Fixes quite some security and other issues. License text change was a small typo only. Two patches removed have gone upstream.
Signed-off-by: Alexander Dahl <[email protected]> Link: https://mail.gnome.org/archives/xml/2021-May/msg00000.html Link: https://mail.gnome.org/archives/xml/2021-May/msg00003.html --- ...e-loop-in-xmlStringLenDecodeEntities.patch | 28 ------------------ ...mory-leak-in-xmlSchemaValidateStream.patch | 29 ------------------- patches/libxml2-2.9.10/series | 8 ----- ...200-xml2-config-is-not-SYSROOT-aware.patch | 0 patches/libxml2-2.9.12/series | 6 ++++ rules/libxml2.make | 6 ++-- 6 files changed, 9 insertions(+), 68 deletions(-) delete mode 100644 patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch delete mode 100644 patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch delete mode 100644 patches/libxml2-2.9.10/series rename patches/{libxml2-2.9.10 => libxml2-2.9.12}/0200-xml2-config-is-not-SYSROOT-aware.patch (100%) create mode 100644 patches/libxml2-2.9.12/series diff --git a/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch b/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch deleted file mode 100644 index 59c864731..000000000 --- a/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch +++ /dev/null @@ -1,28 +0,0 @@ -From: Zhipeng Xie <[email protected]> -Date: Thu, 12 Dec 2019 17:30:55 +0800 -Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities - -When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef -return NULL which cause a infinite loop in xmlStringLenDecodeEntities - -Found with libFuzzer. - -Signed-off-by: Zhipeng Xie <[email protected]> ---- - parser.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index d1c319631fc9..a34bb6cdd81b 100644 ---- a/parser.c -+++ b/parser.c -@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, - else - c = 0; - while ((c != 0) && (c != end) && /* non input consuming loop */ -- (c != end2) && (c != end3)) { -+ (c != end2) && (c != end3) && -+ (ctxt->instate != XML_PARSER_EOF)) { - - if (c == 0) break; - if ((c == '&') && (str[1] == '#')) { diff --git a/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch b/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch deleted file mode 100644 index 1ca086217..000000000 --- a/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch +++ /dev/null @@ -1,29 +0,0 @@ -From: Zhipeng Xie <[email protected]> -Date: Tue, 20 Aug 2019 16:33:06 +0800 -Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream - -When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun -alloc a new schema for ctxt->schema and set vctxt->xsiAssemble -to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize -vctxt->xsiAssemble to 0 again which cause the alloced schema -can not be freed anymore. - -Found with libFuzzer. - -Signed-off-by: Zhipeng Xie <[email protected]> ---- - xmlschemas.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/xmlschemas.c b/xmlschemas.c -index d19de6df5f50..59495c2738ab 100644 ---- a/xmlschemas.c -+++ b/xmlschemas.c -@@ -28095,7 +28095,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { - vctxt->nberrors = 0; - vctxt->depth = -1; - vctxt->skipDepth = -1; -- vctxt->xsiAssemble = 0; - vctxt->hasKeyrefs = 0; - #ifdef ENABLE_IDC_NODE_TABLES_TEST - vctxt->createIDCNodeTables = 1; diff --git a/patches/libxml2-2.9.10/series b/patches/libxml2-2.9.10/series deleted file mode 100644 index fed72960d..000000000 --- a/patches/libxml2-2.9.10/series +++ /dev/null @@ -1,8 +0,0 @@ -# generated by git-ptx-patches -#tag:base --start-number 1 -#tag:upstream --start-number 1 -0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch -0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch -#tag:ptx --start-number 200 -0200-xml2-config-is-not-SYSROOT-aware.patch -# d6f49636e8813a3a9e46758f352fc667 - git-ptx-patches magic diff --git a/patches/libxml2-2.9.10/0200-xml2-config-is-not-SYSROOT-aware.patch b/patches/libxml2-2.9.12/0200-xml2-config-is-not-SYSROOT-aware.patch similarity index 100% rename from patches/libxml2-2.9.10/0200-xml2-config-is-not-SYSROOT-aware.patch rename to patches/libxml2-2.9.12/0200-xml2-config-is-not-SYSROOT-aware.patch diff --git a/patches/libxml2-2.9.12/series b/patches/libxml2-2.9.12/series new file mode 100644 index 000000000..05ba5ddea --- /dev/null +++ b/patches/libxml2-2.9.12/series @@ -0,0 +1,6 @@ +# generated by git-ptx-patches +#tag:base --start-number 1 +#tag:upstream --start-number 1 +#tag:ptx --start-number 200 +0200-xml2-config-is-not-SYSROOT-aware.patch +# b6720be956d1b4619bc1c347a0ceb1dd - git-ptx-patches magic diff --git a/rules/libxml2.make b/rules/libxml2.make index 1da248307..9eb1993b0 100644 --- a/rules/libxml2.make +++ b/rules/libxml2.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBXML2) += libxml2 # # Paths and names # -LIBXML2_VERSION := 2.9.10 -LIBXML2_MD5 := 10942a1dc23137a8aa07f0639cbfece5 +LIBXML2_VERSION := 2.9.12 +LIBXML2_MD5 := f433a39be087a9f0b197eb2307ad9f75 LIBXML2 := libxml2-$(LIBXML2_VERSION) LIBXML2_SUFFIX := tar.gz LIBXML2_SOURCE := $(SRCDIR)/$(LIBXML2).$(LIBXML2_SUFFIX) @@ -26,7 +26,7 @@ LIBXML2_LICENSE := MIT AND ISC # The file 'COPYING' is just a symlink on the file 'Copyright' LIBXML2_LICENSE_FILES := \ file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \ - file://hash.c;startline=6;endline=15;md5=96f7296605eae807670fb08947829969 + file://hash.c;startline=6;endline=15;md5=e77f77b12cb69e203d8b4090a0eee879 LIBXML2_URL := \ ftp://xmlsoft.org/libxml2/$(LIBXML2).$(LIBXML2_SUFFIX) \ -- 2.20.1 _______________________________________________ ptxdist mailing list [email protected] To unsubscribe, send a mail with subject "unsubscribe" to [email protected]
