
+Fixes bug 758422 (CVE-2017-5969).
+
+
+--- valid.c.orig 2016-05-23 07:25:25.000000000 +0000
++++ valid.c
+@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf,
+ xmlBufferWriteCHAR(buf, content->name);
+ break;
+ case XML_ELEMENT_CONTENT_SEQ:
+- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+- (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
++ if ((content->c1 != NULL) &&
++ ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
++ (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
+ xmlDumpElementContent(buf, content->c1, 1);
+ else
+ xmlDumpElementContent(buf, content->c1, 0);
+ xmlBufferWriteChar(buf, " , ");
+- if ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
+- ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
+- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
++ if ((content->c2 != NULL) &&
++ ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
++ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
++ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
+ xmlDumpElementContent(buf, content->c2, 1);
+ else
+ xmlDumpElementContent(buf, content->c2, 0);
+ break;
+ case XML_ELEMENT_CONTENT_OR:
+- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+- (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
++ if ((content->c1 != NULL) &&
++ ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
++ (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
+ xmlDumpElementContent(buf, content->c1, 1);
+ else
+ xmlDumpElementContent(buf, content->c1, 0);
+ xmlBufferWriteChar(buf, " | ");
+- if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
+- ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
+- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
++ if ((content->c2 != NULL) &&
++ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
++ ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
++ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
+ xmlDumpElementContent(buf, content->c2, 1);
+ else
+ xmlDumpElementContent(buf, content->c2, 0);
Home |
Main Index |
Thread Index |
Old Index