diff options
| author | Christian Kampka <christian@kampka.net> | 2015-11-28 21:20:17 +0100 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-11-30 08:38:37 +0000 |
| commit | ab861bea2f5d221406d2f6b1221de06bc48742ce (patch) | |
| tree | c2c10a177c39c79985aa429d89c19902ceff04e7 /main/libxml2 | |
| parent | 742549a3527667b42658e5b960cfe022a640c3bd (diff) | |
| download | aports-ab861bea2f5d221406d2f6b1221de06bc48742ce.tar.bz2 aports-ab861bea2f5d221406d2f6b1221de06bc48742ce.tar.xz | |
main/libxml: new upstream version 2.9.3
fixes #4797
Diffstat (limited to 'main/libxml2')
| -rw-r--r-- | main/libxml2/APKBUILD | 23 | ||||
| -rw-r--r-- | main/libxml2/CVE-2014-0191.patch | 36 | ||||
| -rw-r--r-- | main/libxml2/libxml2-pthread.patch | 11 |
3 files changed, 7 insertions, 63 deletions
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD index b8f142c809..096d326849 100644 --- a/main/libxml2/APKBUILD +++ b/main/libxml2/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Carlo Landmeter <clandmeter@gmail.com> pkgname=libxml2 -pkgver=2.9.2 -pkgrel=2 +pkgver=2.9.3 +pkgrel=0 pkgdesc="XML parsing library, version 2" url="http://www.xmlsoft.org/" arch="all" @@ -11,10 +11,7 @@ depends= depends_dev="zlib-dev" makedepends="$depends_dev python-dev" subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils" -source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz - libxml2-pthread.patch - CVE-2014-0191.patch - " +source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz" options="!strip" @@ -45,7 +42,7 @@ build() { package() { cd "$_builddir" make -j1 DESTDIR="$pkgdir" install - + install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } @@ -69,12 +66,6 @@ utils() { } -md5sums="9e6a9aca9d155737868b3dc5fd82f788 libxml2-2.9.2.tar.gz -cc0da520c5296e87407d24166480da73 libxml2-pthread.patch -e6f432aea642badcb848e5791bcf6df7 CVE-2014-0191.patch" -sha256sums="5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc libxml2-2.9.2.tar.gz -97d5e152580774483c47b28483282a4180c2c375bb7716a807ec859e59c3ec2f libxml2-pthread.patch -288a762e8b115cecc02d920e4b36ebfa5249b8a6713a1a948e344d881d094ea8 CVE-2014-0191.patch" -sha512sums="a4e3b20e2efceed39c20379b32b746d4a1cf65c0cf7719d26c9bf7483c1f04a4e5a442ae2f36dc4ae8a4d011b67cfb58d9f6d0be034fa3e897a49059c9289565 libxml2-2.9.2.tar.gz -bda49c5e09605acc2bb36203521f750903d81345cc38af54b977e3ce71e288267fb3ab98f1813d846ab45461490482337f7af8b0f1a8a5e0b2c09e03bbadc7f7 libxml2-pthread.patch -41b6737b5cfe6392e3d781ebde48db0bf221bde89701742408afe625a88a67f6f6aed5cf04c1983ba2e7e04c2d819a8011908d23060365225571691c5e61cf11 CVE-2014-0191.patch" +md5sums="daece17e045f1c107610e137ab50c179 libxml2-2.9.3.tar.gz" +sha256sums="4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d libxml2-2.9.3.tar.gz" +sha512sums="078afa65229de4f23e6538767253fb4f9f61d96cb72e445179c71d536b224d54922f22972a2b71434796f83f8c99f6a46c3b8813cb4582ad9fca696d141e0abb libxml2-2.9.3.tar.gz" diff --git a/main/libxml2/CVE-2014-0191.patch b/main/libxml2/CVE-2014-0191.patch deleted file mode 100644 index 4d5fe1a7aa..0000000000 --- a/main/libxml2/CVE-2014-0191.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 9cd1c3cfbd32655d60572c0a413e017260c854df Mon Sep 17 00:00:00 2001 -From: Daniel Veillard <veillard@redhat.com> -Date: Tue, 22 Apr 2014 15:30:56 +0800 -Subject: Do not fetch external parameter entities - -Unless explicitely asked for when validating or replacing entities -with their value. Problem pointed out by Daniel Berrange <berrange@redhat.com> - -diff --git a/parser.c b/parser.c -index 9347ac9..c0dea05 100644 ---- a/parser.c -+++ b/parser.c -@@ -2598,6 +2598,20 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { - xmlCharEncoding enc; - - /* -+ * Note: external parsed entities will not be loaded, it is -+ * not required for a non-validating parser, unless the -+ * option of validating, or substituting entities were -+ * given. Doing so is far more secure as the parser will -+ * only process data coming from the document entity by -+ * default. -+ */ -+ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && -+ ((ctxt->options & XML_PARSE_NOENT) == 0) && -+ ((ctxt->options & XML_PARSE_DTDVALID) == 0) && -+ (ctxt->validate == 0)) -+ return; -+ -+ /* - * handle the extra spaces added before and after - * c.f. http://www.w3.org/TR/REC-xml#as-PE - * this is done independently. --- -cgit v0.10.1 - diff --git a/main/libxml2/libxml2-pthread.patch b/main/libxml2/libxml2-pthread.patch deleted file mode 100644 index 77d7b3849b..0000000000 --- a/main/libxml2/libxml2-pthread.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- libxml2-2.9.1/threads.c.orig -+++ libxml2-2.9.1/threads.c -@@ -47,7 +47,7 @@ - #ifdef HAVE_PTHREAD_H - - static int libxml_is_threaded = -1; --#ifdef __GNUC__ -+#if defined(__GNUC__) && defined(__GLIBC__) - #ifdef linux - #if (__GNUC__ == 3 && __GNUC_MINOR__ >= 3) || (__GNUC__ > 3) - extern int pthread_once (pthread_once_t *__once_control, |