Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=de69670335f92854b7ffdd6257f1c9728df14b4b

commit de69670335f92854b7ffdd6257f1c9728df14b4b
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Mon Sep 28 10:23:28 2009 +0200

libxslt-1.1.26-1-i686

- version bump

diff --git a/source/lib/libxslt/CVE-2008-2935.patch 
b/source/lib/libxslt/CVE-2008-2935.patch
deleted file mode 100644
index c9ab232..0000000
--- a/source/lib/libxslt/CVE-2008-2935.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-Index: libexslt/crypto.c
-===================================================================
---- libexslt/crypto.c  (revision 1479)
-+++ libexslt/crypto.c  (working copy)
-@@ -595,11 +595,13 @@ exsltCryptoRc4EncryptFunction (xmlXPathP
-     int str_len = 0, bin_len = 0, hex_len = 0;
-     xmlChar *key = NULL, *str = NULL, *padkey = NULL;
-     xmlChar *bin = NULL, *hex = NULL;
-+    xsltTransformContextPtr tctxt = NULL;
-
--    if ((nargs < 1) || (nargs > 3)) {
-+    if (nargs != 2) {
-       xmlXPathSetArityError (ctxt);
-       return;
-     }
-+    tctxt = xsltXPathGetTransformContext(ctxt);
-
-     str = xmlXPathPopString (ctxt);
-     str_len = xmlUTF8Strlen (str);
-@@ -611,7 +613,7 @@ exsltCryptoRc4EncryptFunction (xmlXPathP
-     }
-
-     key = xmlXPathPopString (ctxt);
--    key_len = xmlUTF8Strlen (str);
-+    key_len = xmlUTF8Strlen (key);
-
-     if (key_len == 0) {
-       xmlXPathReturnEmptyString (ctxt);
-@@ -620,15 +622,33 @@ exsltCryptoRc4EncryptFunction (xmlXPathP
-       return;
-     }
-
--    padkey = xmlMallocAtomic (RC4_KEY_LENGTH);
-+    padkey = xmlMallocAtomic (RC4_KEY_LENGTH + 1);
-+    if (padkey == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate padkey\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-+    memset(padkey, 0, RC4_KEY_LENGTH + 1);
-+
-     key_size = xmlUTF8Strsize (key, key_len);
-+    if ((key_size > RC4_KEY_LENGTH) || (key_size < 0)) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: key size too long or key broken\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-     memcpy (padkey, key, key_size);
--    memset (padkey + key_size, '\0', sizeof (padkey));
-
- /* encrypt it */
-     bin_len = str_len;
-     bin = xmlStrdup (str);
-     if (bin == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate string\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-       xmlXPathReturnEmptyString (ctxt);
-       goto done;
-     }
-@@ -638,6 +658,9 @@ exsltCryptoRc4EncryptFunction (xmlXPathP
-     hex_len = str_len * 2 + 1;
-     hex = xmlMallocAtomic (hex_len);
-     if (hex == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate result\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-       xmlXPathReturnEmptyString (ctxt);
-       goto done;
-     }
-@@ -670,11 +693,13 @@ exsltCryptoRc4DecryptFunction (xmlXPathP
-     int str_len = 0, bin_len = 0, ret_len = 0;
-     xmlChar *key = NULL, *str = NULL, *padkey = NULL, *bin =
-       NULL, *ret = NULL;
-+    xsltTransformContextPtr tctxt = NULL;
-
--    if ((nargs < 1) || (nargs > 3)) {
-+    if (nargs != 2) {
-       xmlXPathSetArityError (ctxt);
-       return;
-     }
-+    tctxt = xsltXPathGetTransformContext(ctxt);
-
-     str = xmlXPathPopString (ctxt);
-     str_len = xmlUTF8Strlen (str);
-@@ -686,7 +711,7 @@ exsltCryptoRc4DecryptFunction (xmlXPathP
-     }
-
-     key = xmlXPathPopString (ctxt);
--    key_len = xmlUTF8Strlen (str);
-+    key_len = xmlUTF8Strlen (key);
-
-     if (key_len == 0) {
-       xmlXPathReturnEmptyString (ctxt);
-@@ -695,22 +720,51 @@ exsltCryptoRc4DecryptFunction (xmlXPathP
-       return;
-     }
-
--    padkey = xmlMallocAtomic (RC4_KEY_LENGTH);
-+    padkey = xmlMallocAtomic (RC4_KEY_LENGTH + 1);
-+    if (padkey == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate padkey\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-+    memset(padkey, 0, RC4_KEY_LENGTH + 1);
-     key_size = xmlUTF8Strsize (key, key_len);
-+    if ((key_size > RC4_KEY_LENGTH) || (key_size < 0)) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: key size too long or key broken\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-     memcpy (padkey, key, key_size);
--    memset (padkey + key_size, '\0', sizeof (padkey));
-
- /* decode hex to binary */
-     bin_len = str_len;
-     bin = xmlMallocAtomic (bin_len);
-+    if (bin == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate string\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-     ret_len = exsltCryptoHex2Bin (str, str_len, bin, bin_len);
-
- /* decrypt the binary blob */
-     ret = xmlMallocAtomic (ret_len);
-+    if (ret == NULL) {
-+      xsltTransformError(tctxt, NULL, tctxt->inst,
-+          "exsltCryptoRc4EncryptFunction: Failed to allocate result\n");
-+      tctxt->state = XSLT_STATE_STOPPED;
-+      xmlXPathReturnEmptyString (ctxt);
-+      goto done;
-+    }
-     PLATFORM_RC4_DECRYPT (ctxt, padkey, bin, ret_len, ret, ret_len);
-
-     xmlXPathReturnString (ctxt, ret);
-
-+done:
-     if (key != NULL)
-       xmlFree (key);
-     if (str != NULL)
diff --git a/source/lib/libxslt/FrugalBuild b/source/lib/libxslt/FrugalBuild
index ce258e2..cb81d99 100644
--- a/source/lib/libxslt/FrugalBuild
+++ b/source/lib/libxslt/FrugalBuild
@@ -3,8 +3,8 @@
# Maintainer: Zsolt Szalai <xbit.li...@chello.hu>

pkgname=libxslt
-pkgver=1.1.24
-pkgrel=3
+pkgver=1.1.26
+pkgrel=1
pkgdesc="XML stylesheet transformation library"
url="http://xmlsoft.org/XSLT/";
up2date="Flastarchive http://xmlsoft.org/sources/ .tar.gz"
@@ -12,10 +12,8 @@ groups=('lib')
archs=('i686' 'x86_64' 'ppc')
depends=('libgcrypt' 'libxml2')
makedepends=('python')
-source=(http://xmlsoft.org/sources/$pkgname-$pkgver.tar.gz \
-       CVE-2008-2935.patch)
-sha1sums=('b5402e24abff5545ed76f6a55049cbebc664bd58' \
-          '018183759b431aaabe094ecadbdb30df80613dd8')
+source=(http://xmlsoft.org/sources/$pkgname-$pkgver.tar.gz)
+sha1sums=('69f74df8228b504a87e2b257c2d5238281c65154')

build() {
Fbuild --without-debug --with-plugins --with-debugger
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to