From c748e967462a3c81f0beb876f2dfab723d9d02b0f852664c7ff81fe8566f4ebd Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 8 Jan 2010 16:30:06 +0000 Subject: [PATCH] Updating link to change in openSUSE:Factory/expat revision 15.0 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=6ee8bb17ca0a2c4c95300248e8cf4a07 --- expat-CVE-2009-3560.patch | 20 +++++++++++--------- expat.changes | 10 ++++++++++ expat.spec | 5 +++-- 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/expat-CVE-2009-3560.patch b/expat-CVE-2009-3560.patch index 13a0cdd..af827f7 100644 --- a/expat-CVE-2009-3560.patch +++ b/expat-CVE-2009-3560.patch @@ -1,14 +1,16 @@ -http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165 +http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166&view=patch Index: lib/xmlparse.c =================================================================== --- lib/xmlparse.c.orig +++ lib/xmlparse.c -@@ -3725,7 +3725,6 @@ doProlog(XML_Parser parser, - return XML_ERROR_NO_ELEMENTS; - default: - tok = -tok; -- next = end; - break; - } - } +@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ diff --git a/expat.changes b/expat.changes index 77c1760..8e497a8 100644 --- a/expat.changes +++ b/expat.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Jan 8 15:04:28 CET 2010 - prusnak@suse.cz + +- fix CVE-2009-3560.patch [bnc#566434] + +------------------------------------------------------------------- +Sun Dec 13 19:28:22 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source + ------------------------------------------------------------------- Fri Dec 4 15:43:29 CET 2009 - prusnak@suse.cz diff --git a/expat.spec b/expat.spec index 81df7d2..36c3566 100644 --- a/expat.spec +++ b/expat.spec @@ -1,7 +1,7 @@ # # spec file for package expat (Version 2.0.1) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ Name: expat Version: 2.0.1 -Release: 92 +Release: 93 Group: Development/Libraries/C and C++ License: MIT License (or similar) Url: http://expat.sourceforge.net/ @@ -32,6 +32,7 @@ Obsoletes: expat-64bit Summary: XML Parser Toolkit Source0: %{name}-%{version}.tar.bz2 Source1: %{name}faq.html +Source2: baselibs.conf Patch0: %{name}-CVE-2009-2625.patch Patch1: %{name}-CVE-2009-3560.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build