commit: 16a87b549461e49ac8b7915d892d4d8ca187c1b1
Author: Sebastian Pipping <sping <AT> gentoo <DOT> org>
AuthorDate: Tue Jul 26 19:23:09 2016 +0000
Commit: Sebastian Pipping <sping <AT> gentoo <DOT> org>
CommitDate: Tue Jul 26 19:23:32 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=16a87b54
dev-libs/expat: CVE-2016-0718 regression fix
Package-Manager: portage-2.2.28
.../{expat-2.2.0.ebuild => expat-2.1.1-r3.ebuild} | 10 ++++++++
.../{expat-2.2.0.ebuild => expat-2.2.0-r1.ebuild} | 4 ++++
.../expat-2.1.1-CVE-2016-0718-regression.patch | 27 ++++++++++++++++++++++
3 files changed, 41 insertions(+)
diff --git a/dev-libs/expat/expat-2.2.0.ebuild
b/dev-libs/expat/expat-2.1.1-r3.ebuild
similarity index 86%
copy from dev-libs/expat/expat-2.2.0.ebuild
copy to dev-libs/expat/expat-2.1.1-r3.ebuild
index e373b86..cd97f7a 100644
--- a/dev-libs/expat/expat-2.2.0.ebuild
+++ b/dev-libs/expat/expat-2.1.1-r3.ebuild
@@ -16,6 +16,16 @@ IUSE="elibc_FreeBSD examples static-libs unicode"
RDEPEND="abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
+src_prepare() {
+ # https://bugs.gentoo.org/show_bug.cgi?id=583268
+ epatch "${FILESDIR}"/${P}-CVE-2015-1283-refix.patch
+ epatch "${FILESDIR}"/${P}-CVE-2016-0718-v2-2-1.patch
+ epatch "${FILESDIR}"/${P}-CVE-2016-0718-regression.patch
+
+ # https://bugs.gentoo.org/show_bug.cgi?id=577928
+ epatch "${FILESDIR}"/${P}-CVE-2012-6702-plus-CVE-2016-5300-v1.patch
+}
+
multilib_src_configure() {
local myconf="$(use_enable static-libs static)"
diff --git a/dev-libs/expat/expat-2.2.0.ebuild
b/dev-libs/expat/expat-2.2.0-r1.ebuild
similarity index 96%
rename from dev-libs/expat/expat-2.2.0.ebuild
rename to dev-libs/expat/expat-2.2.0-r1.ebuild
index e373b86..55efcb4 100644
--- a/dev-libs/expat/expat-2.2.0.ebuild
+++ b/dev-libs/expat/expat-2.2.0-r1.ebuild
@@ -16,6 +16,10 @@ IUSE="elibc_FreeBSD examples static-libs unicode"
RDEPEND="abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.1.1-CVE-2016-0718-regression.patch
+}
+
multilib_src_configure() {
local myconf="$(use_enable static-libs static)"
diff --git a/dev-libs/expat/files/expat-2.1.1-CVE-2016-0718-regression.patch
b/dev-libs/expat/files/expat-2.1.1-CVE-2016-0718-regression.patch
new file mode 100644
index 0000000..03ea42d
--- /dev/null
+++ b/dev-libs/expat/files/expat-2.1.1-CVE-2016-0718-regression.patch
@@ -0,0 +1,27 @@
+From 3e6190e433479e56f8c1e5adc1198b3c86b15577 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <[email protected]>
+Date: Sun, 17 Jul 2016 20:22:29 +0200
+Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718 (bug
+ #539)
+
+Tag names were cut off in some cases; reported by Andy Wang
+---
+ expat/lib/xmlparse.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 13e080d..2630310 100644
+--- a/expat/lib/xmlparse.c
++++ b/expat/lib/xmlparse.c
+@@ -2430,7 +2430,7 @@ doContent(XML_Parser parser,
+ &fromPtr, rawNameEnd,
+ (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
+ convLen = (int)(toPtr - (XML_Char *)tag->buf);
+- if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
++ if ((fromPtr >= rawNameEnd) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
+ tag->name.strLen = convLen;
+ break;
+ }
+--
+2.9.2
+
