main/libxslt: upgrade to 1.1.34

Drop python2 bindings due to pending EOL of python2. There is no python3 support upstream, so no python3 bindings are generated instead. Closes !689
author: Leo <thinkabit.ukim@gmail.com> 2019-10-23 04:24:34 -0300
committer: Kevin Daudt <kdaudt@alpinelinux.org> 2019-11-01 18:50:30 +0000
commit: 15d065f8bf5e73b1d88ca046d99933d217781aab (patch)
tree: 6aec4044c9a58530836e69d7e604e82a8466b6fb /main/libxslt
parent: a768534b7471a45e098289cfc2096678a0c18f32 (diff)
download: aports-15d065f8bf5e73b1d88ca046d99933d217781aab.tar.bz2
aports-15d065f8bf5e73b1d88ca046d99933d217781aab.tar.xz
2 files changed, 15 insertions, 142 deletions
diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD
index a8da85328b..a955193ea1 100644
--- a/main/libxslt/APKBUILD
+++ b/main/libxslt/APKBUILD
@@ -1,24 +1,28 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 # Contributor: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=libxslt
-pkgver=1.1.33
-pkgrel=1
+pkgver=1.1.34
+pkgrel=0
 pkgdesc="XML stylesheet transformation library"
 url="http://xmlsoft.org/XSLT/"
 arch="all"
 license="custom"
-makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev python2-dev"
-subpackages="$pkgname-dev $pkgname-doc py2-$pkgname:py2"
-source="http://xmlsoft.org/sources/$pkgname-$pkgver.tar.gz
-	CVE-2019-11068.patch
-	"
-builddir="$srcdir/$pkgname-$pkgver"
+makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev"
+subpackages="$pkgname-dev $pkgname-doc"
+source="http://xmlsoft.org/sources/libxslt-$pkgver.tar.gz"
 
 # secfixes:
+#   1.1.33-r3:
+#     - CVE-2019-18197
 #   1.1.33-r1:
-#   - CVE-2019-11068
+#     - CVE-2019-11068
 #   1.1.29-r1:
-#   - CVE-2017-5029
+#     - CVE-2017-5029
+
+prepare() {
+	default_prepare
+	chmod 644 python/tests/*
+}
 
 build() {
 	cd "$builddir"
@@ -36,15 +40,4 @@ package() {
 	make DESTDIR="$pkgdir" install
 	install -D -m644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
 }
-
-py2() {
-	pkgdesc="$pkgname python2 bindings"
-	provides="py-libxslt=$pkgver-r$pkgrel"  # for backward compatibility
-	replaces="py-libxslt"  # for backward compatibility
-
-	install -d "$subpkgdir"/usr/lib
-	mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/
-}
-
-sha512sums="ebbe438a38bf6355950167d3b580edc22baa46a77068c18c42445c1c9c716d42bed3b30c5cd5bec359ab32d03843224dae458e9e32dc61693e7cf4bab23536e0  libxslt-1.1.33.tar.gz
-9a97c5038809aaf64cb4eb7d67b95acc4b62236d7613a5f753e2a0f4c9e707c22cd07bda2e518d3f36a40b9ed5aa93496b743998c7adadb84ca147e045e35948  CVE-2019-11068.patch"
+sha512sums="1516a11ad608b04740674060d2c5d733b88889de5e413b9a4e8bf8d1a90d712149df6d2b1345b615f529d7c7d3fa6dae12e544da828b39c7d415e54c0ee0776b  libxslt-1.1.34.tar.gz"
diff --git a/main/libxslt/CVE-2019-11068.patch b/main/libxslt/CVE-2019-11068.patch
deleted file mode 100644
index 260f35d1a3..0000000000
--- a/main/libxslt/CVE-2019-11068.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sun, 24 Mar 2019 09:51:39 +0100
-Subject: [PATCH] Fix security framework bypass
-
-xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
-don't check for this condition and allow access. With a specially
-crafted URL, xsltCheckRead could be tricked into returning an error
-because of a supposedly invalid URL that would still be loaded
-succesfully later on.
-
-Fixes #12.
-
-Thanks to Felix Wilhelm for the report.
----
- libxslt/documents.c | 18 ++++++++++--------
- libxslt/imports.c   |  9 +++++----
- libxslt/transform.c |  9 +++++----
- libxslt/xslt.c      |  9 +++++----
- 4 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/libxslt/documents.c b/libxslt/documents.c
-index 3f3a7312..4aad11bb 100644
---- a/libxslt/documents.c
-+++ b/libxslt/documents.c
-@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(ctxt->sec, ctxt, URI);
--	if (res == 0) {
--	    xsltTransformError(ctxt, NULL, NULL,
--		 "xsltLoadDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(ctxt, NULL, NULL,
-+                     "xsltLoadDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, URI);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltLoadStyleDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltLoadStyleDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-diff --git a/libxslt/imports.c b/libxslt/imports.c
-index 874870cc..3783b247 100644
---- a/libxslt/imports.c
-+++ b/libxslt/imports.c
-@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
- 	int secres;
- 
- 	secres = xsltCheckRead(sec, NULL, URI);
--	if (secres == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsl:import: read rights for %s denied\n",
--			     URI);
-+	if (secres <= 0) {
-+            if (secres == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsl:import: read rights for %s denied\n",
-+                                 URI);
- 	    goto error;
- 	}
-     }
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 13793914..0636dbd0 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
-      */
-     if (ctxt->sec != NULL) {
- 	ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
--	if (ret == 0) {
--	    xsltTransformError(ctxt, NULL, inst,
--		 "xsltDocumentElem: write rights for %s denied\n",
--			     filename);
-+	if (ret <= 0) {
-+            if (ret == 0)
-+                xsltTransformError(ctxt, NULL, inst,
-+                     "xsltDocumentElem: write rights for %s denied\n",
-+                                 filename);
- 	    xmlFree(URL);
- 	    xmlFree(filename);
- 	    return;
-diff --git a/libxslt/xslt.c b/libxslt/xslt.c
-index 780a5ad7..a234eb79 100644
---- a/libxslt/xslt.c
-+++ b/libxslt/xslt.c
-@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, filename);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltParseStylesheetFile: read rights for %s denied\n",
--			     filename);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltParseStylesheetFile: read rights for %s denied\n",
-+                                 filename);
- 	    return(NULL);
- 	}
-     }
--- 
-2.18.1
-
author	Leo <thinkabit.ukim@gmail.com>	2019-10-23 04:24:34 -0300
committer	Kevin Daudt <kdaudt@alpinelinux.org>	2019-11-01 18:50:30 +0000
commit	15d065f8bf5e73b1d88ca046d99933d217781aab (patch)
tree	6aec4044c9a58530836e69d7e604e82a8466b6fb /main/libxslt
parent	a768534b7471a45e098289cfc2096678a0c18f32 (diff)
download	aports-15d065f8bf5e73b1d88ca046d99933d217781aab.tar.bz2 aports-15d065f8bf5e73b1d88ca046d99933d217781aab.tar.xz