Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
80 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
AUX expat-2.0.1-CVE-2009-3560-revised.patch 532 RMD160 dea59f98ce296e64cde88910e130f2dda0eab70c SHA1 539bb11a6ae11d83c703c52636fa35d32e7711dc SHA256 1909160d5745b47e54e3db525b94c5992320ddd8ef28a0aaf52c081669cef368 | ||
AUX expat-2.0.1-check_stopped_parser.patch 412 RMD160 bbf6ed4ba1d1f49a00703e5685c043bdf681f75d SHA1 096af876282e06589aa8c4574edb0756d6bc635a SHA256 71e8c5a172115896f170c2867237d78468cb937c836f00bd7456ea8cb3c22de7 | ||
AUX expat-2.0.1-fix_bug_1990430.patch 428 RMD160 7b566a7db9036238a7e781a20157f9b4c13fa0d9 SHA1 5d1c09acaa7d73cae98cda327d79a2d64f3b6926 SHA256 1e491172e983878ca7974c1a40a7327a630b728cc33eb9183f8050b536dcb692 | ||
DIST expat-2.0.1.tar.gz 446456 RMD160 d31bcb152adaff9e358968be1ea901e1b4ed3b2f SHA1 663548c37b996082db1f2f2c32af060d7aa15c2d SHA256 847660b4df86e707c9150e33cd8c25bc5cd828f708c7418e765e3e983a2e5e93 | ||
EBUILD expat-2.0.1-r3.ebuild 895 RMD160 700cb5d9011d524a4128c5bd0b0d7e6bc926fbfc SHA1 e1fea139a3acebacc1dca1ccecb1785a2b55be89 SHA256 d1b3f78d52b25061272f4a91baabdd7eae106eb2f7955a65cab3ba4bf8199f71 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Copyright 1999-2010 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/expat-2.0.1-r3.ebuild,v 1.8 2010/03/09 22:04:59 josejx Exp $ | ||
|
||
inherit eutils libtool | ||
|
||
DESCRIPTION="XML parsing libraries" | ||
HOMEPAGE="http://expat.sourceforge.net/" | ||
SRC_URI="mirror://sourceforge/expat/${P}.tar.gz" | ||
|
||
LICENSE="MIT" | ||
SLOT="0" | ||
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-dfbsd ~x86-fbsd" | ||
IUSE="" | ||
|
||
src_unpack() { | ||
unpack ${A} | ||
cd "${S}" | ||
|
||
# fix segmentation fault in python tests (bug #197043) | ||
epatch "${FILESDIR}/${P}-check_stopped_parser.patch" | ||
|
||
epatch "${FILESDIR}"/${P}-fix_bug_1990430.patch \ | ||
"${FILESDIR}"/${P}-CVE-2009-3560-revised.patch | ||
|
||
elibtoolize | ||
epunt_cxx | ||
} | ||
|
||
src_install() { | ||
emake install DESTDIR="${D}" || die | ||
dodoc Changes README || die | ||
dohtml doc/* || die | ||
} |
16 changes: 16 additions & 0 deletions
16
portage-overlay/dev-libs/expat/files/expat-2.0.1-CVE-2009-3560-revised.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560 | ||
http://bugs.gentoo.org/show_bug.cgi?id=303727 | ||
http://cvs.fedoraproject.org/viewvc/rpms/expat/devel/ | ||
|
||
--- lib/xmlparse.c | ||
+++ lib/xmlparse.c | ||
@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, | ||
return XML_ERROR_UNCLOSED_TOKEN; | ||
case XML_TOK_PARTIAL_CHAR: | ||
return XML_ERROR_PARTIAL_CHAR; | ||
+ case -XML_TOK_PROLOG_S: | ||
+ tok = -tok; | ||
+ break; | ||
case XML_TOK_NONE: | ||
#ifdef XML_DTD | ||
/* for internal PE NOT referenced between declarations */ |
11 changes: 11 additions & 0 deletions
11
portage-overlay/dev-libs/expat/files/expat-2.0.1-check_stopped_parser.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- lib/xmlparse.c 2007-05-08 05:25:35.000000000 +0300 | ||
+++ lib/xmlparse.c 2008-01-08 13:17:07.000000000 +0200 | ||
@@ -2563,6 +2563,8 @@ | ||
(int)(dataPtr - (ICHAR *)dataBuf)); | ||
if (s == next) | ||
break; | ||
+ if (ps_parsing == XML_FINISHED || ps_parsing == XML_SUSPENDED) | ||
+ break; | ||
*eventPP = s; | ||
} | ||
} |
14 changes: 14 additions & 0 deletions
14
portage-overlay/dev-libs/expat/files/expat-2.0.1-fix_bug_1990430.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log (1.13 -> 1.15) | ||
http://svn.python.org/view?view=rev&revision=74429 | ||
|
||
--- lib/xmltok_impl.c | ||
+++ lib/xmltok_impl.c | ||
@@ -1744,7 +1744,7 @@ | ||
const char *end, | ||
POSITION *pos) | ||
{ | ||
- while (ptr != end) { | ||
+ while (ptr < end) { | ||
switch (BYTE_TYPE(enc, ptr)) { | ||
#define LEAD_CASE(n) \ | ||
case BT_LEAD ## n: \ |