diff options
Diffstat (limited to 'abs')
-rw-r--r-- | abs/core/libxml2/PKGBUILD | 19 | ||||
-rw-r--r-- | abs/core/libxml2/fix-CVE-2014-3660.patch | 28 | ||||
-rw-r--r-- | abs/core/libxml2/revert-catalog-initialize.patch | 26 |
3 files changed, 8 insertions, 65 deletions
diff --git a/abs/core/libxml2/PKGBUILD b/abs/core/libxml2/PKGBUILD index 0949823..fe3e82c 100644 --- a/abs/core/libxml2/PKGBUILD +++ b/abs/core/libxml2/PKGBUILD @@ -4,8 +4,8 @@ # Contributor: John Proctor <jproctor@prium.net> pkgname=libxml2 -pkgver=2.9.2 -pkgrel=2 +pkgver=2.9.3 +pkgrel=1 pkgdesc="XML parsing library, version 2" arch=(i686 x86_64) license=('MIT') @@ -14,25 +14,22 @@ makedepends=('python2') optdepends=('python2: python bindings to libxml') url="http://www.xmlsoft.org/" source=(ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz - http://www.w3.org/XML/Test/xmlts20080827.tar.gz - revert-catalog-initialize.patch - fix-CVE-2014-3660.patch) -md5sums=('9e6a9aca9d155737868b3dc5fd82f788' - 'ae3d1ebe000a3972afa104ca7f0e1b4a' - 'fdb2e26174ac9cced85ffbf4fb782187' - '71c88ee5a133461a8ab8aaa194899453') + http://www.w3.org/XML/Test/xmlts20080827.tar.gz) +md5sums=('daece17e045f1c107610e137ab50c179' + 'ae3d1ebe000a3972afa104ca7f0e1b4a') prepare() { cd ${pkgname}-${pkgver} sed -e 's|/usr/bin/python -u|/usr/bin/python2 -u|g' -e 's|/usr/bin/python$|/usr/bin/python2|g' -i python/tests/*.py mv ../xmlconf . - patch -Np1 -i ../revert-catalog-initialize.patch - patch -Np1 -i ../fix-CVE-2014-3660.patch } build() { cd ${pkgname}-${pkgver} ./configure --prefix=/usr --with-threads --with-history --with-python=/usr/bin/python2 + + sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' -e 's/ if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then/ func_append compile_command " -Wl,-O1,--as-needed"\n func_append finalize_command " -Wl,-O1,--as-needed"\n\0/' libtool + make } diff --git a/abs/core/libxml2/fix-CVE-2014-3660.patch b/abs/core/libxml2/fix-CVE-2014-3660.patch deleted file mode 100644 index 9e6441c..0000000 --- a/abs/core/libxml2/fix-CVE-2014-3660.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard <veillard@redhat.com> -Date: Thu, 23 Oct 2014 11:35:36 +0800 -Subject: Fix missing entities after CVE-2014-3660 fix - -For https://bugzilla.gnome.org/show_bug.cgi?id=738805 - -The fix for CVE-2014-3660 introduced a regression in some case -where entity substitution is required and the entity is used -first in anotther entity referenced from an attribute value - -diff --git a/parser.c b/parser.c -index 67c9dfd..a8d1b67 100644 ---- a/parser.c -+++ b/parser.c -@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - * far more secure as the parser will only process data coming from - * the document entity by default. - */ -- if ((ent->checked == 0) && -+ if (((ent->checked == 0) || -+ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) && - ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) || - (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) { - unsigned long oldnbent = ctxt->nbentities; --- -cgit v0.10.1 - diff --git a/abs/core/libxml2/revert-catalog-initialize.patch b/abs/core/libxml2/revert-catalog-initialize.patch deleted file mode 100644 index d98b382..0000000 --- a/abs/core/libxml2/revert-catalog-initialize.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard <veillard@redhat.com> -Date: Fri, 17 Oct 2014 17:13:41 +0800 -Subject: Revert "Missing initialization for the catalog module" - -This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. -As this break xmlcatalog command -https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - -diff --git a/parser.c b/parser.c -index 1d93967..67c9dfd 100644 ---- a/parser.c -+++ b/parser.c -@@ -14830,9 +14830,6 @@ xmlInitParser(void) { - #ifdef LIBXML_XPATH_ENABLED - xmlXPathInit(); - #endif --#ifdef LIBXML_CATALOG_ENABLED -- xmlInitializeCatalog(); --#endif - xmlParserInitialized = 1; - #ifdef LIBXML_THREAD_ENABLED - } --- -cgit v0.10.1 - |