diff options
| author | Francesco Colista <fcolista@alpinelinux.org> | 2015-12-10 11:44:59 +0000 |
|---|---|---|
| committer | Francesco Colista <fcolista@alpinelinux.org> | 2015-12-15 13:10:56 +0000 |
| commit | 0a242b5fbfe6b94ca5889748f308fe80a494bb96 (patch) | |
| tree | 6de9db15745011afc19dfca2d8765457c4c07ea0 /main/libxslt | |
| parent | b265647eeac594387bedb034415ae1d6bf5b742c (diff) | |
main/libxslt: patch CVE-2015-7995
Diffstat (limited to 'main/libxslt')
| -rw-r--r-- | main/libxslt/APKBUILD | 15 | ||||
| -rw-r--r-- | main/libxslt/CVE-2015-7995.patch | 15 |
2 files changed, 25 insertions, 5 deletions
diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD index b475b11571f..395b94a12c2 100644 --- a/main/libxslt/APKBUILD +++ b/main/libxslt/APKBUILD @@ -1,7 +1,8 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> +# Contributor: Francesco Colista <fcolista@alpinelinux.org> pkgname=libxslt pkgver=1.1.28 -pkgrel=1 +pkgrel=2 pkgdesc="XML stylesheet transformation library" url="http://xmlsoft.org/XSLT/" arch="all" @@ -9,7 +10,8 @@ license="custom" depends= makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev python-dev" subpackages="$pkgname-dev $pkgname-doc py-$pkgname:py" -source="ftp://xmlsoft.org/$pkgname/$pkgname-$pkgver.tar.gz" +source="ftp://xmlsoft.org/$pkgname/$pkgname-$pkgver.tar.gz + CVE-2015-7995.patch" _builddir="$srcdir"/$pkgname-$pkgver prepare() { @@ -44,6 +46,9 @@ py() { install -d "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ } -md5sums="9667bf6f9310b957254fdcf6596600b7 libxslt-1.1.28.tar.gz" -sha256sums="5fc7151a57b89c03d7b825df5a0fae0a8d5f05674c0e7cf2937ecec4d54a028c libxslt-1.1.28.tar.gz" -sha512sums="20b65bdaceaac5bd11d509bf683ce8e344030bc95164639266ae705d41659bcba47b5be1b059d0d67681e6428b0710db675d1749c06aa531bc2212ed3d0511b1 libxslt-1.1.28.tar.gz" +md5sums="9667bf6f9310b957254fdcf6596600b7 libxslt-1.1.28.tar.gz +e8c439ac26c2d7a6082e3f4feb65912b CVE-2015-7995.patch" +sha256sums="5fc7151a57b89c03d7b825df5a0fae0a8d5f05674c0e7cf2937ecec4d54a028c libxslt-1.1.28.tar.gz +1c29c53217d54c5ebf1062e26a943c455134436dca143323bb8fbd1f59eac945 CVE-2015-7995.patch" +sha512sums="20b65bdaceaac5bd11d509bf683ce8e344030bc95164639266ae705d41659bcba47b5be1b059d0d67681e6428b0710db675d1749c06aa531bc2212ed3d0511b1 libxslt-1.1.28.tar.gz +dafd8d2222aa4fbe770463ae9907ff32c214b83c01acd53bf020821d3f53dc29a6624917ae695c5e889efba7aa710f33fe6326d10f558313af563bec6142f5e2 CVE-2015-7995.patch" diff --git a/main/libxslt/CVE-2015-7995.patch b/main/libxslt/CVE-2015-7995.patch new file mode 100644 index 00000000000..1f679e81e5e --- /dev/null +++ b/main/libxslt/CVE-2015-7995.patch @@ -0,0 +1,15 @@ +diff --git a/libxslt/preproc.c b/libxslt/preproc.c +index 0eb80a0..7f69325 100644 +--- a/libxslt/preproc.c ++++ b/libxslt/preproc.c +@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { + } else if (IS_XSLT_NAME(inst, "attribute")) { + xmlNodePtr parent = inst->parent; + +- if ((parent == NULL) || (parent->ns == NULL) || ++ if ((parent == NULL) || ++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || + ((parent->ns != inst->ns) && + (!xmlStrEqual(parent->ns->href, inst->ns->href))) || + (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { + |