diff options
| author | root <root@rshg054.dnsready.net> | 2011-11-04 23:14:51 +0000 |
|---|---|---|
| committer | root <root@rshg054.dnsready.net> | 2011-11-04 23:14:51 +0000 |
| commit | 3026bb55941e3b04b56f5fb41b88941c6c2ce0cd (patch) | |
| tree | 576b183074d925e58c2e37ae2b641e712bceacb1 /testing/expat | |
| parent | b625511a28fd8401f524474b5339e75328595150 (diff) | |
Fri Nov 4 23:14:51 UTC 2011
Diffstat (limited to 'testing/expat')
| -rw-r--r-- | testing/expat/CVE-2009-3560.patch | 13 | ||||
| -rw-r--r-- | testing/expat/CVE-2009-3720.patch | 12 | ||||
| -rw-r--r-- | testing/expat/PKGBUILD | 38 |
3 files changed, 63 insertions, 0 deletions
diff --git a/testing/expat/CVE-2009-3560.patch b/testing/expat/CVE-2009-3560.patch new file mode 100644 index 000000000..5fe9c36c8 --- /dev/null +++ b/testing/expat/CVE-2009-3560.patch @@ -0,0 +1,13 @@ +diff -urNad trunk~/lib/xmlparse.c trunk/lib/xmlparse.c +--- trunk~/lib/xmlparse.c 2007-05-08 04:25:35.000000000 +0200 ++++ trunk/lib/xmlparse.c 2009-12-29 21:57:22.141732904 +0100 +@@ -3703,6 +3703,9 @@ + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ diff --git a/testing/expat/CVE-2009-3720.patch b/testing/expat/CVE-2009-3720.patch new file mode 100644 index 000000000..65d16431f --- /dev/null +++ b/testing/expat/CVE-2009-3720.patch @@ -0,0 +1,12 @@ +diff -urNad trunk~/lib/xmltok_impl.c trunk/lib/xmltok_impl.c +--- trunk~/lib/xmltok_impl.c 2006-11-26 18:34:46.000000000 +0100 ++++ trunk/lib/xmltok_impl.c 2009-10-22 21:42:41.000000000 +0200 +@@ -1744,7 +1744,7 @@ + const char *end, + POSITION *pos) + { +- while (ptr != end) { ++ while (ptr < end) { + switch (BYTE_TYPE(enc, ptr)) { + #define LEAD_CASE(n) \ + case BT_LEAD ## n: \ diff --git a/testing/expat/PKGBUILD b/testing/expat/PKGBUILD new file mode 100644 index 000000000..eee7e94b9 --- /dev/null +++ b/testing/expat/PKGBUILD @@ -0,0 +1,38 @@ +# $Id: PKGBUILD 141915 2011-11-03 06:22:06Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Committer: Judd Vinet <jvinet@zeroflux.org> + +pkgname=expat +pkgver=2.0.1 +pkgrel=7 +pkgdesc="An XML parser library" +arch=('i686' 'x86_64') +url="http://expat.sourceforge.net/" +license=('custom') +depends=('glibc') +options=('!libtool') +source=(http://downloads.sourceforge.net/sourceforge/expat/${pkgname}-${pkgver}.tar.gz + CVE-2009-3560.patch + CVE-2009-3720.patch) +md5sums=('ee8b492592568805593f81f8cdf2a04c' + '50603cac0f03aabc7087415251f592be' + 'f3eeb796f28945899216b815e5901996') + +build() { + cd ${srcdir}/${pkgname}-${pkgver} + patch -Np1 -i $srcdir/CVE-2009-3560.patch + patch -Np1 -i $srcdir/CVE-2009-3720.patch + ./configure --prefix=/usr --mandir=/usr/share/man + make +} + +check() { + cd ${srcdir}/${pkgname}-${pkgver} + make check +} + +package() { + cd ${srcdir}/${pkgname}-${pkgver} + make DESTDIR=${pkgdir} install + install -Dm644 COPYING ${pkgdir}/usr/share/licenses/${pkgname}/COPYING +} |