kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update expat to 2.1.0, contains security fixes.

Browse source 
Release 2.1.0 Sat March 24 2012
        - Bug Fixes:
          #1742315: Harmful XML_ParserCreateNS suggestion.
          #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
          #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
          #1983953, 2517952, 2517962, 2649838:
                Build modifications using autoreconf instead of buildconf.sh.
          #2815947, #2884086: OBJEXT and EXEEXT support while building.
          #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
          #2517938: xmlwf should return non-zero exit status if not well-formed.
          #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
          #2855609: Dangling positionPtr after error.
          #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
          #2958794: CVE-2012-1148 - Memory leak in poolGrow.
          #2990652: CMake support.
          #3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
          #3206497: Unitialized memory returned from XML_Parse.
          #3287849: make check fails on mingw-w64.
          #3496608: CVE-2012-0876 - Hash DOS attack.
        - Patches:
          #1749198: pkg-config support.
          #3010222: Fix for bug #3010819.
          #3312568: CMake support.
          #3446384: Report byte offsets for attr names and values.
        - New Features / API changes:
          Added new API member XML_SetHashSalt() that allows setting an intial
                value (salt) for hash calculations. This is part of the fix for
                bug #3496608 to randomize hash parameters.
          When compiled with XML_ATTR_INFO defined, adds new API member
                XML_GetAttributeInfo() that allows retrieving the byte
                offsets for attribute names and values (patch #3446384).
          Added CMake build system.
                See bug #2990652 and patch #3312568.
          Added run-benchmark target to Makefile.in - relies on testdata module
                present in the same relative location as in the repository.
This commit is contained in:
obache 2012-04-01 08:52:43 +00:00
parent 3ddc53fcf2
commit a74f4b1c62
5 changed files with 11 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
textproc/expat/Makefile
View file

@ -1,14 +1,14 @@
# $NetBSD: Makefile,v 1.25 2010/01/26 18:37:01 drochner Exp $
# $NetBSD: Makefile,v 1.26 2012/04/01 08:52:43 obache Exp $
#
DISTNAME= expat-2.0.1
PKGREVISION= 2
DISTNAME= expat-2.1.0
CATEGORIES= textproc
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=expat/}
MAINTAINER= drochner@NetBSD.org
HOMEPAGE= http://expat.sourceforge.net/
COMMENT= XML parser library written in C
LICENSE= mit
PKG_INSTALLATION_TYPES= overwrite pkgviews
PKG_DESTDIR_SUPPORT= user-destdir
@ -17,6 +17,8 @@ GNU_CONFIGURE= YES
USE_LIBTOOL= YES
USE_TOOLS+= gmake
PKGCONFIG_OVERRIDE+= expat.pc.in
DOCDIR= ${PREFIX}/share/doc/html/expat
post-install:

3
textproc/expat/PLIST
View file

@ -1,8 +1,9 @@
@comment $NetBSD: PLIST,v 1.8 2009/06/14 18:17:15 joerg Exp $
@comment $NetBSD: PLIST,v 1.9 2012/04/01 08:52:43 obache Exp $
bin/xmlwf
include/expat.h
include/expat_external.h
lib/libexpat.la
lib/pkgconfig/expat.pc
man/man1/xmlwf.1
share/doc/html/expat/reference.html
share/doc/html/expat/style.css

10
textproc/expat/distinfo
View file

@ -1,7 +1,5 @@
$NetBSD: distinfo,v 1.19 2010/01/26 18:37:01 drochner Exp $
$NetBSD: distinfo,v 1.20 2012/04/01 08:52:43 obache Exp $
SHA1 (expat-2.0.1.tar.gz) = 663548c37b996082db1f2f2c32af060d7aa15c2d
RMD160 (expat-2.0.1.tar.gz) = d31bcb152adaff9e358968be1ea901e1b4ed3b2f
Size (expat-2.0.1.tar.gz) = 446456 bytes
SHA1 (patch-aa) = 79b4caee7c1be8cecb1590b19c220d39e4723a26
SHA1 (patch-ab) = bdca769ae40099e2e0e0f04c96b9ce7a97b4d66b
SHA1 (expat-2.1.0.tar.gz) = b08197d146930a5543a7b99e871cba3da614f6f0
RMD160 (expat-2.1.0.tar.gz) = bffca083d29fe7688f106a902ef9b909c3321c5d
Size (expat-2.1.0.tar.gz) = 562616 bytes

15
textproc/expat/patches/patch-aa
View file

@ -1,15 +0,0 @@
$NetBSD: patch-aa,v 1.8 2009/11/08 08:34:32 obache Exp $
CVE-2009-3720
--- lib/xmltok_impl.c.orig 2009-09-10 11:37:45.000000000 +0200
+++ lib/xmltok_impl.c
@@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *e
const char *end,
POSITION *pos)
{
- while (ptr != end) {
+ while (ptr < end) {
switch (BYTE_TYPE(enc, ptr)) {
#define LEAD_CASE(n) \
case BT_LEAD ## n: \

16
textproc/expat/patches/patch-ab
View file

@ -1,16 +0,0 @@
$NetBSD: patch-ab,v 1.1 2010/01/26 18:37:01 drochner Exp $
CVE-2009-3560
--- lib/xmlparse.c.orig 2007-05-08 02:25:35.000000000 +0000
+++ lib/xmlparse.c
@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser,
return XML_ERROR_UNCLOSED_TOKEN;
case XML_TOK_PARTIAL_CHAR:
return XML_ERROR_PARTIAL_CHAR;
+ case -XML_TOK_PROLOG_S:
+ tok = -tok;
+ break;
case XML_TOK_NONE:
#ifdef XML_DTD
/* for internal PE NOT referenced between declarations */