aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-01-17 12:07:11 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-01-17 12:07:11 +0000
commit1b5e6df3780f0db6124afb1b3d114dbfecf7627c (patch)
tree4992b3911479e978834ef0a85a8ec6c0baeac596 /main
parent026984a0c0bdab7eea63727eced374b77bd56bf2 (diff)
downloadaports-1b5e6df3780f0db6124afb1b3d114dbfecf7627c.tar.bz2
aports-1b5e6df3780f0db6124afb1b3d114dbfecf7627c.tar.xz
main/expat: security fixes
Diffstat (limited to 'main')
-rw-r--r--main/expat/APKBUILD33
-rw-r--r--main/expat/CVE-2009-3560.patch13
-rw-r--r--main/expat/CVE-2009-3720.patch12
3 files changed, 51 insertions, 7 deletions
diff --git a/main/expat/APKBUILD b/main/expat/APKBUILD
index 3f81d32565..e49d990744 100644
--- a/main/expat/APKBUILD
+++ b/main/expat/APKBUILD
@@ -1,22 +1,41 @@
# Maintainer: Carlo Landmeter <clandmeter at gmail.com>
pkgname=expat
pkgver=2.0.1
-pkgrel=0
+pkgrel=1
pkgdesc="An XML Parser library written in C"
url="http://www.libexpat.org/"
license='AS IS'
-depends="uclibc"
-makedepends=""
-source="http://surfnet.dl.sourceforge.net/sourceforge/expat/expat-2.0.1.tar.gz"
+depends=
+makedepends=
+source="http://surfnet.dl.sourceforge.net/sourceforge/expat/expat-2.0.1.tar.gz
+ CVE-2009-3560.patch
+ CVE-2009-3720.patch
+ "
subpackages="$pkgname-dev $pkgname-doc"
-build() {
- cd "$srcdir/$pkgname-$pkgver"
+_builddir="$srcdir/$pkgname-$pkgver"
+prepare() {
+ cd "$_builddir"
+ for i in "$srcdir"/*.patch; do
+ [ -f "$i" ] || continue
+ msg "Applying $i"
+ patch -p1 -i "$i" || return 1
+ done
+
+}
+build() {
+ cd "$_builddir"
./configure --prefix=/usr \
--mandir=/usr/share/man
make || return 1
+}
+
+package() {
+ cd "$_builddir"
make DESTDIR="$pkgdir/" install
}
-md5sums="ee8b492592568805593f81f8cdf2a04c expat-2.0.1.tar.gz"
+md5sums="ee8b492592568805593f81f8cdf2a04c expat-2.0.1.tar.gz
+50603cac0f03aabc7087415251f592be CVE-2009-3560.patch
+f3eeb796f28945899216b815e5901996 CVE-2009-3720.patch"
diff --git a/main/expat/CVE-2009-3560.patch b/main/expat/CVE-2009-3560.patch
new file mode 100644
index 0000000000..5fe9c36c82
--- /dev/null
+++ b/main/expat/CVE-2009-3560.patch
@@ -0,0 +1,13 @@
+diff -urNad trunk~/lib/xmlparse.c trunk/lib/xmlparse.c
+--- trunk~/lib/xmlparse.c 2007-05-08 04:25:35.000000000 +0200
++++ trunk/lib/xmlparse.c 2009-12-29 21:57:22.141732904 +0100
+@@ -3703,6 +3703,9 @@
+ return XML_ERROR_UNCLOSED_TOKEN;
+ case XML_TOK_PARTIAL_CHAR:
+ return XML_ERROR_PARTIAL_CHAR;
++ case -XML_TOK_PROLOG_S:
++ tok = -tok;
++ break;
+ case XML_TOK_NONE:
+ #ifdef XML_DTD
+ /* for internal PE NOT referenced between declarations */
diff --git a/main/expat/CVE-2009-3720.patch b/main/expat/CVE-2009-3720.patch
new file mode 100644
index 0000000000..65d16431f4
--- /dev/null
+++ b/main/expat/CVE-2009-3720.patch
@@ -0,0 +1,12 @@
+diff -urNad trunk~/lib/xmltok_impl.c trunk/lib/xmltok_impl.c
+--- trunk~/lib/xmltok_impl.c 2006-11-26 18:34:46.000000000 +0100
++++ trunk/lib/xmltok_impl.c 2009-10-22 21:42:41.000000000 +0200
+@@ -1744,7 +1744,7 @@
+ const char *end,
+ POSITION *pos)
+ {
+- while (ptr != end) {
++ while (ptr < end) {
+ switch (BYTE_TYPE(enc, ptr)) {
+ #define LEAD_CASE(n) \
+ case BT_LEAD ## n: \