Skip to content

C
core
Kaydet (Commit) 341ff020 authored tarafından Caolán McNamara's avatar Caolán McNamara
Dosyalara gözat
Seçenekler

xmlsec1_2_14: #i107747#: upgrade to latest xmlsec1, libxml2 and libxslt

üst 2f0d4473
Hide whitespace changes
Inline Side-by-side
Showing with 144 additions and 442 deletions
libxml2/libxml2-2.6.31.patch deleted 100644 → 0
Dosyayı görüntüle @ 2f0d4473
*** misc/libxml2-2.6.31/configure Fri Jan 11 09:01:56 2008
--- misc/build/libxml2-2.6.31/configure Thu Mar 27 14:09:56 2008
***************
*** 3463,3477 ****
CFLAGS=$ac_save_CFLAGS
elif test $ac_cv_prog_cc_g = yes; then
if test "$GCC" = yes; then
! CFLAGS="-g -O2"
else
! CFLAGS="-g"
fi
else
if test "$GCC" = yes; then
! CFLAGS="-O2"
else
! CFLAGS=
fi
fi
{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
--- 3463,3477 ----
CFLAGS=$ac_save_CFLAGS
elif test $ac_cv_prog_cc_g = yes; then
if test "$GCC" = yes; then
! CFLAGS="$ADDCFLAGS -g -O2"
else
! CFLAGS="$ADDCFLAGS -g"
fi
else
if test "$GCC" = yes; then
! CFLAGS="$ADDCFLAGS -O2"
else
! CFLAGS="$ADDCFLAGS"
fi
fi
{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
***************
*** 26207,26215 ****
{ echo "$as_me:$LINENO: checking for library containing setsockopt" >&5
echo $ECHO_N "checking for library containing setsockopt... $ECHO_C" >&6; }
! if test "${ac_cv_search_setsockopt+set}" = set; then
! echo $ECHO_N "(cached) $ECHO_C" >&6
! else
ac_func_search_save_LIBS=$LIBS
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
--- 26207,26215 ----
{ echo "$as_me:$LINENO: checking for library containing setsockopt" >&5
echo $ECHO_N "checking for library containing setsockopt... $ECHO_C" >&6; }
! #if test "${ac_cv_search_setsockopt+set}" = set; then
! # echo $ECHO_N "(cached) $ECHO_C" >&6
! #else
ac_func_search_save_LIBS=$LIBS
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
***************
*** 26279,26285 ****
fi
rm conftest.$ac_ext
LIBS=$ac_func_search_save_LIBS
! fi
{ echo "$as_me:$LINENO: result: $ac_cv_search_setsockopt" >&5
echo "${ECHO_T}$ac_cv_search_setsockopt" >&6; }
ac_res=$ac_cv_search_setsockopt
--- 26279,26285 ----
fi
rm conftest.$ac_ext
LIBS=$ac_func_search_save_LIBS
! #fi
{ echo "$as_me:$LINENO: result: $ac_cv_search_setsockopt" >&5
echo "${ECHO_T}$ac_cv_search_setsockopt" >&6; }
ac_res=$ac_cv_search_setsockopt
*** misc/libxml2-2.6.31/ltmain.sh Wed Aug 29 14:28:46 2007
--- misc/build/libxml2-2.6.31/ltmain.sh Thu Mar 27 13:54:03 2008
***************
*** 3311,3318 ****
;;
freebsd-elf)
! major=".$current"
! versuffix=".$current";
;;
irix | nonstopux)
--- 3311,3318 ----
;;
freebsd-elf)
! major=.`expr $current - $age`
! versuffix=".$major.$age.$revision";
;;
irix | nonstopux)
*** misc/libxml2-2.6.31/xml2-config.in Fri Jan 11 08:22:32 2008
--- misc/build/libxml2-2.6.31/xml2-config.in Wed Apr 2 11:56:17 2008
***************
*** 1,10 ****
#! /bin/sh
! prefix=@prefix@
! exec_prefix=@exec_prefix@
! includedir=@includedir@
! libdir=@libdir@
usage()
{
cat <<EOF
--- 1,15 ----
#! /bin/sh
! #prefix=@prefix@
! #exec_prefix=@exec_prefix@
! #includedir=@includedir@
! #libdir=@libdir@
+ prefix=${SOLARVERSION}/${INPATH}
+ exec_prefix=${SOLARVERSION}/${INPATH}
+ includedir=${SOLARVERSION}/${INPATH}/inc${UPDMINOREXT}/external
+ libdir=${SOLARVERSION}/${INPATH}/lib${UPDMINOREXT}
+
usage()
{
cat <<EOF
***************
*** 67,73 ****
;;
--cflags)
! echo @XML_INCLUDEDIR@ @XML_CFLAGS@
;;
--libtool-libs)
--- 72,79 ----
;;
--cflags)
! echo -I${includedir}
! # echo @XML_INCLUDEDIR@ @XML_CFLAGS@
;;
--libtool-libs)
***************
*** 82,100 ****
;;
--libs)
! if [ "`uname`" = "Linux" ]
! then
! if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
! then
! echo @XML_LIBS@
! else
! echo @XML_LIBDIR@ @XML_LIBS@
! fi
! else
! echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
! fi
;;
*)
usage
exit 1
--- 88,111 ----
;;
--libs)
! echo -L${libdir} ${LIBXML2LIB} -lm
! # if [ "`uname`" = "Linux" ]
! # then
! # if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
! # then
! # echo @XML_LIBS@
! # else
! # echo @XML_LIBDIR@ @XML_LIBS@
! # fi
! # else
! # echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
! # fi
;;
+ print) # ugly configure hack
+ exit 0
+ ;;
+
*)
usage
exit 1
*** misc/libxml2-2.6.31/include/win32config.h Wed Apr 18 09:51:54 2007
--- misc/build/libxml2-2.6.31/include/win32config.h Mon Mar 31 19:09:09 2008
***************
*** 92,98 ****
--- 92,100 ----
#if defined(_MSC_VER)
#define mkdir(p,m) _mkdir(p)
#define snprintf _snprintf
+ #if _MSC_VER < 1500
#define vsnprintf(b,c,f,a) _vsnprintf(b,c,f,a)
+ #endif
#elif defined(__MINGW32__)
#define mkdir(p,m) _mkdir(p)
#endif
*** misc/libxml2-2.6.31/include/wsockcompat.h Wed Jan 3 14:07:30 2007
--- misc/build/libxml2-2.6.31/include/wsockcompat.h Thu Apr 3 10:15:50 2008
***************
*** 21,26 ****
--- 21,27 ----
/* Check if ws2tcpip.h is a recent version which provides getaddrinfo() */
#if defined(GetAddrInfo)
+ #include <wspiapi.h>
#define HAVE_GETADDRINFO
#endif
#endif
*** misc/libxml2-2.6.31/include/libxml/xmlversion.h Fri Jan 11 10:11:19 2008
--- misc/build/libxml2-2.6.31/include/libxml/xmlversion.h Thu Mar 27 13:54:03 2008
***************
*** 264,270 ****
*
* Whether iconv support is available
*/
! #if 1
#define LIBXML_ICONV_ENABLED
#endif
--- 264,270 ----
*
* Whether iconv support is available
*/
! #if 0
#define LIBXML_ICONV_ENABLED
#endif
***************
*** 282,288 ****
*
* Whether Debugging module is configured in
*/
! #if 1
#define LIBXML_DEBUG_ENABLED
#endif
--- 282,288 ----
*
* Whether Debugging module is configured in
*/
! #if 0
#define LIBXML_DEBUG_ENABLED
#endif
***************
*** 291,297 ****
*
* Whether the memory debugging is configured in
*/
! #if 1
#define DEBUG_MEMORY_LOCATION
#endif
--- 291,297 ----
*
* Whether the memory debugging is configured in
*/
! #if 0
#define DEBUG_MEMORY_LOCATION
#endif
***************
*** 300,306 ****
*
* Whether the runtime debugging is configured in
*/
! #if 1
#define LIBXML_DEBUG_RUNTIME
#endif
--- 300,306 ----
*
* Whether the runtime debugging is configured in
*/
! #if 0
#define LIBXML_DEBUG_RUNTIME
#endif
diff -r -cN misc/libxml2-2.6.31/changelog misc/build/libxml2-2.6.31/changelog
*** misc/libxml2-2.6.31/changelog
--- misc/build/libxml2-2.6.31/changelog
***************
*** 0 ****
--- 1,10 ----
+ libxml2 (2.6.32.dfsg-5+lenny1) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix multiple use-after-free flaws when parsing notation and
+ enumeration attribute types (CVE-2009-2416).
+ * Fix stack overflow when parsing root XML document element DTD
+ definition (CVE-2009-2414).
+
+ -- Nico Golde <nion@debian.org> Thu, 06 Aug 2009 13:04:00 +0000
+
diff -r -cN misc/libxml2-2.6.31/parser.c misc/build/libxml2-2.6.31/parser.c
*** misc/libxml2-2.6.31/parser.c
--- misc/build/libxml2-2.6.31/parser.c
***************
*** 4752,4761 ****
if (name == NULL) {
xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED,
"Name expected in NOTATION declaration\n");
! return(ret);
}
cur = xmlCreateEnumeration(name);
! if (cur == NULL) return(ret);
if (last == NULL) ret = last = cur;
else {
last->next = cur;
--- 4752,4766 ----
if (name == NULL) {
xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED,
"Name expected in NOTATION declaration\n");
! xmlFreeEnumeration(ret);
! return(NULL);
}
cur = xmlCreateEnumeration(name);
! if (cur == NULL) {
! xmlFreeEnumeration(ret);
! return(NULL);
! }
!
if (last == NULL) ret = last = cur;
else {
last->next = cur;
***************
*** 4765,4773 ****
} while (RAW == '|');
if (RAW != ')') {
xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL);
! if ((last != NULL) && (last != ret))
! xmlFreeEnumeration(last);
! return(ret);
}
NEXT;
return(ret);
--- 4770,4777 ----
} while (RAW == '|');
if (RAW != ')') {
xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL);
! xmlFreeEnumeration(ret);
! return(NULL);
}
NEXT;
return(ret);
***************
*** 4808,4814 ****
}
cur = xmlCreateEnumeration(name);
xmlFree(name);
! if (cur == NULL) return(ret);
if (last == NULL) ret = last = cur;
else {
last->next = cur;
--- 4812,4822 ----
}
cur = xmlCreateEnumeration(name);
xmlFree(name);
! if (cur == NULL) {
! xmlFreeEnumeration(ret);
! return(NULL);
! }
!
if (last == NULL) ret = last = cur;
else {
last->next = cur;
***************
*** 5206,5211 ****
--- 5214,5226 ----
const xmlChar *elem;
xmlChar type = 0;
+ if (ctxt->depth > 128) {
+ xmlFatalErrMsgInt(ctxt, XML_ERR_ELEMCONTENT_NOT_FINISHED,
+ "xmlParseElementChildrenContentDecl : depth %d too deep\n",
+ ctxt->depth);
+ return(NULL);
+ }
+
SKIP_BLANKS;
GROW;
if (RAW == '(') {
***************
*** 5214,5220 ****
--- 5229,5237 ----
/* Recurse on first child */
NEXT;
SKIP_BLANKS;
+ ctxt->depth++;
cur = ret = xmlParseElementChildrenContentDecl(ctxt, inputid);
+ ctxt->depth--;
SKIP_BLANKS;
GROW;
} else {
***************
*** 5344,5350 ****
--- 5361,5369 ----
/* Recurse on second child */
NEXT;
SKIP_BLANKS;
+ ctxt->depth++;
last = xmlParseElementChildrenContentDecl(ctxt, inputid);
+ ctxt->depth--;
SKIP_BLANKS;
} else {
elem = xmlParseName(ctxt);
libxml2/libxml2-configure.patch 0 → 100644
Dosyayı görüntüle @ 341ff020
--- misc/libxml2-2.7.6/ltmain.sh 2009-10-06 17:39:54.000000000 +0100
+++ misc/build/libxml2-2.7.6/ltmain.sh 2009-12-17 11:43:56.000000000 +0000
@@ -6271,8 +6271,8 @@
;;
freebsd-elf)
- major=".$current"
- versuffix=".$current"
+ major=.`expr $current - $age`
+ versuffix=".$major.$age.$revision";
;;
irix | nonstopux)
--- misc/libxml2-2.7.6/include/libxml/xmlversion.h 2009-12-17 11:45:19.000000000 +0000
+++ misc/build/libxml2-2.7.6/include/libxml/xmlversion.h 2009-12-17 11:45:36.000000000 +0000
@@ -264,7 +264,7 @@
*
* Whether iconv support is available
*/
-#if 1
+#if 0
#define LIBXML_ICONV_ENABLED
#endif
@@ -282,7 +282,7 @@
*
* Whether Debugging module is configured in
*/
-#if 1
+#if 0
#define LIBXML_DEBUG_ENABLED
#endif
@@ -291,7 +291,7 @@
*
* Whether the memory debugging is configured in
*/
-#if 1
+#if 0
#define DEBUG_MEMORY_LOCATION
#endif
@@ -300,7 +300,7 @@
*
* Whether the runtime debugging is configured in
*/
-#if 1
+#if 0
#define LIBXML_DEBUG_RUNTIME
#endif
--- misc/libxml2-2.7.6/xml2-config.in 2009-12-17 11:45:20.000000000 +0000
+++ misc/build/libxml2-2.7.6/xml2-config.in 2009-12-17 11:45:36.000000000 +0000
@@ -1,9 +1,14 @@
#! /bin/sh
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-includedir=@includedir@
-libdir=@libdir@
+#prefix=@prefix@
+#exec_prefix=@exec_prefix@
+#includedir=@includedir@
+#libdir=@libdir@
+
+prefix=${SOLARVERSION}/${INPATH}
+exec_prefix=${SOLARVERSION}/${INPATH}
+includedir=${SOLARVERSION}/${INPATH}/inc${UPDMINOREXT}/external
+libdir=${SOLARVERSION}/${INPATH}/lib${UPDMINOREXT}
usage()
{
@@ -67,7 +72,8 @@
;;
--cflags)
- echo @XML_INCLUDEDIR@ @XML_CFLAGS@
+ echo -I${includedir}
+# echo @XML_INCLUDEDIR@ @XML_CFLAGS@
;;
--libtool-libs)
@@ -82,19 +88,24 @@
;;
--libs)
- if [ "`uname`" = "Linux" ]
- then
- if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
- then
- echo @XML_LIBS@
- else
- echo @XML_LIBDIR@ @XML_LIBS@
- fi
- else
- echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
- fi
+ echo -L${libdir} ${LIBXML2LIB} -lm
+# if [ "`uname`" = "Linux" ]
+# then
+# if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
+# then
+# echo @XML_LIBS@
+# else
+# echo @XML_LIBDIR@ @XML_LIBS@
+# fi
+# else
+# echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
+# fi
;;
+ print) # ugly configure hack
+ exit 0
+ ;;
+
*)
usage
exit 1
libxml2/libxml2-2.6.31-mingw.patch libxml2/libxml2-mingw.patch
Dosyayı görüntüle @ 341ff020
--- misc/libxml2-2.6.31/configure 2008-01-11 17:01:56.000000000 +0900
+++ misc/build/libxml2-2.6.31/configure 2009-09-07 20:48:47.656250000 +0900
@@ -27331,6 +27331,8 @@
--- misc/libxml2-2.7.6/configure 2008-01-11 17:01:56.000000000 +0900
+++ misc/build/libxml2-2.7.6/configure 2009-09-07 20:48:47.656250000 +0900
@@ -19914,6 +19914,8 @@
if test "$with_modules" != "no" ; then
case "$host" in
......@@ -8,9 +8,9 @@
+ ;;
*-*-cygwin*)
MODULE_EXTENSION=".dll"
{ echo "$as_me:$LINENO: checking for dlopen in -lcygwin" >&5
--- misc/libxml2-2.6.31/libxml.h 2007-11-23 19:47:23.000000000 +0900
+++ misc/build/libxml2-2.6.31/libxml.h 2009-07-10 14:37:34.988250000 +0900
{ $as_echo "$as_me:$LINENO: checking for dlopen in -lcygwin" >&5
--- misc/libxml2-2.7.6/libxml.h 2007-11-23 19:47:23.000000000 +0900
+++ misc/build/libxml2-2.7.6/libxml.h 2009-07-10 14:37:34.988250000 +0900
@@ -30,6 +30,10 @@
#include <libxml/xmlversion.h>
#else
......
libxml2/makefile.mk
Dosyayı görüntüle @ 341ff020
......@@ -46,20 +46,16 @@ all:
# --- Files --------------------------------------------------------
LIBXML2VERSION=2.6.31
LIBXML2VERSION=2.7.6
TARFILE_NAME=$(PRJNAME)-$(LIBXML2VERSION)
#.IF "$(OS)$(COM)"=="WNTGCC"
#PATCH_FILES=$(TARFILE_NAME)-mingw.patch
#.ELSE
PATCH_FILES=$(TARFILE_NAME).patch
#.ENDIF
PATCH_FILES=libxml2-configure.patch \
libxml2-mingw.patch
# This is only for UNX environment now
.IF "$(OS)"=="WNT"
.IF "$(COM)"=="GCC"
PATCH_FILES+=$(TARFILE_NAME)-mingw.patch
xml2_CC=$(CC)
.IF "$(MINGW_SHARED_GCCLIB)"=="YES"
xml2_CC+=-shared-libgcc
......
libxslt/libxslt-1.1.24.patch libxslt/libxslt-configure.patch
Dosyayı görüntüle @ 341ff020
--- misc/libxslt-1.1.24/ltmain.sh Wed Aug 29 14:28:46 2007
+++ misc/build/libxslt-1.1.24/ltmain.sh Wed Jun 25 13:06:05 2008
@@ -3234,9 +3234,9 @@
--- misc/libxslt-1.1.26/ltmain.sh Wed Aug 29 14:28:46 2007
+++ misc/build/libxslt-1.1.26/ltmain.sh Wed Jun 25 13:06:05 2008
@@ -6195,9 +6195,9 @@
revision="$number_revision"
;;
freebsd-aout|freebsd-elf|sunos)
......@@ -12,20 +12,20 @@
+ revision="$number_revision"
;;
irix|nonstopux)
current=`expr $number_major + $number_minor`
@@ -3311,8 +3311,8 @@
func_arith $number_major + $number_minor
@@ -6271,8 +6271,8 @@
;;
freebsd-elf)
- major=".$current"
- versuffix=".$current";
- versuffix=".$current"
+ major=.`expr $current - $age`
+ versuffix="$major.$age.$revision"
;;
irix | nonstopux)
--- misc/libxslt-1.1.24/xslt-config.in Wed Jan 17 14:18:26 2007
+++ misc/build/libxslt-1.1.24/xslt-config.in Wed Jun 25 13:06:05 2008
--- misc/libxslt-1.1.26/xslt-config.in Wed Jan 17 14:18:26 2007
+++ misc/build/libxslt-1.1.26/xslt-config.in Wed Jun 25 13:06:05 2008
@@ -1,10 +1,16 @@
#! /bin/sh
......@@ -57,9 +57,9 @@
if test "$includedir" != "/usr/include"; then
the_flags="$the_flags -I$includedir `@XML_CONFIG@ --cflags`"
else
--- misc/libxslt-1.1.24/configure 2008-05-14 00:40:54.000000000 +0900
+++ misc/build/libxslt-1.1.24/configure 2008-07-17 22:12:38.097000000 +0900
@@ -5730,7 +5730,7 @@
--- misc/libxslt-1.1.26/configure 2008-05-14 00:40:54.000000000 +0900
+++ misc/build/libxslt-1.1.26/configure 2008-07-17 22:12:38.097000000 +0900
@@ -7437,7 +7437,7 @@
cygwin*)
# func_win32_libid is a shell function defined in ltmain.sh
......@@ -68,7 +68,7 @@
lt_cv_file_magic_cmd='func_win32_libid'
;;
@@ -5739,7 +5739,7 @@
@@ -7446,7 +7446,7 @@
# func_win32_libid shell function, so use a weaker test based on 'objdump',
# unless we find 'file', for example because we are cross-compiling.
if ( file / ) >/dev/null 2>&1; then
......
libxslt/libxslt-1.1.24_win_manifest.patch libxslt/libxslt-win_manifest.patch
Dosyayı görüntüle @ 341ff020
--- misc/libxslt-1.1.24/win32/configure.js 2007-08-03 15:41:02.000000000 +0200
+++ misc/build/libxslt-1.1.24/win32/configure.js 2009-05-07 13:09:42.294993200 +0200
@@ -51,7 +51,7 @@
--- misc/libxslt-1.1.26/win32/configure.js 2007-08-03 15:41:02.000000000 +0200
+++ misc/build/libxslt-1.1.26/win32/configure.js 2009-05-07 13:09:42.294993200 +0200
@@ -52,7 +52,7 @@
var dirSep = "\\";
var compiler = "msvc";
var cruntime = "/MD";
......
libxslt/libxsltversion.mk
Dosyayı görüntüle @ 341ff020
......@@ -33,5 +33,5 @@ LIBXSLT_MAJOR=1
# minor
LIBXSLT_MINOR=1
# micro
LIBXSLT_MICRO=24
LIBXSLT_MICRO=26
libxslt/makefile.mk
Dosyayı görüntüle @ 341ff020
......@@ -53,7 +53,7 @@ all:
LIBXSLTVERSION=$(LIBXSLT_MAJOR).$(LIBXSLT_MINOR).$(LIBXSLT_MICRO)
TARFILE_NAME=$(PRJNAME)-$(LIBXSLTVERSION)
PATCH_FILES=$(TARFILE_NAME).patch $(TARFILE_NAME)_win_manifest.patch
PATCH_FILES=libxslt-configure.patch libxslt-win_manifest.patch
# This is only for UNX environment now
.IF "$(OS)"=="WNT"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment