Hello community,
here is the log from the commit of package libxml2 for openSUSE:11.3
checked in at Wed Jun 29 21:56:37 CEST 2011.
--------
--- old-versions/11.3/UPDATES/all/libxml2/libxml2.changes 2011-01-03
11:04:07.000000000 +0100
+++ 11.3/libxml2/libxml2.changes 2011-06-29 14:10:59.000000000 +0200
@@ -1,0 +2,5 @@
+Wed Jun 29 09:12:08 UTC 2011 - pu...@novell.com
+
+- add libxml2-CVE-2011-1944.patch (bnc#697372)
+
+-------------------------------------------------------------------
calling whatdependson for 11.3-i586
New:
----
libxml2-CVE-2011-1944.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libxml2-python.spec ++++++
--- /var/tmp/diff_new_pack.jjA24v/_old 2011-06-29 21:56:12.000000000 +0200
+++ /var/tmp/diff_new_pack.jjA24v/_new 2011-06-29 21:56:12.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package libxml2-python (Version 2.7.7)
+# spec file for package libxml2-python
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -25,7 +25,7 @@
AutoReqProv: on
Summary: Python Bindings for libxml2
Version: 2.7.7
-Release: 4.<RELEASE2>
+Release: 4.<RELEASE4>
Source: libxml2-%{version}.tar.bz2
Source1: libxml2-python-rpmlintrc
%py_requires
++++++ libxml2.spec ++++++
--- /var/tmp/diff_new_pack.jjA24v/_old 2011-06-29 21:56:12.000000000 +0200
+++ /var/tmp/diff_new_pack.jjA24v/_new 2011-06-29 21:56:12.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package libxml2 (Version 2.7.7)
+# spec file for package libxml2
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -25,11 +25,12 @@
Summary: A Library to Manipulate XML Files
Url: http://xmlsoft.org
Version: 2.7.7
-Release: 4.<RELEASE4>
+Release: 4.<RELEASE7>
Source: %{name}-%{version}.tar.bz2
Source2: baselibs.conf
Patch1: libxml2-xpath-ns-attr-axis.patch
Patch2: libxml2-CVE-2010-4494.patch
+Patch3: libxml2-CVE-2011-1944.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# bug437293
%ifarch ppc64
@@ -103,6 +104,7 @@
%setup -q
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%build
%configure \
++++++ libxml2-CVE-2011-1944.patch ++++++
>From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001
From: Chris Evans <scarybea...@gmail.com>
Date: Wed, 23 Mar 2011 08:13:06 +0800
Subject: [PATCH] Fix some potential problems on reallocation failures
The count was incremented before the allocation
and not fixed in case of failure
* xpath.c: corrects a few instances where the available count of some
structure is updated before we know the allocation actually
succeeds
Signed-off-by: Petr Uzel <petr.u...@suse.cz>
---
xpath.c | 20 ++++++++++----------
1 files changed, 10 insertions(+), 10 deletions(-)
Index: libxml2-2.7.7/xpath.c
===================================================================
--- libxml2-2.7.7.orig/xpath.c
+++ libxml2-2.7.7/xpath.c
@@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur,
} else if (cur->nodeNr == cur->nodeMax) {
xmlNodePtr *temp;
- cur->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "growing nodeset\n");
return;
}
+ cur->nodeMax *= 2;
cur->nodeTab = temp;
}
cur->nodeTab[cur->nodeNr++] = xmlXPathNodeSetDupNs(node, ns);
@@ -3575,13 +3575,13 @@ xmlXPathNodeSetAdd(xmlNodeSetPtr cur, xm
} else if (cur->nodeNr == cur->nodeMax) {
xmlNodePtr *temp;
- cur->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "growing nodeset\n");
return;
}
+ cur->nodeMax *= 2;
cur->nodeTab = temp;
}
if (val->type == XML_NAMESPACE_DECL) {
@@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr c
} else if (cur->nodeNr == cur->nodeMax) {
xmlNodePtr *temp;
- cur->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "growing nodeset\n");
return;
}
cur->nodeTab = temp;
+ cur->nodeMax *= 2;
}
if (val->type == XML_NAMESPACE_DECL) {
xmlNsPtr ns = (xmlNsPtr) val;
@@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1,
} else if (val1->nodeNr == val1->nodeMax) {
xmlNodePtr *temp;
- val1->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax *
+ temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 *
sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "merging nodeset\n");
return(NULL);
}
val1->nodeTab = temp;
+ val1->nodeMax *= 2;
}
if (n2->type == XML_NAMESPACE_DECL) {
xmlNsPtr ns = (xmlNsPtr) n2;
@@ -3907,14 +3907,14 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetP
} else if (set1->nodeNr >= set1->nodeMax) {
xmlNodePtr *temp;
- set1->nodeMax *= 2;
temp = (xmlNodePtr *) xmlRealloc(
- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));
+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "merging nodeset\n");
return(NULL);
}
set1->nodeTab = temp;
+ set1->nodeMax *= 2;
}
if (n2->type == XML_NAMESPACE_DECL) {
xmlNsPtr ns = (xmlNsPtr) n2;
@@ -3991,14 +3991,14 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlN
} else if (set1->nodeNr >= set1->nodeMax) {
xmlNodePtr *temp;
- set1->nodeMax *= 2;
temp = (xmlNodePtr *) xmlRealloc(
- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));
+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, "merging nodeset\n");
return(NULL);
}
set1->nodeTab = temp;
+ set1->nodeMax *= 2;
}
set1->nodeTab[set1->nodeNr++] = n2;
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
