aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-08-15 07:42:14 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-08-15 07:45:03 +0000
commitebc04c0210d45efc4e5156905cdda9900f4f1ad3 (patch)
tree5b24301102652754dd10dfd9c175675f86e6242e
parent663f125ceda7b17eb5e7f9c02ab384e5bb2c6771 (diff)
downloadaports-ebc04c0210d45efc4e5156905cdda9900f4f1ad3.tar.bz2
aports-ebc04c0210d45efc4e5156905cdda9900f4f1ad3.tar.xz
main/expat: security upgrade to 2.1.0 (CVE-2012-1147,CVE-2012-1148,CVE-2012-0876)
fixes #1311
-rw-r--r--main/expat/APKBUILD12
-rw-r--r--main/expat/CVE-2009-3560.patch13
-rw-r--r--main/expat/CVE-2009-3720.patch12
3 files changed, 4 insertions, 33 deletions
diff --git a/main/expat/APKBUILD b/main/expat/APKBUILD
index 62bcd238a3..ea0c39de51 100644
--- a/main/expat/APKBUILD
+++ b/main/expat/APKBUILD
@@ -1,16 +1,14 @@
# Maintainer: Carlo Landmeter <clandmeter at gmail.com>
pkgname=expat
-pkgver=2.0.1
-pkgrel=4
+pkgver=2.1.0
+pkgrel=0
pkgdesc="An XML Parser library written in C"
url="http://www.libexpat.org/"
arch="all"
license='AS IS'
depends=
makedepends=
-source="http://surfnet.dl.sourceforge.net/sourceforge/expat/expat-2.0.1.tar.gz
- CVE-2009-3560.patch
- CVE-2009-3720.patch
+source="http://surfnet.dl.sourceforge.net/sourceforge/expat/expat-$pkgver.tar.gz
"
subpackages="$pkgname-dev $pkgname-doc"
@@ -37,6 +35,4 @@ package() {
make DESTDIR="$pkgdir/" install
}
-md5sums="ee8b492592568805593f81f8cdf2a04c expat-2.0.1.tar.gz
-50603cac0f03aabc7087415251f592be CVE-2009-3560.patch
-f3eeb796f28945899216b815e5901996 CVE-2009-3720.patch"
+md5sums="dd7dab7a5fea97d2a6a43f511449b7cd expat-2.1.0.tar.gz"
diff --git a/main/expat/CVE-2009-3560.patch b/main/expat/CVE-2009-3560.patch
deleted file mode 100644
index 5fe9c36c82..0000000000
--- a/main/expat/CVE-2009-3560.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -urNad trunk~/lib/xmlparse.c trunk/lib/xmlparse.c
---- trunk~/lib/xmlparse.c 2007-05-08 04:25:35.000000000 +0200
-+++ trunk/lib/xmlparse.c 2009-12-29 21:57:22.141732904 +0100
-@@ -3703,6 +3703,9 @@
- return XML_ERROR_UNCLOSED_TOKEN;
- case XML_TOK_PARTIAL_CHAR:
- return XML_ERROR_PARTIAL_CHAR;
-+ case -XML_TOK_PROLOG_S:
-+ tok = -tok;
-+ break;
- case XML_TOK_NONE:
- #ifdef XML_DTD
- /* for internal PE NOT referenced between declarations */
diff --git a/main/expat/CVE-2009-3720.patch b/main/expat/CVE-2009-3720.patch
deleted file mode 100644
index 65d16431f4..0000000000
--- a/main/expat/CVE-2009-3720.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -urNad trunk~/lib/xmltok_impl.c trunk/lib/xmltok_impl.c
---- trunk~/lib/xmltok_impl.c 2006-11-26 18:34:46.000000000 +0100
-+++ trunk/lib/xmltok_impl.c 2009-10-22 21:42:41.000000000 +0200
-@@ -1744,7 +1744,7 @@
- const char *end,
- POSITION *pos)
- {
-- while (ptr != end) {
-+ while (ptr < end) {
- switch (BYTE_TYPE(enc, ptr)) {
- #define LEAD_CASE(n) \
- case BT_LEAD ## n: \