Hello community, here is the log from the commit of package libxml2 for openSUSE:11.3 checked in at Wed Jun 29 21:56:37 CEST 2011.
-------- --- old-versions/11.3/UPDATES/all/libxml2/libxml2.changes 2011-01-03 11:04:07.000000000 +0100 +++ 11.3/libxml2/libxml2.changes 2011-06-29 14:10:59.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Jun 29 09:12:08 UTC 2011 - pu...@novell.com + +- add libxml2-CVE-2011-1944.patch (bnc#697372) + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 New: ---- libxml2-CVE-2011-1944.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxml2-python.spec ++++++ --- /var/tmp/diff_new_pack.jjA24v/_old 2011-06-29 21:56:12.000000000 +0200 +++ /var/tmp/diff_new_pack.jjA24v/_new 2011-06-29 21:56:12.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package libxml2-python (Version 2.7.7) +# spec file for package libxml2-python # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -25,7 +25,7 @@ AutoReqProv: on Summary: Python Bindings for libxml2 Version: 2.7.7 -Release: 4.<RELEASE2> +Release: 4.<RELEASE4> Source: libxml2-%{version}.tar.bz2 Source1: libxml2-python-rpmlintrc %py_requires ++++++ libxml2.spec ++++++ --- /var/tmp/diff_new_pack.jjA24v/_old 2011-06-29 21:56:12.000000000 +0200 +++ /var/tmp/diff_new_pack.jjA24v/_new 2011-06-29 21:56:12.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package libxml2 (Version 2.7.7) +# spec file for package libxml2 # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -25,11 +25,12 @@ Summary: A Library to Manipulate XML Files Url: http://xmlsoft.org Version: 2.7.7 -Release: 4.<RELEASE4> +Release: 4.<RELEASE7> Source: %{name}-%{version}.tar.bz2 Source2: baselibs.conf Patch1: libxml2-xpath-ns-attr-axis.patch Patch2: libxml2-CVE-2010-4494.patch +Patch3: libxml2-CVE-2011-1944.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build # bug437293 %ifarch ppc64 @@ -103,6 +104,7 @@ %setup -q %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build %configure \ ++++++ libxml2-CVE-2011-1944.patch ++++++ >From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001 From: Chris Evans <scarybea...@gmail.com> Date: Wed, 23 Mar 2011 08:13:06 +0800 Subject: [PATCH] Fix some potential problems on reallocation failures The count was incremented before the allocation and not fixed in case of failure * xpath.c: corrects a few instances where the available count of some structure is updated before we know the allocation actually succeeds Signed-off-by: Petr Uzel <petr.u...@suse.cz> --- xpath.c | 20 ++++++++++---------- 1 files changed, 10 insertions(+), 10 deletions(-) Index: libxml2-2.7.7/xpath.c =================================================================== --- libxml2-2.7.7.orig/xpath.c +++ libxml2-2.7.7/xpath.c @@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur, } else if (cur->nodeNr == cur->nodeMax) { xmlNodePtr *temp; - cur->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * + temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "growing nodeset\n"); return; } + cur->nodeMax *= 2; cur->nodeTab = temp; } cur->nodeTab[cur->nodeNr++] = xmlXPathNodeSetDupNs(node, ns); @@ -3575,13 +3575,13 @@ xmlXPathNodeSetAdd(xmlNodeSetPtr cur, xm } else if (cur->nodeNr == cur->nodeMax) { xmlNodePtr *temp; - cur->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * + temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "growing nodeset\n"); return; } + cur->nodeMax *= 2; cur->nodeTab = temp; } if (val->type == XML_NAMESPACE_DECL) { @@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr c } else if (cur->nodeNr == cur->nodeMax) { xmlNodePtr *temp; - cur->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * + temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "growing nodeset\n"); return; } cur->nodeTab = temp; + cur->nodeMax *= 2; } if (val->type == XML_NAMESPACE_DECL) { xmlNsPtr ns = (xmlNsPtr) val; @@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1, } else if (val1->nodeNr == val1->nodeMax) { xmlNodePtr *temp; - val1->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * + temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "merging nodeset\n"); return(NULL); } val1->nodeTab = temp; + val1->nodeMax *= 2; } if (n2->type == XML_NAMESPACE_DECL) { xmlNsPtr ns = (xmlNsPtr) n2; @@ -3907,14 +3907,14 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetP } else if (set1->nodeNr >= set1->nodeMax) { xmlNodePtr *temp; - set1->nodeMax *= 2; temp = (xmlNodePtr *) xmlRealloc( - set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); + set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "merging nodeset\n"); return(NULL); } set1->nodeTab = temp; + set1->nodeMax *= 2; } if (n2->type == XML_NAMESPACE_DECL) { xmlNsPtr ns = (xmlNsPtr) n2; @@ -3991,14 +3991,14 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlN } else if (set1->nodeNr >= set1->nodeMax) { xmlNodePtr *temp; - set1->nodeMax *= 2; temp = (xmlNodePtr *) xmlRealloc( - set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); + set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); if (temp == NULL) { xmlXPathErrMemory(NULL, "merging nodeset\n"); return(NULL); } set1->nodeTab = temp; + set1->nodeMax *= 2; } set1->nodeTab[set1->nodeNr++] = n2; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org