[arch-commits] Commit in expat/repos (6 files)
Bartłomiej Piotrowski
bpiotrowski at archlinux.org
Fri Aug 5 21:29:46 UTC 2016
Date: Friday, August 5, 2016 @ 21:29:46
Author: bpiotrowski
Revision: 273351
archrelease: copy trunk to testing-i686, testing-x86_64
Added:
expat/repos/testing-i686/
expat/repos/testing-i686/PKGBUILD
(from rev 273350, expat/trunk/PKGBUILD)
expat/repos/testing-i686/expat-2.2.0-CVE-2016-0718-regression.patch
(from rev 273350, expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch)
expat/repos/testing-x86_64/
expat/repos/testing-x86_64/PKGBUILD
(from rev 273350, expat/trunk/PKGBUILD)
expat/repos/testing-x86_64/expat-2.2.0-CVE-2016-0718-regression.patch
(from rev 273350, expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch)
-----------------------------------------------------------+
testing-i686/PKGBUILD | 38 ++++++++++++
testing-i686/expat-2.2.0-CVE-2016-0718-regression.patch | 27 ++++++++
testing-x86_64/PKGBUILD | 38 ++++++++++++
testing-x86_64/expat-2.2.0-CVE-2016-0718-regression.patch | 27 ++++++++
4 files changed, 130 insertions(+)
Copied: expat/repos/testing-i686/PKGBUILD (from rev 273350, expat/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD (rev 0)
+++ testing-i686/PKGBUILD 2016-08-05 21:29:46 UTC (rev 273351)
@@ -0,0 +1,38 @@
+# $Id$
+# Maintainer: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
+# Contributor: Allan McRae <allan at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=expat
+pkgver=2.2.0
+pkgrel=2
+pkgdesc='An XML parser library'
+arch=('i686' 'x86_64')
+url='http://expat.sourceforge.net/'
+license=('custom')
+depends=('glibc')
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
+ expat-2.2.0-CVE-2016-0718-regression.patch)
+md5sums=('2f47841c829facb346eb6e3fab5212e2'
+ 'dda0b42ed32491577d0b5fb6bf0963be')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -p2 -i "$srcdir"/expat-2.2.0-CVE-2016-0718-regression.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr
+ make
+}
+
+check() {
+ make -C $pkgname-$pkgver check
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+ install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
+}
Copied: expat/repos/testing-i686/expat-2.2.0-CVE-2016-0718-regression.patch (from rev 273350, expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch)
===================================================================
--- testing-i686/expat-2.2.0-CVE-2016-0718-regression.patch (rev 0)
+++ testing-i686/expat-2.2.0-CVE-2016-0718-regression.patch 2016-08-05 21:29:46 UTC (rev 273351)
@@ -0,0 +1,27 @@
+From 3e6190e433479e56f8c1e5adc1198b3c86b15577 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian at pipping.org>
+Date: Sun, 17 Jul 2016 20:22:29 +0200
+Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718 (bug
+ #539)
+
+Tag names were cut off in some cases; reported by Andy Wang
+---
+ expat/lib/xmlparse.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 13e080d..2630310 100644
+--- a/expat/lib/xmlparse.c
++++ b/expat/lib/xmlparse.c
+@@ -2430,7 +2430,7 @@ doContent(XML_Parser parser,
+ &fromPtr, rawNameEnd,
+ (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
+ convLen = (int)(toPtr - (XML_Char *)tag->buf);
+- if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
++ if ((fromPtr >= rawNameEnd) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
+ tag->name.strLen = convLen;
+ break;
+ }
+--
+2.9.2
+
Copied: expat/repos/testing-x86_64/PKGBUILD (from rev 273350, expat/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2016-08-05 21:29:46 UTC (rev 273351)
@@ -0,0 +1,38 @@
+# $Id$
+# Maintainer: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
+# Contributor: Allan McRae <allan at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=expat
+pkgver=2.2.0
+pkgrel=2
+pkgdesc='An XML parser library'
+arch=('i686' 'x86_64')
+url='http://expat.sourceforge.net/'
+license=('custom')
+depends=('glibc')
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
+ expat-2.2.0-CVE-2016-0718-regression.patch)
+md5sums=('2f47841c829facb346eb6e3fab5212e2'
+ 'dda0b42ed32491577d0b5fb6bf0963be')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -p2 -i "$srcdir"/expat-2.2.0-CVE-2016-0718-regression.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr
+ make
+}
+
+check() {
+ make -C $pkgname-$pkgver check
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+ install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
+}
Copied: expat/repos/testing-x86_64/expat-2.2.0-CVE-2016-0718-regression.patch (from rev 273350, expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch)
===================================================================
--- testing-x86_64/expat-2.2.0-CVE-2016-0718-regression.patch (rev 0)
+++ testing-x86_64/expat-2.2.0-CVE-2016-0718-regression.patch 2016-08-05 21:29:46 UTC (rev 273351)
@@ -0,0 +1,27 @@
+From 3e6190e433479e56f8c1e5adc1198b3c86b15577 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian at pipping.org>
+Date: Sun, 17 Jul 2016 20:22:29 +0200
+Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718 (bug
+ #539)
+
+Tag names were cut off in some cases; reported by Andy Wang
+---
+ expat/lib/xmlparse.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 13e080d..2630310 100644
+--- a/expat/lib/xmlparse.c
++++ b/expat/lib/xmlparse.c
+@@ -2430,7 +2430,7 @@ doContent(XML_Parser parser,
+ &fromPtr, rawNameEnd,
+ (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
+ convLen = (int)(toPtr - (XML_Char *)tag->buf);
+- if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
++ if ((fromPtr >= rawNameEnd) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
+ tag->name.strLen = convLen;
+ break;
+ }
+--
+2.9.2
+
More information about the arch-commits
mailing list