Hello community, here is the log from the commit of package libxml2.2842 for openSUSE:12.3:Update checked in at 2014-05-27 13:48:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/libxml2.2842 (Old) and /work/SRC/openSUSE:12.3:Update/.libxml2.2842.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxml2.2842" Changes: -------- New Changes file: --- /dev/null 2014-05-19 01:51:27.372033255 +0200 +++ /work/SRC/openSUSE:12.3:Update/.libxml2.2842.new/libxml2.changes 2014-05-27 13:48:51.000000000 +0200 @@ -0,0 +1,1647 @@ +------------------------------------------------------------------- +Fri May 23 09:27:47 UTC 2014 - vci...@suse.com + +- update the libxml2-CVE-2014-0191.patch, because it caused xmllint + breakage + +------------------------------------------------------------------- +Wed May 7 10:48:11 UTC 2014 - vci...@suse.com + +- fix for CVE-2014-0191 (bnc#876652) + * libxml2: external parameter entity loaded when entity + substitution is disabled + * added libxml2-CVE-2014-0191.patch + +------------------------------------------------------------------- +Thu Jul 11 15:31:49 UTC 2013 - vci...@suse.com + +- fix for CVE-2013-2877 (bnc#829077) + * added libxml2-CVE-2013-2877.patch + +------------------------------------------------------------------- +Thu Apr 18 14:07:49 UTC 2013 - vci...@suse.com + +- fix for CVE-2013-1969 (bnc#815665) + * libxml2-CVE-2013-1969.patch + +------------------------------------------------------------------- +Thu Mar 7 13:28:59 UTC 2013 - vci...@suse.com + +- fix for CVE-2013-0338 (bnc#805233) + libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch + +------------------------------------------------------------------- +Sat Dec 15 15:55:26 UTC 2012 - p.drou...@gmail.com + +- update to 2.9.0 version: + * please see the Changelog +- Updated patchs to get working with new version: + * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch ) + * fix-perl.diff + +------------------------------------------------------------------- +Fri Dec 7 10:49:11 UTC 2012 - vci...@suse.com + +- Add libxml2-CVE-2012-5134.patch to fix CVE-2012-5134 (bnc#793334) + +------------------------------------------------------------------- +Sun Sep 23 19:40:30 UTC 2012 - dims...@opensuse.org + +- Add a comment next to libxml2.la to make sure that anybody + removing it knows why it's there and reconsiders. + +------------------------------------------------------------------- +Sun Sep 23 19:28:04 UTC 2012 - co...@suse.com + +- readd .la file, python-libxml2 needs it + +------------------------------------------------------------------- +Fri Sep 21 18:04:16 UTC 2012 - jeng...@inai.de + +- Remove .la files; make sure installation succeeds for + Fedora_17 target + +------------------------------------------------------------------- +Tue Jun 12 18:10:07 UTC 2012 - ch...@computersalat.de + +- update to 2.8.0 + * please se ChangeLog for more info +- remove obsolete bigendian64 patch +- rebase fix-perl patch + +------------------------------------------------------------------- +Sun Mar 11 21:00:19 UTC 2012 - jeng...@medozas.de + +- libxml2-2 should not require libxml2-tools. There is no trouble + expected, since attempting to install libxml2 will already pull + in libxml2-tools due to Provides tags. + +------------------------------------------------------------------- +Mon Mar 5 10:18:12 UTC 2012 - co...@suse.com + +- revert the two commits that broke perl-XML-LibXML's test case, + I hope the two upstreams will figure it out + +------------------------------------------------------------------- +Fri Mar 2 16:47:56 UTC 2012 - co...@suse.com + +- update to git to fix some issues + * Fix a logic error in Schemas Component ConstraintsHEADmaster + * Fix a wrong enum type use in Schemas Types + +------------------------------------------------------------------- +Thu Mar 1 18:36:33 CET 2012 - meiss...@suse.de + +- fixed a 64bit big endian bug in the file reader. + +------------------------------------------------------------------- +Sat Feb 25 13:50:54 UTC 2012 - co...@suse.com + +- the fallout of requiring libxml2-tools as explicit buildrequire + is just too large, so avoid it for now and create a cycle between + libxml2-2 and libxml2-tools + +------------------------------------------------------------------- +Sat Feb 25 08:09:00 UTC 2012 - co...@suse.com + +- add provide for the old name to fix packages with explicit + library dependency + +------------------------------------------------------------------- +Thu Feb 23 10:42:16 UTC 2012 - co...@suse.com + +- update to today's GIT snapshot: + include XZ support +- split libxml2-2 according to shared library policy + +------------------------------------------------------------------- +Mon Dec 26 17:08:52 UTC 2011 - jeng...@medozas.de + +- Remove redundant tags/sections + +------------------------------------------------------------------- +Wed Dec 21 10:24:19 UTC 2011 - co...@suse.com + +- add autoconf as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Tue Dec 20 11:05:01 UTC 2011 - co...@suse.com + +- own aclocal directory, there is no other reason to buildrequire + automake + +------------------------------------------------------------------- +Fri Jul 8 08:52:06 UTC 2011 - sasc...@suse.de + +- update to libxml-2.7.8+git20110708 + - several important bugfixes +- drop upstreamed patches: + * libxml2-CVE-2010-4494.patch + * libxml2-CVE-2011-1944.patch + * noxref.patch + * symbol-versioning.patch + +------------------------------------------------------------------- +Wed Jun 29 09:05:59 UTC 2011 - pu...@novell.com + +- add libxml2-CVE-2011-1944.patch (bnc#697372) + +------------------------------------------------------------------- +Sun Jun 5 21:36:07 UTC 2011 - cshor...@googlemail.com + +- add symbol-versioning.patch to restore 11.3 versioned symbols + +------------------------------------------------------------------- +Mon Jan 3 09:21:20 UTC 2011 - pu...@novell.com + +- add libxml2-CVE-2010-4494.patch (bnc#661471) + +------------------------------------------------------------------- +Fri Dec 3 12:09:40 UTC 2010 - pu...@novell.com + +- update to libxml-2.7.8 + - number of bufixes, documentation and portability fixes + - update language ID parser to RFC 5646 + - sort python generated stubs + - add an HTML parser option to avoid a default doctype + - see http://xmlsoft.org/news.html for exact details +- drop libxml2-xpath-ns-attr-axis.patch (in upstream) +- clean up specfile + +------------------------------------------------------------------- +Mon Nov 1 10:00:04 UTC 2010 - pu...@novell.com + +- add libxml2-xpath-ns-attr-axis.patch (bnc#648277) + +------------------------------------------------------------------- +Sat Oct 30 22:45:22 UTC 2010 - cristian.rodrig...@opensuse.org + +- Use --disable-static + +------------------------------------------------------------------- +Mon Sep 20 11:36:31 UTC 2010 - pu...@novell.com + +- drop libxml2-largefile64.patch (revert last change) + - the issue is fixed in zlib + +------------------------------------------------------------------- +Fri Sep 17 16:28:46 UTC 2010 - pu...@novell.com + +- add libxml2-largefile64.patch (fixes build) + - debian bug#439843 + +------------------------------------------------------------------- +Wed Jul 14 20:05:00 UTC 2010 - j...@novell.com + +- added noxref.patch, + this implements a new --noxref option, which turns ++++ 1450 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.libxml2.2842.new/libxml2.changes New Changes file: --- /dev/null 2014-05-19 01:51:27.372033255 +0200 +++ /work/SRC/openSUSE:12.3:Update/.libxml2.2842.new/python-libxml2.changes 2014-05-27 13:48:51.000000000 +0200 @@ -0,0 +1,1489 @@ +------------------------------------------------------------------- +Sat Dec 15 15:55:26 UTC 2012 - p.drou...@gmail.com + +- update to 2.9.0 version: + * please see the Changelog +- Updated patchs to get working with new version: + * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch ) + * fix-perl.diff + +------------------------------------------------------------------- +Tue Jun 12 18:10:07 UTC 2012 - ch...@computersalat.de + +- update to 2.8.0 + * please see ChangeLog for more info + +------------------------------------------------------------------- +Sat Feb 25 08:47:58 UTC 2012 - co...@suse.com + +- fix version + +------------------------------------------------------------------- +Thu Feb 23 11:00:21 UTC 2012 - co...@suse.com + +- renamed to python-libxml2 to follow python naming expectations +- do not require python but let rpm figure it out + +------------------------------------------------------------------- +Mon Dec 26 17:08:59 UTC 2011 - jeng...@medozas.de + +- Remove redundant tags/sections + +------------------------------------------------------------------- +Fri Jul 8 08:52:06 UTC 2011 - sasc...@suse.de + +- update to libxml-2.7.8+git20110708 + - several important bugfixes + +------------------------------------------------------------------- +Mon Dec 6 09:05:53 UTC 2010 - co...@novell.com + +- buildrequire python-xml to fix build + +------------------------------------------------------------------- +Fri Dec 3 12:24:42 UTC 2010 - pu...@novell.com + +- update to libxml-2.7.8 + - number of bufixes, documentation and portability fixes + - update language ID parser to RFC 5646 + - sort python generated stubs + - add an HTML parser option to avoid a default doctype + - see http://xmlsoft.org/news.html for exact details +- clean up specfile + +------------------------------------------------------------------- +Wed Apr 7 16:34:29 UTC 2010 - co...@novell.com + +- fix build + +------------------------------------------------------------------- +Tue Mar 23 23:46:00 CET 2010 - mrd...@opensuse.org + +- update to 2.7.7 +- add extra options to ./configure for scribus features and avoid a crash +- updates from 2.7.3 > 2.7.7 include a number of portability, correctness + memory leaks and build fixes including some CVE +- see http://xmlsoft.org/news.html for exact details + +------------------------------------------------------------------- +Tue Dec 15 12:19:16 CET 2009 - jeng...@medozas.de + +- enable parallel building + +------------------------------------------------------------------- +Thu Mar 19 10:16:50 CET 2009 - prus...@suse.cz + +- updated to 2.7.2 + * Portability fix: fix solaris compilation problem, + fix compilation if XPath is not configured in + * Bug fixes: nasty entity bug introduced in 2.7.0, restore old + behaviour when saving an HTML doc with an xml dump function, + HTML UTF-8 parsing bug, fix reader custom error handlers + (Riccardo Scussat) + * Improvement: xmlSave options for more flexibility to save + as XML/HTML/XHTML, handle leading BOM in HTML documents +- updated to 2.7.3 + * Build fix: fix build when HTML support is not included. + * Bug fixes: avoid memory overflow in gigantic text nodes, + indentation problem on the writed (Rob Richards), + xmlAddChildList pointer problem (Rob Richards and Kevin Milburn), + xmlAddChild problem with attribute (Rob Richards and Kris Breuker), + avoid a memory leak in an edge case (Daniel Zimmermann), + deallocate some pthread data (Alex Ott). + * Improvements: configure option to avoid rebuilding docs + (Adrian Bunk), limit text nodes to 10MB max by default, + add element traversal APIs, add a parser option to enable + pre 2.7 SAX behavior (Rob Richards), + add gcc malloc checking (Marcus Meissner), + add gcc printf like functions parameters checking (Marcus Meissner). +- dropped obsoleted patches: + * alloc_size.patch (mainline) + * CVE-2008-4225.patch (mainline) + * CVE-2008-4226.patch (mainline) + * CVE-2008-4409.patch (mainline) + * oldsax.patch (mainline) + * pritnf.patch (mainline) + * xmlsave.patch (mainline) + +------------------------------------------------------------------- +Mon Jan 12 17:21:59 CET 2009 - prus...@suse.cz + +- added oldsax.patch to enable pre 2.7.0 sax behaviour [bnc#457056] + +------------------------------------------------------------------- +Wed Dec 10 12:34:56 CET 2008 - o...@suse.de + +- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade + (bnc#437293) + +------------------------------------------------------------------- +Tue Nov 25 16:00:27 CET 2008 - prus...@suse.cz + +- fix broken xmlsave (xmlsave.patch) [bnc#437203] + +------------------------------------------------------------------- +Tue Nov 18 16:24:39 CET 2008 - prus...@suse.cz + +- fixed CVE-2008-4225 [bnc#445677] + +------------------------------------------------------------------- +Thu Nov 6 12:02:25 CET 2008 - prus...@suse.cz + +- fixed CVE-2008-4226 [bnc#441368] + +------------------------------------------------------------------- +Thu Oct 30 12:34:56 CET 2008 - o...@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Mon Oct 6 14:50:38 CEST 2008 - prus...@suse.cz + +- fixed CVE-2008-4409 [bnc#432486] + +------------------------------------------------------------------- +Tue Sep 9 17:01:12 CEST 2008 - meiss...@suse.de + +- added GCC attribute alloc_size markup (alloc_size.patch) + +------------------------------------------------------------------- +Wed Sep 3 16:58:23 CEST 2008 - prus...@suse.cz + +- updated to 2.7.1 + * Portability fix: Borland C fix (Moritz Both) + * Bug fixes: python serialization wrappers, XPath QName corner + case handking and leaks (Martin) + * Improvement: extend the xmlSave to handle HTML documents and trees + * Cleanup: python serialization wrappers + +------------------------------------------------------------------- +Wed Sep 3 16:57:46 CEST 2008 - prus...@suse.cz + +- updated to 2.7.0 + * Documentation: switch ChangeLog to UTF-8, improve mutithreads and + xmlParserCleanup docs + * Portability fixes: Older Win32 platforms (Rob Richards), MSVC + porting fix (Rob Richards), Mac OS X regression tests (Sven Herzberg), + non GNUCC builds (Rob Richards), compilation on Haiku (Andreas Färber) + * Bug fixes: various realloc problems (Ashwin), potential double-free + (Ashwin), regexp crash, icrash with invalid whitespace facets (Rob + Richards), pattern fix when streaming (William Brack), various XML + parsing and validation fixes based on the W3C regression tests, reader + tree skipping function fix (Ashwin), Schemas regexps escaping fix + (Volker Grabsch), handling of entity push errors (Ashwin), fix a slowdown + when encoder cant serialize characters on output + * Code cleanup: compilation fix without the reader, without the output + (Robert Schwebel), python whitespace (Martin), many space/tabs cleanups, + serious cleanup of the entity handling code + * Improvement: switch parser to XML-1.0 5th edition, add parsing flags + for old versions, switch URI parsing to RFC 3986, + add xmlSchemaValidCtxtGetParserCtxt (Holger Kaelberer), + new hashing functions for dictionnaries (based on Stefan Behnel work), + improve handling of misplaced html/head/body in HTML parser, better + regression test tools and code coverage display, better algorithms + to detect various versions of the billion laughts attacks, make + arbitrary parser limits avoidable as a parser option +- dropped obsoleted patches: + * billion-laughs.patch (included in update) + +------------------------------------------------------------------- +Wed Aug 13 12:05:08 CEST 2008 - prus...@suse.cz + +- fixed billion laughs vulnerability (billion-laughs.patch) [bnc#415371] + +------------------------------------------------------------------- +Fri Apr 11 14:34:30 CEST 2008 - prus...@suse.cz + +- updated to 2.6.32 ++++ 1292 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.libxml2.2842.new/python-libxml2.changes New: ---- baselibs.conf fix-perl.diff libxml2-2.9.0-CVE-2012-5134.patch libxml2-2.9.0.tar.gz libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch libxml2-CVE-2013-1969.patch libxml2-CVE-2013-2877.patch libxml2-CVE-2014-0191.patch libxml2.changes libxml2.spec python-libxml2.changes python-libxml2.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxml2.spec ++++++ # # spec file for package libxml2 # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define lname libxml2-2 Name: libxml2 Version: 2.9.0 Release: 0 Summary: A Library to Manipulate XML Files License: MIT Group: System/Libraries Url: http://xmlsoft.org # Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every day Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz Source2: baselibs.conf Patch0: fix-perl.diff # PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334) Patch1: libxml2-2.9.0-CVE-2012-5134.patch Patch4: libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch Patch5: libxml2-CVE-2013-1969.patch Patch6: libxml2-CVE-2013-2877.patch Patch7: libxml2-CVE-2014-0191.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: pkg-config BuildRequires: readline-devel BuildRequires: xz-devel BuildRequires: zlib-devel %description The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. This library implements a number of existing standards related to markup languages, including the XML standard, name spaces in XML, XML Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and XML catalogs. In most cases, libxml tries to implement the specification in a rather strict way. To some extent, it provides support for the following specifications, but does not claim to implement them: DOM, FTP client, HTTP client, and SAX. The library also supports RelaxNG. Support for W3C XML Schemas is in progress. %package -n %lname Summary: A Library to Manipulate XML Files Group: System/Libraries %description -n %lname The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. This library implements a number of existing standards related to markup languages, including the XML standard, name spaces in XML, XML Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and XML catalogs. In most cases, libxml tries to implement the specification in a rather strict way. To some extent, it provides support for the following specifications, but does not claim to implement them: DOM, FTP client, HTTP client, and SAX. The library also supports RelaxNG. Support for W3C XML Schemas is in progress. %package tools Summary: Tools using libxml Group: System/Libraries Provides: %{name} = %{version}-%{release} Obsoletes: %{name} < %{version}-%{release} %description tools This package contains xmllint, a very useful tool proving libxml's power. %package devel Summary: Include Files and Libraries mandatory for Development Group: Development/Libraries/C and C++ Requires: %{lname} = %{version} Requires: %{name}-tools = %{version} Requires: glibc-devel Requires: readline-devel Requires: xz-devel Requires: zlib-devel # bug437293 %ifarch ppc64 Obsoletes: libxml2-devel-64bit %endif %description devel This package contains all necessary include files and libraries needed to develop applications that require these. %package doc Summary: A Library to Manipulate XML Files Group: System/Libraries Requires: %{lname} = %{version} BuildArch: noarch %description doc The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. This library implements a number of existing standards related to markup languages, including the XML standard, name spaces in XML, XML Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and XML catalogs. In most cases, libxml tries to implement the specification in a rather strict way. To some extent, it provides support for the following specifications, but does not claim to implement them: DOM, FTP client, HTTP client, and SAX. The library also supports RelaxNG. Support for W3C XML Schemas is in progress. %prep %setup -q %patch0 %patch1 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %build %configure --disable-static \ --docdir=%_docdir/%name \ --with-html-dir=%_docdir/%name/html \ --with-fexceptions \ --with-history \ --without-python \ --enable-ipv6 \ --with-sax1 \ --with-regexps \ --with-threads \ --with-reader \ --with-http make %{?_smp_mflags} BASE_DIR="%_docdir" DOC_MODULE="%name" %install make install DESTDIR="%buildroot" BASE_DIR="%_docdir" DOC_MODULE="%name" mkdir -p "%buildroot/%_docdir/%name" cp -a AUTHORS NEWS README COPYING* Copyright TODO* %{buildroot}%{_docdir}/%{name}/ ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml %check # qemu-arm can't keep up atm, disabling check for arm %ifnarch %arm make check %endif %post -n %lname -p /sbin/ldconfig %postun -n %lname -p /sbin/ldconfig %files -n %lname %defattr(-, root, root) %{_libdir}/lib*.so.* %doc %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/[ANRCT]* %files tools %defattr(-, root, root) %{_bindir}/xmllint %{_bindir}/xmlcatalog %doc %{_mandir}/man1/xmllint.1* %doc %{_mandir}/man1/xmlcatalog.1* %files devel %defattr(-, root, root) %{_bindir}/xml2-config %dir %{_datadir}/aclocal %{_datadir}/aclocal/libxml.m4 %{_includedir}/libxml %{_includedir}/libxml2 %{_libdir}/lib*.so # libxml2.la is needed for the python-libxml2 build. Deleting it breaks build of python-libxml2. %{_libdir}/libxml2.la %{_libdir}/*.sh %{_libdir}/pkgconfig/*.pc %doc %{_mandir}/man1/xml2-config.1* %doc %{_mandir}/man3/libxml.3* %files doc %defattr(-, root, root) %{_datadir}/gtk-doc/html/* %doc %{_docdir}/%{name}/examples %doc %{_docdir}/%{name}/html # owning these directories prevents gtk-doc <-> libxml2 build loop: %dir %{_datadir}/gtk-doc %dir %{_datadir}/gtk-doc/html %changelog ++++++ python-libxml2.spec ++++++ # # spec file for package python-libxml2 # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: python-libxml2 Version: 2.9.0 Release: 0 Summary: Python Bindings for libxml2 License: MIT Group: Development/Libraries/Python Url: http://xmlsoft.org Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libxml2-devel BuildRequires: python-devel BuildRequires: python-xml Requires: libxml2-2 = %{version} # Uncomment to save space: #NoSource: 0 Obsoletes: libxml2-python < %{version} Provides: libxml2-python = %{version} %description The libxml2-python package contains a module that permits applications written in the Python programming language to use the interface supplied by the libxml2 library to manipulate XML files. This library allows manipulation of XML files. It includes support for reading, modifying, and writing XML and HTML files. There is DTD support that includes parsing and validation even with complex DTDs, either at parse time or later once the document has been modified. %prep %setup -q -n libxml2-%{version} %build # workaround for bnc#310196 %ifarch s390 s390x export RPM_OPT_FLAGS=${RPM_OPT_FLAGS/-O2/-O1} %endif export CFLAGS="%{optflags} -fno-strict-aliasing" %configure \ --with-fexceptions \ --with-history \ --enable-ipv6 \ --with-sax1 \ --with-regexps \ --with-threads \ --with-reader \ --with-http # use libxml2 as built by libxml2 source package mkdir .libs cp -v %{_libdir}/libxml2.la . make -C python %{?_smp_mflags} %install make -C python install \ DESTDIR=%{buildroot} \ pythondir=%{py_sitedir} \ PYTHON_SITE_PACKAGES=%{py_sitedir} chmod a-x python/tests/*.py # Unwanted doc stuff rm -fr %{buildroot}%{_datadir}/doc rm -f python/tests/Makefile* # #223696 rm -f %{buildroot}%{py_sitedir}/*.{la,a} %files %defattr(-, root, root) %doc python/TODO %doc python/libxml2class.txt %doc python/tests %{py_sitedir}/* %changelog ++++++ baselibs.conf ++++++ libxml2-2 libxml2-devel requires -libxml2-<targettype> requires "libxml2-2-<targettype> = <version>" ++++++ fix-perl.diff ++++++ commit 77b77b1301e052d90e6a0967534a698506afcd86 Author: Daniel Veillard <veill...@redhat.com> Date: Thu Jan 26 19:11:02 2012 +0800 Fix SAX2 builder in case of undefined element namespaces Work as in XML-1.0 before namespaces, and use prefix:localname as the new element name (and no namespace of course) Also fix 3 cases in the regression tests where the prefix: was erroneously dropped in such case Index: SAX2.c =================================================================== --- SAX2.c.orig 2012-09-11 08:01:01.000000000 +0200 +++ SAX2.c 2012-12-15 16:32:27.353560391 +0100 @@ -2188,7 +2188,6 @@ xmlNodePtr parent; xmlNsPtr last = NULL, ns; const xmlChar *uri, *pref; - xmlChar *lname = NULL; int i, j; if (ctx == NULL) return; @@ -2208,20 +2207,6 @@ } /* - * Take care of the rare case of an undefined namespace prefix - */ - if ((prefix != NULL) && (URI == NULL)) { - if (ctxt->dictNames) { - const xmlChar *fullname; - - fullname = xmlDictQLookup(ctxt->dict, prefix, localname); - if (fullname != NULL) - localname = fullname; - } else { - lname = xmlBuildQName(localname, prefix, NULL, 0); - } - } - /* * allocate the node */ if (ctxt->freeElems != NULL) { @@ -2234,10 +2219,7 @@ if (ctxt->dictNames) ret->name = localname; else { - if (lname == NULL) - ret->name = xmlStrdup(localname); - else - ret->name = lname; + ret->name = xmlStrdup(localname); if (ret->name == NULL) { xmlSAX2ErrMemory(ctxt, "xmlSAX2StartElementNs"); return; @@ -2249,11 +2231,8 @@ if (ctxt->dictNames) ret = xmlNewDocNodeEatName(ctxt->myDoc, NULL, (xmlChar *) localname, NULL); - else if (lname == NULL) - ret = xmlNewDocNode(ctxt->myDoc, NULL, localname, NULL); else - ret = xmlNewDocNodeEatName(ctxt->myDoc, NULL, - (xmlChar *) lname, NULL); + ret = xmlNewDocNode(ctxt->myDoc, NULL, localname, NULL); if (ret == NULL) { xmlSAX2ErrMemory(ctxt, "xmlSAX2StartElementNs"); return; @@ -2360,31 +2339,6 @@ */ if (nb_attributes > 0) { for (j = 0,i = 0;i < nb_attributes;i++,j+=5) { - /* - * Handle the rare case of an undefined atribute prefix - */ - if ((attributes[j+1] != NULL) && (attributes[j+2] == NULL)) { - if (ctxt->dictNames) { - const xmlChar *fullname; - - fullname = xmlDictQLookup(ctxt->dict, attributes[j+1], - attributes[j]); - if (fullname != NULL) { - xmlSAX2AttributeNs(ctxt, fullname, NULL, - attributes[j+3], attributes[j+4]); - continue; - } - } else { - lname = xmlBuildQName(attributes[j], attributes[j+1], - NULL, 0); - if (lname != NULL) { - xmlSAX2AttributeNs(ctxt, lname, NULL, - attributes[j+3], attributes[j+4]); - xmlFree(lname); - continue; - } - } - } xmlSAX2AttributeNs(ctxt, attributes[j], attributes[j+1], attributes[j+3], attributes[j+4]); } Index: result/namespaces/err_7.xml =================================================================== --- result/namespaces/err_7.xml.orig +++ result/namespaces/err_7.xml @@ -1,2 +1,2 @@ <?xml version="1.0"?> -<f:foo/> +<foo/> Index: result/xmlid/id_tst2.xml =================================================================== --- result/xmlid/id_tst2.xml.orig +++ result/xmlid/id_tst2.xml @@ -1,6 +1,6 @@ Object is a Node Set : Set contains 1 nodes: -1 ELEMENT n:foo +1 ELEMENT foo ATTRIBUTE id TEXT content=bar Index: result/xmlid/id_tst3.xml =================================================================== --- result/xmlid/id_tst3.xml.orig +++ result/xmlid/id_tst3.xml @@ -1,6 +1,6 @@ Object is a Node Set : Set contains 1 nodes: -1 ELEMENT f:o:o +1 ELEMENT o:o ATTRIBUTE id TEXT content=bar ++++++ libxml2-2.9.0-CVE-2012-5134.patch ++++++ --- libxml2-2.9.0.orig/parser.c 2012-09-11 06:24:08.000000000 +0200 +++ libxml2-2.9.0/parser.c 2012-12-15 16:12:27.441609871 +0100 @@ -4075,7 +4075,7 @@ goto error; if ((in_space) && (normalize)) { - while (buf[len - 1] == 0x20) len--; + while ((len > 0) && (buf[len - 1] == 0x20)) len--; } buf[len] = 0; if (RAW == '<') { ++++++ libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch ++++++ >From 23f05e0c33987d6605387b300c4be5da2120a7ab Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veill...@redhat.com> Date: Tue, 19 Feb 2013 10:21:49 +0800 Subject: [PATCH] Detect excessive entities expansion upon replacement If entities expansion in the XML parser is asked for, it is possble to craft relatively small input document leading to excessive on-the-fly content generation. This patch accounts for those replacement and stop parsing after a given threshold. it can be bypassed as usual with the HUGE parser option. --- include/libxml/parser.h | 1 + parser.c | 44 ++++++++++++++++++++++++++++++++++++++------ parserInternals.c | 2 ++ 3 files changed, 41 insertions(+), 6 deletions(-) diff --git a/include/libxml/parser.h b/include/libxml/parser.h index e1346e4..3f5730d 100644 --- a/include/libxml/parser.h +++ b/include/libxml/parser.h @@ -310,6 +310,7 @@ struct _xmlParserCtxt { xmlParserNodeInfo *nodeInfoTab; /* array of nodeInfos */ int input_id; /* we need to label inputs */ + unsigned long sizeentcopy; /* volume of entity copy */ }; /** diff --git a/parser.c b/parser.c index 91f8c90..ddf3b5b 100644 --- a/parser.c +++ b/parser.c @@ -122,7 +122,7 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const xmlChar *ID, */ static int xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, - xmlEntityPtr ent) + xmlEntityPtr ent, size_t replacement) { size_t consumed = 0; @@ -130,7 +130,24 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, return (0); if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP) return (1); - if (size != 0) { + if (replacement != 0) { + if (replacement < XML_MAX_TEXT_LENGTH) + return(0); + + /* + * If the volume of entity copy reaches 10 times the + * amount of parsed data and over the large text threshold + * then that's very likely to be an abuse. + */ + if (ctxt->input != NULL) { + consumed = ctxt->input->consumed + + (ctxt->input->cur - ctxt->input->base); + } + consumed += ctxt->sizeentities; + + if (replacement < XML_PARSER_NON_LINEAR * consumed) + return(0); + } else if (size != 0) { /* * Do the check based on the replacement size of the entity */ @@ -176,7 +193,6 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, */ return (0); } - xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); return (1); } @@ -2743,7 +2759,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, while (*current != 0) { /* non input consuming loop */ buffer[nbchars++] = *current++; if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { - if (xmlParserEntityCheck(ctxt, nbchars, ent)) + if (xmlParserEntityCheck(ctxt, nbchars, ent, 0)) goto int_error; growBuffer(buffer, XML_PARSER_BUFFER_SIZE); } @@ -2785,7 +2801,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, while (*current != 0) { /* non input consuming loop */ buffer[nbchars++] = *current++; if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { - if (xmlParserEntityCheck(ctxt, nbchars, ent)) + if (xmlParserEntityCheck(ctxt, nbchars, ent, 0)) goto int_error; growBuffer(buffer, XML_PARSER_BUFFER_SIZE); } @@ -7203,7 +7219,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { xmlFreeNodeList(list); return; } - if (xmlParserEntityCheck(ctxt, 0, ent)) { + if (xmlParserEntityCheck(ctxt, 0, ent, 0)) { xmlFreeNodeList(list); return; } @@ -7361,6 +7377,13 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { xmlNodePtr nw = NULL, cur, firstChild = NULL; /* + * We are copying here, make sure there is no abuse + */ + ctxt->sizeentcopy += ent->length; + if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy)) + return; + + /* * when operating on a reader, the entities definitions * are always owning the entities subtree. if (ctxt->parseMode == XML_PARSE_READER) @@ -7400,6 +7423,14 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { } else if ((list == NULL) || (ctxt->inputNr > 0)) { xmlNodePtr nw = NULL, cur, next, last, firstChild = NULL; + + /* + * We are copying here, make sure there is no abuse + */ + ctxt->sizeentcopy += ent->length; + if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy)) + return; + /* * Copy the entity child list and make it the new * entity child list. The goal is to make sure any @@ -14767,6 +14798,7 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt) ctxt->catalogs = NULL; ctxt->nbentities = 0; ctxt->sizeentities = 0; + ctxt->sizeentcopy = 0; xmlInitNodeInfoSeq(&ctxt->node_seq); if (ctxt->attsDefault != NULL) { diff --git a/parserInternals.c b/parserInternals.c index 02032d5..f8a7041 100644 --- a/parserInternals.c +++ b/parserInternals.c @@ -1719,6 +1719,8 @@ xmlInitParserCtxt(xmlParserCtxtPtr ctxt) ctxt->charset = XML_CHAR_ENCODING_UTF8; ctxt->catalogs = NULL; ctxt->nbentities = 0; + ctxt->sizeentities = 0; + ctxt->sizeentcopy = 0; ctxt->input_id = 1; xmlInitNodeInfoSeq(&ctxt->node_seq); return(0); -- 1.7.10.4 ++++++ libxml2-CVE-2013-1969.patch ++++++ >From de0cc20c29cb3f056062925395e0f68d2250a46f Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veill...@redhat.com> Date: Tue, 12 Feb 2013 08:55:34 +0000 Subject: Fix some buffer conversion issues https://bugzilla.gnome.org/show_bug.cgi?id=690202 Buffer overflow errors originating from xmlBufGetInputBase in 2.9.0 The pointers from the context input were not properly reset after that call which can do reallocations. --- diff --git a/HTMLparser.c b/HTMLparser.c index a533f37..6b83654 100644 --- a/HTMLparser.c +++ b/HTMLparser.c @@ -6054,6 +6054,8 @@ htmlParseChunk(htmlParserCtxtPtr ctxt, const char *chunk, int size, if ((in->encoder != NULL) && (in->buffer != NULL) && (in->raw != NULL)) { int nbchars; + size_t base = xmlBufGetInputBase(in->buffer, ctxt->input); + size_t current = ctxt->input->cur - ctxt->input->base; nbchars = xmlCharEncInput(in); if (nbchars < 0) { @@ -6061,6 +6063,7 @@ htmlParseChunk(htmlParserCtxtPtr ctxt, const char *chunk, int size, "encoder error\n", NULL, NULL); return(XML_ERR_INVALID_ENCODING); } + xmlBufSetInputBaseCur(in->buffer, ctxt->input, base, current); } } } diff --git a/parser.c b/parser.c index 31f90d6..1c99051 100644 --- a/parser.c +++ b/parser.c @@ -12126,7 +12126,7 @@ xmldecl_done: remain = 0; } } - res =xmlParserInputBufferPush(ctxt->input->buf, size, chunk); + res = xmlParserInputBufferPush(ctxt->input->buf, size, chunk); if (res < 0) { ctxt->errNo = XML_PARSER_EOF; ctxt->disableSAX = 1; @@ -12143,6 +12143,8 @@ xmldecl_done: if ((in->encoder != NULL) && (in->buffer != NULL) && (in->raw != NULL)) { int nbchars; + size_t base = xmlBufGetInputBase(in->buffer, ctxt->input); + size_t current = ctxt->input->cur - ctxt->input->base; nbchars = xmlCharEncInput(in); if (nbchars < 0) { @@ -12151,6 +12153,7 @@ xmldecl_done: "xmlParseChunk: encoder error\n"); return(XML_ERR_INVALID_ENCODING); } + xmlBufSetInputBaseCur(in->buffer, ctxt->input, base, current); } } } @@ -12190,7 +12193,14 @@ xmldecl_done: } if ((end_in_lf == 1) && (ctxt->input != NULL) && (ctxt->input->buf != NULL)) { + size_t base = xmlBufGetInputBase(ctxt->input->buf->buffer, + ctxt->input); + size_t current = ctxt->input->cur - ctxt->input->base; + xmlParserInputBufferPush(ctxt->input->buf, 1, "\r"); + + xmlBufSetInputBaseCur(ctxt->input->buf->buffer, ctxt->input, + base, current); } if (terminate) { /* -- cgit v0.9.1 ++++++ libxml2-CVE-2013-2877.patch ++++++ commit e50ba8164eee06461c73cd8abb9b46aa0be81869 Author: Daniel Veillard <veill...@redhat.com> Date: Thu Apr 11 15:54:51 2013 +0800 Improve handling of xmlStopParser() Add a specific parser error Try to stop parsing as quickly as possible Index: libxml2-2.9.0/include/libxml/xmlerror.h =================================================================== --- libxml2-2.9.0.orig/include/libxml/xmlerror.h 2012-09-11 05:52:46.000000000 +0200 +++ libxml2-2.9.0/include/libxml/xmlerror.h 2013-07-11 17:31:26.572747643 +0200 @@ -208,6 +208,7 @@ typedef enum { XML_ERR_UNKNOWN_VERSION, /* 108 */ XML_ERR_VERSION_MISMATCH, /* 109 */ XML_ERR_NAME_TOO_LONG, /* 110 */ + XML_ERR_USER_STOP, /* 111 */ XML_NS_ERR_XML_NAMESPACE = 200, XML_NS_ERR_UNDEFINED_NAMESPACE, /* 201 */ XML_NS_ERR_QNAME, /* 202 */ Index: libxml2-2.9.0/parser.c =================================================================== --- libxml2-2.9.0.orig/parser.c 2013-07-11 17:31:26.566747574 +0200 +++ libxml2-2.9.0/parser.c 2013-07-11 17:31:26.574747666 +0200 @@ -2548,6 +2548,8 @@ xmlParserHandlePEReference(xmlParserCtxt NEXT; if ((ctxt->sax != NULL) && (ctxt->sax->getParameterEntity != NULL)) entity = ctxt->sax->getParameterEntity(ctxt->userData, name); + if (ctxt->instate == XML_PARSER_EOF) + return; if (entity == NULL) { /* @@ -4999,7 +5001,8 @@ get_more: } if (buf != NULL) xmlFree(buf); - ctxt->instate = state; + if (ctxt->instate != XML_PARSER_EOF) + ctxt->instate = state; return; } if (buf != NULL) { @@ -5587,6 +5590,8 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt } } } + if (ctxt->instate == XML_PARSER_EOF) + return; SKIP_BLANKS; if (RAW != '>') { xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED, @@ -7574,6 +7579,8 @@ xmlParseEntityRef(xmlParserCtxtPtr ctxt) ent = xmlSAX2GetEntity(ctxt, name); } } + if (ctxt->instate == XML_PARSER_EOF) + return(NULL); /* * [ WFC: Entity Declared ] * In a document without any DTD, a document with only an @@ -7764,6 +7771,10 @@ xmlParseStringEntityRef(xmlParserCtxtPtr ent = xmlSAX2GetEntity(ctxt, name); } } + if (ctxt->instate == XML_PARSER_EOF) { + xmlFree(name); + return; + } /* * [ WFC: Entity Declared ] @@ -7925,8 +7936,9 @@ xmlParsePEReference(xmlParserCtxtPtr ctx */ if ((ctxt->sax != NULL) && (ctxt->sax->getParameterEntity != NULL)) - entity = ctxt->sax->getParameterEntity(ctxt->userData, - name); + entity = ctxt->sax->getParameterEntity(ctxt->userData, name); + if (ctxt->instate == XML_PARSER_EOF) + return; if (entity == NULL) { /* * [ WFC: Entity Declared ] @@ -8163,8 +8175,11 @@ xmlParseStringPEReference(xmlParserCtxtP */ if ((ctxt->sax != NULL) && (ctxt->sax->getParameterEntity != NULL)) - entity = ctxt->sax->getParameterEntity(ctxt->userData, - name); + entity = ctxt->sax->getParameterEntity(ctxt->userData, name); + if (ctxt->instate == XML_PARSER_EOF) { + xmlFree(name); + return; + } if (entity == NULL) { /* * [ WFC: Entity Declared ] @@ -8266,6 +8281,8 @@ xmlParseDocTypeDecl(xmlParserCtxtPtr ctx if ((ctxt->sax != NULL) && (ctxt->sax->internalSubset != NULL) && (!ctxt->disableSAX)) ctxt->sax->internalSubset(ctxt->userData, name, ExternalID, URI); + if (ctxt->instate == XML_PARSER_EOF) + return; /* * Is there any internal subset declarations ? @@ -10024,6 +10041,8 @@ xmlParseElement(xmlParserCtxtPtr ctxt) { * Parse the content of the element: */ xmlParseContent(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + return; if (!IS_BYTE_CHAR(RAW)) { xmlFatalErrMsgStrIntStr(ctxt, XML_ERR_TAG_NOT_FINISHED, "Premature end of data in tag %s line %d\n", @@ -10596,6 +10615,8 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) */ if ((ctxt->sax) && (ctxt->sax->setDocumentLocator)) ctxt->sax->setDocumentLocator(ctxt->userData, &xmlDefaultSAXLocator); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); if ((ctxt->encoding == NULL) && ((ctxt->input->end - ctxt->input->cur) >= 4)) { @@ -10647,6 +10668,8 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) } if ((ctxt->sax) && (ctxt->sax->startDocument) && (!ctxt->disableSAX)) ctxt->sax->startDocument(ctxt->userData); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); /* * The Misc part of the Prolog @@ -10666,6 +10689,8 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) if (RAW == '[') { ctxt->instate = XML_PARSER_DTD; xmlParseInternalSubset(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); } /* @@ -10676,6 +10701,8 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) (!ctxt->disableSAX)) ctxt->sax->externalSubset(ctxt->userData, ctxt->intSubName, ctxt->extSubSystem, ctxt->extSubURI); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); ctxt->inSubset = 0; xmlCleanSpecialAttr(ctxt); @@ -10816,6 +10843,8 @@ xmlParseExtParsedEnt(xmlParserCtxtPtr ct } if ((ctxt->sax) && (ctxt->sax->startDocument) && (!ctxt->disableSAX)) ctxt->sax->startDocument(ctxt->userData); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); /* * Doing validity checking on chunk doesn't make sense @@ -10826,6 +10855,8 @@ xmlParseExtParsedEnt(xmlParserCtxtPtr ct ctxt->depth = 0; xmlParseContent(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + return(-1); if ((RAW == '<') && (NXT(1) == '/')) { xmlFatalErr(ctxt, XML_ERR_NOT_WELL_BALANCED, NULL); @@ -11133,7 +11164,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx } xmlParseGetLasts(ctxt, &lastlt, &lastgt); - while (1) { + while (ctxt->instate != XML_PARSER_EOF) { if ((ctxt->errNo != XML_ERR_OK) && (ctxt->disableSAX == 1)) return(0); @@ -11369,6 +11400,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx ctxt->sax->endElement(ctxt->userData, name); #endif /* LIBXML_SAX1_ENABLED */ } + if (ctxt->instate == XML_PARSER_EOF) + goto done; spacePop(ctxt); if (ctxt->nameNr == 0) { ctxt->instate = XML_PARSER_EPILOG; @@ -11559,6 +11592,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx ctxt->sax->characters(ctxt->userData, ctxt->input->cur, tmp); } + if (ctxt->instate == XML_PARSER_EOF) + goto done; SKIPL(tmp); ctxt->checkIndex = 0; } @@ -11594,6 +11629,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx ctxt->sax->characters(ctxt->userData, ctxt->input->cur, base); } + if (ctxt->instate == XML_PARSER_EOF) + goto done; SKIPL(base + 3); ctxt->checkIndex = 0; ctxt->instate = XML_PARSER_CONTENT; @@ -11627,6 +11664,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing PI\n"); #endif xmlParsePI(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_MISC; ctxt->progressive = 1; ctxt->checkIndex = 0; @@ -11643,6 +11682,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing Comment\n"); #endif xmlParseComment(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_MISC; ctxt->progressive = 1; ctxt->checkIndex = 0; @@ -11667,6 +11708,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx ctxt->progressive = 1; ctxt->checkIndex = 0; xmlParseDocTypeDecl(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; if (RAW == '[') { ctxt->instate = XML_PARSER_DTD; #ifdef DEBUG_PUSH @@ -11726,6 +11769,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing PI\n"); #endif xmlParsePI(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_PROLOG; ctxt->progressive = 1; } else if ((cur == '<') && (next == '!') && @@ -11740,6 +11785,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing Comment\n"); #endif xmlParseComment(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_PROLOG; ctxt->progressive = 1; } else if ((cur == '<') && (next == '!') && @@ -11778,6 +11825,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing PI\n"); #endif xmlParsePI(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_EPILOG; ctxt->progressive = 1; } else if ((cur == '<') && (next == '!') && @@ -11792,6 +11841,8 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctx "PP: Parsing Comment\n"); #endif xmlParseComment(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_EPILOG; ctxt->progressive = 1; } else if ((cur == '<') && (next == '!') && @@ -11922,6 +11973,8 @@ not_end_of_int_subset: found_end_int_subset: ctxt->checkIndex = 0; xmlParseInternalSubset(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->inSubset = 2; if ((ctxt->sax != NULL) && (!ctxt->disableSAX) && (ctxt->sax->externalSubset != NULL)) @@ -11929,6 +11982,8 @@ found_end_int_subset: ctxt->extSubSystem, ctxt->extSubURI); ctxt->inSubset = 0; xmlCleanSpecialAttr(ctxt); + if (ctxt->instate == XML_PARSER_EOF) + goto done; ctxt->instate = XML_PARSER_PROLOG; ctxt->checkIndex = 0; #ifdef DEBUG_PUSH @@ -12205,6 +12260,9 @@ xmldecl_done: avail - old_avail))) xmlParseTryOrFinish(ctxt, terminate); } + if (ctxt->instate == XML_PARSER_EOF) + return(ctxt->errNo); + if ((ctxt->input != NULL) && (((ctxt->input->end - ctxt->input->cur) > XML_MAX_LOOKUP_LIMIT) || ((ctxt->input->cur - ctxt->input->base) > XML_MAX_LOOKUP_LIMIT)) && @@ -12405,6 +12463,7 @@ xmlStopParser(xmlParserCtxtPtr ctxt) { if (ctxt == NULL) return; ctxt->instate = XML_PARSER_EOF; + ctxt->errNo = XML_ERR_USER_STOP; ctxt->disableSAX = 1; if (ctxt->input != NULL) { ctxt->input->cur = BAD_CAST""; ++++++ libxml2-CVE-2014-0191.patch ++++++ >From 9cd1c3cfbd32655d60572c0a413e017260c854df Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veill...@redhat.com> Date: Tue, 22 Apr 2014 15:30:56 +0800 Subject: Do not fetch external parameter entities Unless explicitely asked for when validating or replacing entities with their value. Problem pointed out by Daniel Berrange <berra...@redhat.com> >From 7c3c663e4f844aaecbb0cfc29567fe2ee9506fc4 Mon Sep 17 00:00:00 2001 From: Alexandre Rostovtsev <tetrom...@gentoo.org> Date: Fri, 16 May 2014 22:46:00 -0400 Subject: [PATCH] xmllint: a posteriori validation needs to load exernal entities For https://bugzilla.gnome.org/show_bug.cgi?id=730290 Index: libxml2-2.9.1/parser.c =================================================================== --- libxml2-2.9.1.orig/parser.c 2013-04-16 15:39:18.000000000 +0200 +++ libxml2-2.9.1/parser.c 2014-05-23 11:26:43.344897186 +0200 @@ -2595,6 +2595,20 @@ xmlParserHandlePEReference(xmlParserCtxt xmlCharEncoding enc; /* + * Note: external parsed entities will not be loaded, it is + * not required for a non-validating parser, unless the + * option of validating, or substituting entities were + * given. Doing so is far more secure as the parser will + * only process data coming from the document entity by + * default. + */ + if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && + ((ctxt->options & XML_PARSE_NOENT) == 0) && + ((ctxt->options & XML_PARSE_DTDVALID) == 0) && + (ctxt->validate == 0)) + return; + + /* * handle the extra spaces added before and after * c.f. http://www.w3.org/TR/REC-xml#as-PE * this is done independently. Index: libxml2-2.9.1/xmllint.c =================================================================== --- libxml2-2.9.1.orig/xmllint.c 2013-03-27 04:31:47.000000000 +0100 +++ libxml2-2.9.1/xmllint.c 2014-05-23 11:26:43.344897186 +0200 @@ -3505,7 +3505,12 @@ main(int argc, char **argv) { xmlLoadExtDtdDefaultValue |= XML_COMPLETE_ATTRS; if (noent != 0) xmlSubstituteEntitiesDefault(1); #ifdef LIBXML_VALID_ENABLED - if (valid != 0) xmlDoValidityCheckingDefaultValue = 1; + /* If we will validate only a posteriori, ensure that entities get loaded, + * but suppress validation messages during initial parsing */ + if (postvalid != 0 && valid == 0) + options |= XML_PARSE_DTDVALID | XML_PARSE_NOERROR | XML_PARSE_NOWARNING; + else if (valid != 0) + xmlDoValidityCheckingDefaultValue = 1; #endif /* LIBXML_VALID_ENABLED */ if ((htmlout) && (!nowrap)) { xmlGenericError(xmlGenericErrorContext, -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
