diff --git a/expat-CVE-2009-3560.patch b/expat-CVE-2009-3560.patch index 13a0cdd..af827f7 100644 --- a/expat-CVE-2009-3560.patch +++ b/expat-CVE-2009-3560.patch @@ -1,14 +1,16 @@ -http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165 +http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166&view=patch Index: lib/xmlparse.c =================================================================== --- lib/xmlparse.c.orig +++ lib/xmlparse.c -@@ -3725,7 +3725,6 @@ doProlog(XML_Parser parser, - return XML_ERROR_NO_ELEMENTS; - default: - tok = -tok; -- next = end; - break; - } - } +@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ diff --git a/expat.changes b/expat.changes index 11c271a..8e497a8 100644 --- a/expat.changes +++ b/expat.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Jan 8 15:04:28 CET 2010 - prusnak@suse.cz + +- fix CVE-2009-3560.patch [bnc#566434] + ------------------------------------------------------------------- Sun Dec 13 19:28:22 CET 2009 - jengelh@medozas.de