external_deps.lst | 4 +-- libxml2/libxml2-c99.patch | 48 ++++++++++++++++++++++++++++++++++++++++ libxml2/libxml2-configure.patch | 12 +++++----- libxml2/libxml2-long-path.patch | 4 +-- libxml2/makefile.mk | 7 +++-- 5 files changed, 62 insertions(+), 13 deletions(-)
New commits: commit a8ee4f315bbd286c6efcc271e4289c4abb220a77 Author: Don Lewis <truck...@apache.org> Date: Sun Aug 28 20:42:46 2016 +0000 Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4449 CVE-2016-4483 It is not known whether any of these affect OpenOffice. Import a post-2.9.4 patch from the upstream git repo to fix a build problem on systems with pre-C99 compilers. diff --git a/external_deps.lst b/external_deps.lst index 2c7e376..bfbaaf1 100644 --- a/external_deps.lst +++ b/external_deps.lst @@ -174,8 +174,8 @@ if ( true ) URL2 = $(OOO_EXTRAS)$(MD5)-$(name) if (SYSTEM_LIBXML != YES) - MD5 = daece17e045f1c107610e137ab50c179 - name = libxml2-2.9.3.tar.gz + MD5 = ae249165c173b1ff386ee8ad676815f5 + name = libxml2-2.9.4.tar.gz URL1 = http://xmlsoft.org/sources/$(name) URL2 = $(OOO_EXTRAS)$(MD5)-$(name) diff --git a/libxml2/libxml2-c99.patch b/libxml2/libxml2-c99.patch new file mode 100644 index 0000000..7ce8f80 --- /dev/null +++ b/libxml2/libxml2-c99.patch @@ -0,0 +1,48 @@ +From d77e5fc4bcdb7da748c9cca116a601ae4df60d21 Mon Sep 17 00:00:00 2001 +From: Chun-wei Fan <fanchun...@src.gnome.org> +Date: Tue, 31 May 2016 21:04:50 +0800 +Subject: relaxng.c, xmlschemas.c: Fix build on pre-C99 compilers + +Make sure that the variables are declared at the top of the block. + +https://bugzilla.gnome.org/show_bug.cgi?id=767063 + --- + relaxng.c | 3 ++- + xmlschemas.c | 2 +- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/relaxng.c b/relaxng.c +index 56a3344..3d3e69c 100644 +diff -ur misc/libxml2-2.9.4/relaxng.c misc/build/libxml2-2.9.4/relaxng.c +--- misc/libxml2-2.9.4/relaxng.c 2016-05-23 00:25:25.000000000 -0700 ++++ misc/build/libxml2-2.9.4/relaxng.c 2016-08-28 00:37:26.017097000 -0700 +@@ -2088,6 +2088,7 @@ + const xmlChar * arg2) + { + char msg[1000]; ++ xmlChar *result; + + if (arg1 == NULL) + arg1 = BAD_CAST ""; +@@ -2215,7 +2216,7 @@ + snprintf(msg, 1000, "Unknown error code %d\n", err); + } + msg[1000 - 1] = 0; +- xmlChar *result = xmlCharStrdup(msg); ++ result = xmlCharStrdup(msg); + return (xmlEscapeFormatString(&result)); + } + +diff -ur misc/libxml2-2.9.4/xmlschemas.c misc/build/libxml2-2.9.4/xmlschemas.c +--- misc/libxml2-2.9.4/xmlschemas.c 2016-05-23 00:25:25.000000000 -0700 ++++ misc/build/libxml2-2.9.4/xmlschemas.c 2016-08-28 00:37:26.025519000 -0700 +@@ -3168,8 +3168,8 @@ + "valid."); + } + if (expected) { +- msg = xmlStrcat(msg, BAD_CAST " Expected is '"); + xmlChar *expectedEscaped = xmlCharStrdup(expected); ++ msg = xmlStrcat(msg, BAD_CAST " Expected is '"); + msg = xmlStrcat(msg, xmlEscapeFormatString(&expectedEscaped)); + FREE_AND_NULL(expectedEscaped); + msg = xmlStrcat(msg, BAD_CAST "'.\n"); diff --git a/libxml2/libxml2-configure.patch b/libxml2/libxml2-configure.patch index 8d5437f..bc5bea2 100644 --- a/libxml2/libxml2-configure.patch +++ b/libxml2/libxml2-configure.patch @@ -1,6 +1,6 @@ -diff -ur misc/libxml2-2.9.3/include/libxml/xmlversion.h misc/build/libxml2-2.9.3/include/libxml/xmlversion.h ---- misc/libxml2-2.9.3/include/libxml/xmlversion.h 2015-11-20 01:49:39.000000000 -0800 -+++ misc/build/libxml2-2.9.3/include/libxml/xmlversion.h 2016-03-26 09:46:21.124032000 -0700 +diff -ur misc/libxml2-2.9.4/include/libxml/xmlversion.h misc/build/libxml2-2.9.4/include/libxml/xmlversion.h +--- misc/libxml2-2.9.4/include/libxml/xmlversion.h 2015-11-20 01:49:39.000000000 -0800 ++++ misc/build/libxml2-2.9.4/include/libxml/xmlversion.h 2016-03-26 09:46:21.124032000 -0700 @@ -273,7 +273,7 @@ * * Whether iconv support is available @@ -19,9 +19,9 @@ diff -ur misc/libxml2-2.9.3/include/libxml/xmlversion.h misc/build/libxml2-2.9.3 #define LIBXML_DEBUG_ENABLED #endif -diff -ur misc/libxml2-2.9.3/xml2-config.in misc/build/libxml2-2.9.3/xml2-config.in ---- misc/libxml2-2.9.3/xml2-config.in 2015-05-06 05:04:36.000000000 -0700 -+++ misc/build/libxml2-2.9.3/xml2-config.in 2016-03-26 10:00:17.756184000 -0700 +diff -ur misc/libxml2-2.9.4/xml2-config.in misc/build/libxml2-2.9.4/xml2-config.in +--- misc/libxml2-2.9.4/xml2-config.in 2015-05-06 05:04:36.000000000 -0700 ++++ misc/build/libxml2-2.9.4/xml2-config.in 2016-03-26 10:00:17.756184000 -0700 @@ -1,9 +1,14 @@ #! /bin/sh diff --git a/libxml2/libxml2-long-path.patch b/libxml2/libxml2-long-path.patch index cfa79c8..8435d57 100644 --- a/libxml2/libxml2-long-path.patch +++ b/libxml2/libxml2-long-path.patch @@ -1,5 +1,5 @@ ---- misc/libxml2-2.9.3/uri.c 2015-11-02 23:28:09.000000000 -0800 -+++ misc/build/libxml2-2.9.3/uri.c 2016-03-26 10:19:45.838472000 -0700 +--- misc/libxml2-2.9.4/uri.c 2015-11-02 23:28:09.000000000 -0800 ++++ misc/build/libxml2-2.9.4/uri.c 2016-03-26 10:19:45.838472000 -0700 @@ -2412,6 +2412,15 @@ return xmlStrdup((const xmlChar *) path); #endif diff --git a/libxml2/makefile.mk b/libxml2/makefile.mk index 3ba8c87..bcb4710 100644 --- a/libxml2/makefile.mk +++ b/libxml2/makefile.mk @@ -38,12 +38,13 @@ all: # --- Files -------------------------------------------------------- -LIBXML2VERSION=2.9.3 +LIBXML2VERSION=2.9.4 TARFILE_NAME=$(PRJNAME)-$(LIBXML2VERSION) -TARFILE_MD5=daece17e045f1c107610e137ab50c179 +TARFILE_MD5=ae249165c173b1ff386ee8ad676815f5 -PATCH_FILES=libxml2-configure.patch +PATCH_FILES=libxml2-configure.patch \ + libxml2-c99.patch # libxml2-global-symbols: #i112480#: Solaris ld won't export non-listed symbols # libxml2-global-symbols.patch _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits