diff options
author | Gilles Dartiguelongue <eva@gentoo.org> | 2017-08-25 00:34:16 +0200 |
---|---|---|
committer | Gilles Dartiguelongue <eva@gentoo.org> | 2017-08-25 00:47:44 +0200 |
commit | 28aec45d6aa5d68e5de17feae733ec5497d7c0b8 (patch) | |
tree | 14da9eca36a7b66da222eae4f68f07b9186c096d /dev-libs/libxml2/files | |
parent | net-voip/telepathy-haze: fix python_check_deps, bug #628492 (diff) | |
download | gentoo-28aec45d6aa5d68e5de17feae733ec5497d7c0b8.tar.gz gentoo-28aec45d6aa5d68e5de17feae733ec5497d7c0b8.tar.bz2 gentoo-28aec45d6aa5d68e5de17feae733ec5497d7c0b8.zip |
dev-libs/libxml2: add more security patches
Fix typo in patch changing test target and re-enable running
unittests in src_test.
Package-Manager: Portage-2.3.8, Repoman-2.3.3
Diffstat (limited to 'dev-libs/libxml2/files')
4 files changed, 109 insertions, 1 deletions
diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch b/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch index a996bf64a18d..a231269b4b8a 100644 --- a/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch +++ b/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch @@ -25,7 +25,7 @@ do not build test programs as we don't install them #testOOM_LDADD= $(LDADDS) -runtests: -+runtests: check_PROGRAMS ++runtests: $(check_PROGRAMS) [ -d test ] || $(LN_S) $(srcdir)/test . [ -d result ] || $(LN_S) $(srcdir)/result . $(CHECKER) ./runtest$(EXEEXT) && $(CHECKER) ./testrecurse$(EXEEXT) &&$(CHECKER) ./testapi$(EXEEXT) && $(CHECKER) ./testchar$(EXEEXT)&& $(CHECKER) ./testdict$(EXEEXT) && $(CHECKER) ./runxmlconf$(EXEEXT) diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch new file mode 100644 index 000000000000..517e178a533e --- /dev/null +++ b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch @@ -0,0 +1,43 @@ +From d815758b6a8c9dee8155268e49b5ef3b80135a14 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Tue, 6 Jun 2017 12:56:28 +0200 +Subject: [PATCH 1/3] Fix type confusion in xmlValidateOneNamespace + +Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on +namespace declarations make no practical sense anyway. + +Fixes bug 780228. + +Found with libFuzzer and ASan. +--- + valid.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/valid.c b/valid.c +index 8075d3a0..c51ea290 100644 +--- a/valid.c ++++ b/valid.c +@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { + } + } + ++ /* ++ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions ++ * xmlAddID and xmlAddRef for namespace declarations, but it makes ++ * no practical sense to use ID types anyway. ++ */ ++#if 0 + /* Validity Constraint: ID uniqueness */ + if (attrDecl->atype == XML_ATTRIBUTE_ID) { + if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) +@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { + if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) + ret = 0; + } ++#endif + + /* Validity Constraint: Notation Attributes */ + if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) { +-- +2.14.1 + diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch new file mode 100644 index 000000000000..14ec773608b6 --- /dev/null +++ b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch @@ -0,0 +1,31 @@ +From 43cd3b6222bda2332e963eb1c9ead78f29912b0a Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Fri, 7 Apr 2017 17:13:28 +0200 +Subject: [PATCH 2/3] Increase buffer space for port in HTTP redirect support + +For https://bugzilla.gnome.org/show_bug.cgi?id=780690 + +nanohttp.c: the code wrongly assumed a short int port value. +--- + nanohttp.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nanohttp.c b/nanohttp.c +index 26e4290e..9c17530e 100644 +--- a/nanohttp.c ++++ b/nanohttp.c +@@ -1423,9 +1423,9 @@ retry: + if (ctxt->port != 80) { + /* reserve space for ':xxxxx', incl. potential proxy */ + if (proxy) +- blen += 12; ++ blen += 17; + else +- blen += 6; ++ blen += 11; + } + bp = (char*)xmlMallocAtomic(blen); + if ( bp == NULL ) { +-- +2.14.1 + diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch b/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch new file mode 100644 index 000000000000..224d60ff052f --- /dev/null +++ b/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch @@ -0,0 +1,34 @@ +From a1fb9a4f511d89f0738b62cabd6d92bfd9eb94a9 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Tue, 28 Jun 2016 14:19:58 +0200 +Subject: [PATCH 3/3] Fix comparison with root node in xmlXPathCmpNodes + +This change has already been made in xmlXPathCmpNodesExt but not in +xmlXPathCmpNodes. +--- + xpath.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/xpath.c b/xpath.c +index 67afbca5..5a01b1b3 100644 +--- a/xpath.c ++++ b/xpath.c +@@ -3342,13 +3342,13 @@ xmlXPathCmpNodes(xmlNodePtr node1, xmlNodePtr node2) { + * compute depth to root + */ + for (depth2 = 0, cur = node2;cur->parent != NULL;cur = cur->parent) { +- if (cur == node1) ++ if (cur->parent == node1) + return(1); + depth2++; + } + root = cur; + for (depth1 = 0, cur = node1;cur->parent != NULL;cur = cur->parent) { +- if (cur == node2) ++ if (cur->parent == node2) + return(-1); + depth1++; + } +-- +2.14.1 + |