[arch-commits] Commit in expat/trunk (2 files)
Date: Sunday, June 18, 2017 @ 10:38:54
Author: bpiotrowski
Revision: 298955
2.2.1-1: new upstream patches
Modified:
expat/trunk/PKGBUILD
Deleted:
expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch
+
PKGBUILD | 21 +++--
expat-2.2.0-CVE-2016-0718-regression.patch | 27 ---
2 files changed, 7 insertions(+), 41 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2017-06-18 09:16:47 UTC (rev 298954)
+++ PKGBUILD2017-06-18 10:38:54 UTC (rev 298955)
@@ -4,23 +4,16 @@
# Contributor: Judd Vinet
pkgname=expat
-pkgver=2.2.0
-pkgrel=2
+pkgver=2.2.1
+pkgrel=1
pkgdesc='An XML parser library'
-arch=('i686' 'x86_64')
+arch=(i686 x86_64)
url='http://expat.sourceforge.net/'
-license=('custom')
-depends=('glibc')
-source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
-expat-2.2.0-CVE-2016-0718-regression.patch)
-md5sums=('2f47841c829facb346eb6e3fab5212e2'
- 'dda0b42ed32491577d0b5fb6bf0963be')
+license=(custom)
+depends=(glibc)
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2)
+md5sums=('d9c3baeab58774cefc2f04faf29f2cf8')
-prepare() {
- cd $pkgname-$pkgver
- patch -p2 -i "$srcdir"/expat-2.2.0-CVE-2016-0718-regression.patch
-}
-
build() {
cd $pkgname-$pkgver
./configure --prefix=/usr
Deleted: expat-2.2.0-CVE-2016-0718-regression.patch
===
--- expat-2.2.0-CVE-2016-0718-regression.patch 2017-06-18 09:16:47 UTC (rev
298954)
+++ expat-2.2.0-CVE-2016-0718-regression.patch 2017-06-18 10:38:54 UTC (rev
298955)
@@ -1,27 +0,0 @@
-From 3e6190e433479e56f8c1e5adc1198b3c86b15577 Mon Sep 17 00:00:00 2001
-From: Sebastian Pipping
-Date: Sun, 17 Jul 2016 20:22:29 +0200
-Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718 (bug
- #539)
-
-Tag names were cut off in some cases; reported by Andy Wang
- expat/lib/xmlparse.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
-index 13e080d..2630310 100644
a/expat/lib/xmlparse.c
-+++ b/expat/lib/xmlparse.c
-@@ -2430,7 +2430,7 @@ doContent(XML_Parser parser,
-&fromPtr, rawNameEnd,
-(ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
- convLen = (int)(toPtr - (XML_Char *)tag->buf);
--if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
-+if ((fromPtr >= rawNameEnd) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
- tag->name.strLen = convLen;
- break;
- }
---
-2.9.2
-
[arch-commits] Commit in expat/trunk (2 files)
Date: Friday, August 5, 2016 @ 21:29:38
Author: bpiotrowski
Revision: 273350
upgpkg: expat 2.2.0-2
Fix for CVE-2016-0718 introduced a regression where tag names could be served
truncated to the dependent applications, unlike before. It has no security
implications; it just nice to have fixed.
Added:
expat/trunk/expat-2.2.0-CVE-2016-0718-regression.patch
Modified:
expat/trunk/PKGBUILD
+
PKGBUILD | 13 ++---
expat-2.2.0-CVE-2016-0718-regression.patch | 27 +++
2 files changed, 37 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2016-08-05 21:11:25 UTC (rev 273349)
+++ PKGBUILD2016-08-05 21:29:38 UTC (rev 273350)
@@ -5,15 +5,22 @@
pkgname=expat
pkgver=2.2.0
-pkgrel=1
+pkgrel=2
pkgdesc='An XML parser library'
arch=('i686' 'x86_64')
url='http://expat.sourceforge.net/'
license=('custom')
depends=('glibc')
-source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2)
-md5sums=('2f47841c829facb346eb6e3fab5212e2')
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
+expat-2.2.0-CVE-2016-0718-regression.patch)
+md5sums=('2f47841c829facb346eb6e3fab5212e2'
+ 'dda0b42ed32491577d0b5fb6bf0963be')
+prepare() {
+ cd $pkgname-$pkgver
+ patch -p2 -i "$srcdir"/expat-2.2.0-CVE-2016-0718-regression.patch
+}
+
build() {
cd $pkgname-$pkgver
./configure --prefix=/usr
Added: expat-2.2.0-CVE-2016-0718-regression.patch
===
--- expat-2.2.0-CVE-2016-0718-regression.patch (rev 0)
+++ expat-2.2.0-CVE-2016-0718-regression.patch 2016-08-05 21:29:38 UTC (rev
273350)
@@ -0,0 +1,27 @@
+From 3e6190e433479e56f8c1e5adc1198b3c86b15577 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping
+Date: Sun, 17 Jul 2016 20:22:29 +0200
+Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718 (bug
+ #539)
+
+Tag names were cut off in some cases; reported by Andy Wang
+---
+ expat/lib/xmlparse.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 13e080d..2630310 100644
+--- a/expat/lib/xmlparse.c
b/expat/lib/xmlparse.c
+@@ -2430,7 +2430,7 @@ doContent(XML_Parser parser,
+&fromPtr, rawNameEnd,
+(ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
+ convLen = (int)(toPtr - (XML_Char *)tag->buf);
+-if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
++if ((fromPtr >= rawNameEnd) || (convert_res ==
XML_CONVERT_INPUT_INCOMPLETE)) {
+ tag->name.strLen = convLen;
+ break;
+ }
+--
+2.9.2
+
[arch-commits] Commit in expat/trunk (2 files)
Date: Wednesday, July 6, 2016 @ 18:24:34
Author: jgc
Revision: 271096
Remove patch, revert pkgrel as -1 is what is in core, -2 was pulled
Modified:
expat/trunk/PKGBUILD
Deleted:
expat/trunk/expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
--+
PKGBUILD |8 --
expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283 | 37
--
2 files changed, 3 insertions(+), 42 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2016-07-06 18:06:57 UTC (rev 271095)
+++ PKGBUILD2016-07-06 18:24:34 UTC (rev 271096)
@@ -5,16 +5,14 @@
pkgname=expat
pkgver=2.2.0
-pkgrel=2
+pkgrel=1
pkgdesc='An XML parser library'
arch=('i686' 'x86_64')
url='http://expat.sourceforge.net/'
license=('custom')
depends=('glibc')
-source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
-expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283)
-md5sums=('2f47841c829facb346eb6e3fab5212e2'
- '216b1b11e155b11a84f11149bc476d30')
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2)
+md5sums=('2f47841c829facb346eb6e3fab5212e2')
build() {
cd $pkgname-$pkgver
Deleted: expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
===
--- expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
2016-07-06 18:06:57 UTC (rev 271095)
+++ expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
2016-07-06 18:24:34 UTC (rev 271096)
@@ -1,37 +0,0 @@
-From f0bec73b018caa07d3e75ec8dd967f3785d71bde Mon Sep 17 00:00:00 2001
-From: Pascal Cuoq
-Date: Sun, 15 May 2016 09:05:46 +0200
-Subject: [PATCH] Avoid relying on undefined behavior in CVE-2015-1283 fix. It
- does not really work: https://godbolt.org/g/Zl8gdF
-
- expat/lib/xmlparse.c | 6 --
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
-index 7586b24..620a820 100644
a/expat/lib/xmlparse.c
-+++ b/expat/lib/xmlparse.c
-@@ -1730,7 +1730,8 @@ XML_GetBuffer(XML_Parser parser, int len)
- #ifdef XML_CONTEXT_BYTES
- int keep;
- #endif /* defined XML_CONTEXT_BYTES */
--int neededSize = len + (int)(bufferEnd - bufferPtr);
-+/* Do not invoke signed arithmetic overflow: */
-+int neededSize = (int) ((unsigned)len + (unsigned)(bufferEnd -
bufferPtr));
- if (neededSize < 0) {
- errorCode = XML_ERROR_NO_MEMORY;
- return NULL;
-@@ -1761,7 +1762,8 @@ XML_GetBuffer(XML_Parser parser, int len)
- if (bufferSize == 0)
- bufferSize = INIT_BUFFER_SIZE;
- do {
--bufferSize *= 2;
-+/* Do not invoke signed arithmetic overflow: */
-+bufferSize = (int) (2U * (unsigned) bufferSize);
- } while (bufferSize < neededSize && bufferSize > 0);
- if (bufferSize <= 0) {
- errorCode = XML_ERROR_NO_MEMORY;
---
-2.9.0
-
[arch-commits] Commit in expat/trunk (2 files)
Date: Monday, July 4, 2016 @ 19:46:18
Author: bpiotrowski
Revision: 270943
upgpkg: expat 2.2.0-1
There is a possibility that fix for CVE-2015-1283 could have been
optimized by gcc. Applied patch fixes that. (CVE-2016-4472)
Added:
expat/trunk/expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
Modified:
expat/trunk/PKGBUILD
--+
PKGBUILD |6 +
expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283 | 37
++
2 files changed, 41 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2016-07-04 19:20:37 UTC (rev 270942)
+++ PKGBUILD2016-07-04 19:46:18 UTC (rev 270943)
@@ -11,8 +11,10 @@
url='http://expat.sourceforge.net/'
license=('custom')
depends=('glibc')
-source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2)
-md5sums=('2f47841c829facb346eb6e3fab5212e2')
+source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
+expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283)
+md5sums=('2f47841c829facb346eb6e3fab5212e2'
+ '216b1b11e155b11a84f11149bc476d30')
build() {
cd $pkgname-$pkgver
Added: expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
===
--- expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
(rev 0)
+++ expat-2.2.0-Avoid-relying-on-undefined-behavior-in-CVE-2015-1283
2016-07-04 19:46:18 UTC (rev 270943)
@@ -0,0 +1,37 @@
+From f0bec73b018caa07d3e75ec8dd967f3785d71bde Mon Sep 17 00:00:00 2001
+From: Pascal Cuoq
+Date: Sun, 15 May 2016 09:05:46 +0200
+Subject: [PATCH] Avoid relying on undefined behavior in CVE-2015-1283 fix. It
+ does not really work: https://godbolt.org/g/Zl8gdF
+
+---
+ expat/lib/xmlparse.c | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 7586b24..620a820 100644
+--- a/expat/lib/xmlparse.c
b/expat/lib/xmlparse.c
+@@ -1730,7 +1730,8 @@ XML_GetBuffer(XML_Parser parser, int len)
+ #ifdef XML_CONTEXT_BYTES
+ int keep;
+ #endif /* defined XML_CONTEXT_BYTES */
+-int neededSize = len + (int)(bufferEnd - bufferPtr);
++/* Do not invoke signed arithmetic overflow: */
++int neededSize = (int) ((unsigned)len + (unsigned)(bufferEnd -
bufferPtr));
+ if (neededSize < 0) {
+ errorCode = XML_ERROR_NO_MEMORY;
+ return NULL;
+@@ -1761,7 +1762,8 @@ XML_GetBuffer(XML_Parser parser, int len)
+ if (bufferSize == 0)
+ bufferSize = INIT_BUFFER_SIZE;
+ do {
+-bufferSize *= 2;
++/* Do not invoke signed arithmetic overflow: */
++bufferSize = (int) (2U * (unsigned) bufferSize);
+ } while (bufferSize < neededSize && bufferSize > 0);
+ if (bufferSize <= 0) {
+ errorCode = XML_ERROR_NO_MEMORY;
+--
+2.9.0
+
[arch-commits] Commit in expat/trunk (2 files)
Date: Saturday, June 4, 2016 @ 23:59:08
Author: bpiotrowski
Revision: 268963
upgpkg: expat 2.1.1-3
backport fixes for CVE-2012-6702 and CVE-2016-5300
Added:
expat/trunk/cve-2012-6702-plus-cve-2016-5300-v1.patch
Modified:
expat/trunk/PKGBUILD
---+
PKGBUILD | 13 +-
cve-2012-6702-plus-cve-2016-5300-v1.patch | 134
2 files changed, 142 insertions(+), 5 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2016-06-04 20:29:16 UTC (rev 268962)
+++ PKGBUILD2016-06-04 21:59:08 UTC (rev 268963)
@@ -5,7 +5,7 @@
pkgname=expat
pkgver=2.1.1
-pkgrel=2
+pkgrel=3
pkgdesc='An XML parser library'
arch=('i686' 'x86_64')
url='http://expat.sourceforge.net/'
@@ -13,15 +13,18 @@
depends=('glibc')
source=(http://downloads.sourceforge.net/sourceforge/expat/$pkgname-$pkgver.tar.bz2
CVE-2015-1283-refix.patch
-CVE-2016-0718-v2-2-1.patch)
+CVE-2016-0718-v2-2-1.patch
+cve-2012-6702-plus-cve-2016-5300-v1.patch)
md5sums=('7380a64a8e3a9d66a9887b01d0d7ea81'
'd54dd69a14bedb86fc6f6e0c0be5c4a4'
- 'beb1b2dc1f0d988ed85a5dd30a3b322a')
+ 'beb1b2dc1f0d988ed85a5dd30a3b322a'
+ '0d0df76777dc43221e4fc4522601d803')
prepare() {
cd $pkgname-$pkgver
- patch -p2 < "${srcdir}/CVE-2015-1283-refix.patch"
- patch -p2 < "${srcdir}/CVE-2016-0718-v2-2-1.patch"
+ patch -p2 -i "$srcdir/CVE-2015-1283-refix.patch"
+ patch -p2 -i "$srcdir/CVE-2016-0718-v2-2-1.patch"
+ patch -p2 -i "$srcdir/cve-2012-6702-plus-cve-2016-5300-v1.patch"
}
build() {
Added: cve-2012-6702-plus-cve-2016-5300-v1.patch
===
--- cve-2012-6702-plus-cve-2016-5300-v1.patch (rev 0)
+++ cve-2012-6702-plus-cve-2016-5300-v1.patch 2016-06-04 21:59:08 UTC (rev
268963)
@@ -0,0 +1,134 @@
+From cb31522769d11a375078a073cba94e7176cb48a4 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping
+Date: Wed, 16 Mar 2016 15:30:12 +0100
+Subject: [PATCH] Resolve call to srand, use more entropy (patch version 1.0)
+
+Squashed backport against vanilla Expat 2.1.1, addressing:
+* CVE-2012-6702 -- unanticipated internal calls to srand
+* CVE-2016-5300 -- use of too little entropy
+
+Since commit e3e81a6d9f0885ea02d3979151c358f314bf3d6d
+(released with Expat 2.1.0) Expat called srand by itself
+from inside generate_hash_secret_salt for an instance
+of XML_Parser if XML_SetHashSalt was either (a) not called
+for that instance or if (b) salt 0 was passed to XML_SetHashSalt
+prior to parsing. That call to srand passed (rather litle)
+entropy extracted from the current time as a seed for srand.
+
+That call to srand (1) broke repeatability for code calling
+srand with a non-random seed prior to parsing with Expat,
+and (2) resulted in a rather small set of hashing salts in
+Expat in total.
+
+For a short- to mid-term fix, the new approach avoids calling
+srand altogether, extracts more entropy out of the clock and
+other sources, too.
+
+For a long term fix, we may want to read sizeof(long) bytes
+from a source like getrandom(..) on Linux, and from similar
+sources on other supported architectures.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1197087
+---
+ expat/CMakeLists.txt | 3 +++
+ expat/lib/xmlparse.c | 48 +---
+ 2 files changed, 44 insertions(+), 7 deletions(-)
+
+diff --git a/expat/CMakeLists.txt b/expat/CMakeLists.txt
+index 353627e..524d514 100755
+--- a/expat/CMakeLists.txt
b/expat/CMakeLists.txt
+@@ -41,6 +41,9 @@ include_directories(${CMAKE_BINARY_DIR}
${CMAKE_SOURCE_DIR}/lib)
+ if(MSVC)
+ add_definitions(-D_CRT_SECURE_NO_WARNINGS -wd4996)
+ endif(MSVC)
++if(WIN32)
++add_definitions(-DCOMPILED_FROM_DSP)
++endif(WIN32)
+
+ set(expat_SRCS
+ lib/xmlparse.c
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index e308c79..c5f942f 100644
+--- a/expat/lib/xmlparse.c
b/expat/lib/xmlparse.c
+@@ -6,7 +6,14 @@
+ #include /* memset(), memcpy() */
+ #include
+ #include /* UINT_MAX */
+-#include/* time() */
++
++#ifdef COMPILED_FROM_DSP
++#define getpid GetCurrentProcessId
++#else
++#include/* gettimeofday() */
++#include /* getpid() */
++#include /* getpid() */
++#endif
+
+ #define XML_BUILDING_EXPAT 1
+
+@@ -432,7 +439,7 @@ static ELEMENT_TYPE *
+ getElementType(XML_Parser parser, const ENCODING *enc,
+const char *ptr, const char *end);
+
+-static unsigned long generate_hash_secret_salt(void);
++static unsigned long generate_hash_secret_salt(XML_Parser parser);
+ static XML_Bool startParsing(XML_Parser parser);
+
+ static XML_Parser
+@@ -691,11 +698,38 @@ static const XML_Char implicitContext[] = {
+ };
+
+ static unsigned long
+-generate
