commit libexpat0 for openSUSE:Factory
Hello community, here is the log from the commit of package libexpat0 for openSUSE:Factory checked in at Wed Feb 24 02:16:11 CET 2010. -------- --- libexpat0/libexpat0.changes 2010-02-01 12:29:24.000000000 +0100 +++ /mounts/work_src_done/STABLE/libexpat0/libexpat0.changes 2010-02-19 15:13:29.000000000 +0100 @@ -1,0 +2,6 @@ +Fri Feb 19 14:08:46 UTC 2010 - prusnak@suse.cz + +- fix CVE-2009-2625 [bnc#550664] +- fix CVE-2009-3560 [bnc#566434] + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- expat-CVE-2009-2625.patch expat-CVE-2009-3560.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libexpat0.spec ++++++ --- /var/tmp/diff_new_pack.UaCItm/_old 2010-02-24 02:16:03.000000000 +0100 +++ /var/tmp/diff_new_pack.UaCItm/_new 2010-02-24 02:16:03.000000000 +0100 @@ -20,7 +20,7 @@ Name: libexpat0 Version: 1.95.8 -Release: 101 +Release: 102 Group: Development/Libraries/C and C++ License: GPLv2+ ; Apache Software License .. ; MIT License (or similar) Url: http://expat.sourceforge.net/ @@ -28,6 +28,8 @@ Source0: expat-%{version}.tar.bz2 Source1: baselibs.conf Patch0: expat-%version.diff +Patch1: expat-CVE-2009-2625.patch +Patch2: expat-CVE-2009-3560.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -62,6 +64,8 @@ %prep %setup -q -n expat-%version %patch0 +%patch1 +%patch2 %build CFLAGS="$RPM_OPT_FLAGS" \ ++++++ expat-CVE-2009-2625.patch ++++++ http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15 Index: lib/xmltok_impl.c =================================================================== --- lib/xmltok_impl.c.orig +++ lib/xmltok_impl.c @@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \ ++++++ expat-CVE-2009-3560.patch ++++++ http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166&view=patch Index: lib/xmlparse.c =================================================================== --- lib/xmlparse.c.orig +++ lib/xmlparse.c @@ -3615,6 +3615,9 @@ doProlog(XML_Parser parser, return XML_ERROR_UNCLOSED_TOKEN; case XML_TOK_PARTIAL_CHAR: return XML_ERROR_PARTIAL_CHAR; + case -XML_TOK_PROLOG_S: + tok = -tok; + break; case XML_TOK_NONE: #ifdef XML_DTD /* for internal PE NOT referenced between declarations */ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de