Hello community, here is the log from the commit of package expat for openSUSE:Factory checked in at Fri Jan 8 17:30:04 CET 2010. -------- --- expat/expat.changes 2009-12-04 15:44:16.000000000 +0100 +++ /mounts/work_src_done/STABLE/expat/expat.changes 2010-01-08 15:07:45.000000000 +0100 @@ -1,0 +2,10 @@ +Fri Jan 8 15:04:28 CET 2010 - prusnak@suse.cz + +- fix CVE-2009-3560.patch [bnc#566434] + +------------------------------------------------------------------- +Sun Dec 13 19:28:22 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source + +------------------------------------------------------------------- calling whatdependson for head-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.AxGZXV/_old 2010-01-08 17:29:47.000000000 +0100 +++ /var/tmp/diff_new_pack.AxGZXV/_new 2010-01-08 17:29:47.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package expat (Version 2.0.1) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ Name: expat Version: 2.0.1 -Release: 92 +Release: 93 Group: Development/Libraries/C and C++ License: MIT License (or similar) Url: http://expat.sourceforge.net/ @@ -32,6 +32,7 @@ Summary: XML Parser Toolkit Source0: %{name}-%{version}.tar.bz2 Source1: %{name}faq.html +Source2: baselibs.conf Patch0: %{name}-CVE-2009-2625.patch Patch1: %{name}-CVE-2009-3560.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ expat-CVE-2009-3560.patch ++++++ --- /var/tmp/diff_new_pack.AxGZXV/_old 2010-01-08 17:29:47.000000000 +0100 +++ /var/tmp/diff_new_pack.AxGZXV/_new 2010-01-08 17:29:47.000000000 +0100 @@ -1,14 +1,16 @@ -http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165 +http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166&view=patch Index: lib/xmlparse.c =================================================================== --- lib/xmlparse.c.orig +++ lib/xmlparse.c -@@ -3725,7 +3725,6 @@ doProlog(XML_Parser parser, - return XML_ERROR_NO_ELEMENTS; - default: - tok = -tok; -- next = end; - break; - } - } +@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org