Hello community, here is the log from the commit of package expat for openSUSE:12.1:Update:Test checked in at 2012-03-13 15:15:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update:Test/expat (Old) and /work/SRC/openSUSE:12.1:Update:Test/.expat.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "expat", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:12.1:Update:Test/expat/expat.changes 2012-03-08 18:33:57.000000000 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.expat.new/expat.changes 2012-03-13 15:15:25.000000000 +0100 @@ -1,0 +2,11 @@ +Mon Mar 12 13:46:28 UTC 2012 - [email protected] + +-Fixed VUL0: CVE-2012-1147 - Resource leak in readfilemap.c. (bnc#751464) +-Fixed VUL0: CVE-2012-1148 - Memory leak in poolGrow. (bnc#751465) +- + +------------------------------------------------------------------- +Fri Mar 9 14:53:13 UTC 2012 - [email protected] + + +------------------------------------------------------------------- New: ---- expat-CVE-2012-1147.patch expat-CVE-2012-1148.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.tJw710/_old 2012-03-13 15:15:25.000000000 +0100 +++ /var/tmp/diff_new_pack.tJw710/_new 2012-03-13 15:15:25.000000000 +0100 @@ -34,6 +34,8 @@ Patch0: %{name}-CVE-2009-2625.patch Patch1: %{name}-CVE-2009-3560.patch Patch2: %{name}-CVE-2012-0876.patch +Patch3: %{name}-CVE-2012-1147.patch +Patch4: %{name}-CVE-2012-1148.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gcc-c++ @@ -127,6 +129,8 @@ %patch0 %patch1 %patch2 -p0 +%patch3 +%patch4 cp %{S:1} . rm -f examples/*.dsp ++++++ expat-CVE-2012-1147.patch ++++++ Index: xmlwf/readfilemap.c =================================================================== --- xmlwf/readfilemap.c.orig +++ xmlwf/readfilemap.c @@ -58,10 +58,12 @@ filemap(const char *name, } if (fstat(fd, &sb) < 0) { perror(name); + close(fd); return 0; } if (!S_ISREG(sb.st_mode)) { fprintf(stderr, "%s: not a regular file\n", name); + close(fd); return 0; } nbytes = sb.st_size; ++++++ expat-CVE-2012-1148.patch ++++++ --- lib/xmlparse.c 2009/12/29 18:42:05 1.166 +++ lib/xmlparse.c 2010/02/25 18:35:36 1.167 @@ -6122,12 +6122,13 @@ } if (pool->blocks && pool->start == pool->blocks->s) { int blockSize = (int)(pool->end - pool->start)*2; - pool->blocks = (BLOCK *) + BLOCK *temp = (BLOCK *) pool->mem->realloc_fcn(pool->blocks, (offsetof(BLOCK, s) + blockSize * sizeof(XML_Char))); - if (pool->blocks == NULL) + if (temp == NULL) return XML_FALSE; + pool->blocks = temp; pool->blocks->size = blockSize; pool->ptr = pool->blocks->s + (pool->ptr - pool->start); pool->start = pool->blocks->s; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
