From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 85609139085 for ; Tue, 17 Jan 2017 15:08:07 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7B9A3234098; Tue, 17 Jan 2017 15:08:04 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 479E0234098 for ; Tue, 17 Jan 2017 15:08:04 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id B596233D3C7 for ; Tue, 17 Jan 2017 15:08:02 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id BE6FA286F for ; Tue, 17 Jan 2017 15:08:00 +0000 (UTC) From: "Mart Raudsepp" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mart Raudsepp" Message-ID: <1484665636.adb3a6266e0b366780309bab1e9b79db48a8b10a.leio@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/libxml2/files/, dev-libs/libxml2/ X-VCS-Repository: repo/gentoo X-VCS-Files: dev-libs/libxml2/Manifest dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch dev-libs/libxml2/libxml2-2.9.2-r4.ebuild dev-libs/libxml2/libxml2-2.9.3.ebuild dev-libs/libxml2/libx ml2-2.9.4.ebuild X-VCS-Directories: dev-libs/libxml2/ dev-libs/libxml2/files/ X-VCS-Committer: leio X-VCS-Committer-Name: Mart Raudsepp X-VCS-Revision: adb3a6266e0b366780309bab1e9b79db48a8b10a X-VCS-Branch: master Date: Tue, 17 Jan 2017 15:08:00 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 1f752ffe-47f5-4948-845e-1c7b52e49e38 X-Archives-Hash: 9450a5dae1cdc3e85e46e577c9dbc7c6 commit: adb3a6266e0b366780309bab1e9b79db48a8b10a Author: Mart Raudsepp gentoo org> AuthorDate: Tue Jan 17 15:07:16 2017 +0000 Commit: Mart Raudsepp gentoo org> CommitDate: Tue Jan 17 15:07:16 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=adb3a626 dev-libs/libxml2: Security cleanup (bug #597116) Package-Manager: Portage-2.3.3, Repoman-2.3.1 dev-libs/libxml2/Manifest | 2 - .../files/libxml2-2.9.2-constant-memory.patch | 176 ---------------- .../files/libxml2-2.9.2-cross-compile.patch | 17 -- .../files/libxml2-2.9.2-cve-2015-7941-1.patch | 32 --- .../files/libxml2-2.9.2-cve-2015-7941-2.patch | 49 ----- .../files/libxml2-2.9.2-cve-2015-8035.patch | 31 --- .../libxml2/files/libxml2-2.9.2-fix-lzma.patch | 114 ---------- .../files/libxml2-2.9.2-icu-pkgconfig.patch | 26 --- .../files/libxml2-2.9.2-missing-entities.patch | 31 --- ...ml2-2.9.2-overflow-conditional-sections-1.patch | 32 --- ...ml2-2.9.2-overflow-conditional-sections-2.patch | 28 --- ...bxml2-2.9.2-revert-missing-initialization.patch | 26 --- .../files/libxml2-2.9.2-threads-declarations.patch | 48 ----- dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch | 128 ------------ .../files/libxml2-2.9.2-unclosed-comments.patch | 65 ------ dev-libs/libxml2/libxml2-2.9.2-r4.ebuild | 230 --------------------- dev-libs/libxml2/libxml2-2.9.3.ebuild | 215 ------------------- dev-libs/libxml2/libxml2-2.9.4.ebuild | 4 +- 18 files changed, 2 insertions(+), 1252 deletions(-) diff --git a/dev-libs/libxml2/Manifest b/dev-libs/libxml2/Manifest index a98d740..78dfb10 100644 --- a/dev-libs/libxml2/Manifest +++ b/dev-libs/libxml2/Manifest @@ -1,5 +1,3 @@ -DIST libxml2-2.9.2.tar.gz 5444991 SHA256 5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc SHA512 a4e3b20e2efceed39c20379b32b746d4a1cf65c0cf7719d26c9bf7483c1f04a4e5a442ae2f36dc4ae8a4d011b67cfb58d9f6d0be034fa3e897a49059c9289565 WHIRLPOOL d7a77cb6ad49533cf62f6a759668e297a60dd7f70c9e13b29f682c64dfb25ae46eb9db552500130f40e3f969897bda996001d18236a4630e3713f6dd5acbe686 -DIST libxml2-2.9.3.tar.gz 5477112 SHA256 4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d SHA512 078afa65229de4f23e6538767253fb4f9f61d96cb72e445179c71d536b224d54922f22972a2b71434796f83f8c99f6a46c3b8813cb4582ad9fca696d141e0abb WHIRLPOOL 34006c371ef85ce05a4f662bfda9f06e7d7fec737a02e023bc3153584d4dcff26be45673b7989091dadd10882765fa3a2abe67c5d1f5aa476d84b9bb57b83b73 DIST libxml2-2.9.4.tar.gz 5374830 SHA256 ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c SHA512 f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9 WHIRLPOOL 268d3364a3d293810dff060b3ab92042c5550e50dbe9038c4d5b54ea6a22ed77f9572575517ae3bacfe518d634047eb9d5345e903b125e56a3d32ad1ba96dabf DIST xmlts20080827.tar.gz 638940 SHA256 96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7 SHA512 7325d0977c4427fc4944b291ccf896a665f654cc24399e5565c12a849c2bc3aef4fa3ee42a09ac115abcb6570c51a8fbd052c38d64d164279ecdecad5a4e884d WHIRLPOOL 50835380c3ea208df0bf9ce032ed2df69c4c6cb5a53ffdd39a08fb4f1d166f311b2ef2fe0d9911ae1ebff92aeb42f6ea55e727dfe0b7a3b95e6c7240315b3eda DIST xsts-2002-01-16.tar.gz 6894439 SHA256 55e5c08db29946a91ea8e70e8f2418d3fd30d8b6777941dfba7f54726ffd9914 SHA512 43300af6d39c1e2221b0ed7318fe14c7464eeb6eb030ed1e22eb29b4ab17f014e2a4c8887c3a46ae5d243e3072da27f00f4e285498ae6f1288177d38d1108288 WHIRLPOOL 84dd51959460a4f8aa582d57ad39229c546ca7fe155012c57c368b59f5d31400d8b940a343a7320058330ca611303139cacdffed514783f96406ac5366026b11 diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch b/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch deleted file mode 100644 index dc944b6..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch +++ /dev/null @@ -1,176 +0,0 @@ -From 213f1fe0d76d30eaed6e5853057defc43e6df2c9 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 14 Apr 2015 17:41:48 +0800 -Subject: [PATCH] CVE-2015-1819 Enforce the reader to run in constant memory - -One of the operation on the reader could resolve entities -leading to the classic expansion issue. Make sure the -buffer used for xmlreader operation is bounded. -Introduce a new allocation type for the buffers for this effect. ---- - buf.c | 43 ++++++++++++++++++++++++++++++++++++++++++- - include/libxml/tree.h | 3 ++- - xmlreader.c | 20 +++++++++++++++++++- - 3 files changed, 63 insertions(+), 3 deletions(-) - -diff --git a/buf.c b/buf.c -index 6efc7b6..07922ff 100644 ---- a/buf.c -+++ b/buf.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include /* for XML_MAX_TEXT_LENGTH */ - #include "buf.h" - - #define WITH_BUFFER_COMPAT -@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf, - if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) || - (scheme == XML_BUFFER_ALLOC_EXACT) || - (scheme == XML_BUFFER_ALLOC_HYBRID) || -- (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) { -+ (scheme == XML_BUFFER_ALLOC_IMMUTABLE) || -+ (scheme == XML_BUFFER_ALLOC_BOUNDED)) { - buf->alloc = scheme; - if (buf->buffer) - buf->buffer->alloc = scheme; -@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) { - size = buf->use + len + 100; - #endif - -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if ((buf->use + len >= XML_MAX_TEXT_LENGTH) || -+ (buf->size >= XML_MAX_TEXT_LENGTH)) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(0); -+ } -+ if (size >= XML_MAX_TEXT_LENGTH) -+ size = XML_MAX_TEXT_LENGTH; -+ } - if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) { - size_t start_buf = buf->content - buf->contentIO; - -@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size) - CHECK_COMPAT(buf) - - if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0); -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (size >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(0); -+ } -+ } - - /* Don't resize if we don't have to */ - if (size < buf->size) -@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) { - - needSize = buf->use + len + 2; - if (needSize > buf->size){ -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (needSize >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(-1); -+ } -+ } - if (!xmlBufResize(buf, needSize)){ - xmlBufMemoryError(buf, "growing buffer"); - return XML_ERR_NO_MEMORY; -@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) { - } - needSize = buf->use + len + 2; - if (needSize > buf->size){ -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (needSize >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(-1); -+ } -+ } - if (!xmlBufResize(buf, needSize)){ - xmlBufMemoryError(buf, "growing buffer"); - return XML_ERR_NO_MEMORY; -diff --git a/include/libxml/tree.h b/include/libxml/tree.h -index 2f90717..4a9b3bc 100644 ---- a/include/libxml/tree.h -+++ b/include/libxml/tree.h -@@ -76,7 +76,8 @@ typedef enum { - XML_BUFFER_ALLOC_EXACT, /* grow only to the minimal size */ - XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */ - XML_BUFFER_ALLOC_IO, /* special allocation scheme used for I/O */ -- XML_BUFFER_ALLOC_HYBRID /* exact up to a threshold, and doubleit thereafter */ -+ XML_BUFFER_ALLOC_HYBRID, /* exact up to a threshold, and doubleit thereafter */ -+ XML_BUFFER_ALLOC_BOUNDED /* limit the upper size of the buffer */ - } xmlBufferAllocationScheme; - - /** -diff --git a/xmlreader.c b/xmlreader.c -index f19e123..471e7e2 100644 ---- a/xmlreader.c -+++ b/xmlreader.c -@@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) { - "xmlNewTextReader : malloc failed\n"); - return(NULL); - } -+ /* no operation on a reader should require a huge buffer */ -+ xmlBufSetAllocationScheme(ret->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler)); - if (ret->sax == NULL) { - xmlBufFree(ret->buffer); -@@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) { - return(((xmlNsPtr) node)->href); - case XML_ATTRIBUTE_NODE:{ - xmlAttrPtr attr = (xmlAttrPtr) node; -+ const xmlChar *ret; - - if ((attr->children != NULL) && - (attr->children->type == XML_TEXT_NODE) && -@@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) { - "xmlTextReaderSetup : malloc failed\n"); - return (NULL); - } -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - } else - xmlBufEmpty(reader->buffer); - xmlBufGetNodeContent(reader->buffer, node); -- return(xmlBufContent(reader->buffer)); -+ ret = xmlBufContent(reader->buffer); -+ if (ret == NULL) { -+ /* error on the buffer best to reallocate */ -+ xmlBufFree(reader->buffer); -+ reader->buffer = xmlBufCreateSize(100); -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); -+ ret = BAD_CAST ""; -+ } -+ return(ret); - } - break; - } -@@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader, - "xmlTextReaderSetup : malloc failed\n"); - return (-1); - } -+ /* no operation on a reader should require a huge buffer */ -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - if (reader->sax == NULL) - reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler)); - if (reader->sax == NULL) { --- -2.3.5 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch b/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch deleted file mode 100644 index 447222e..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch +++ /dev/null @@ -1,17 +0,0 @@ -https://bugzilla.gnome.org/show_bug.cgi?id=749416 - -do not use -L$Z_DIR/lib when Z_DIR isn't actually set - ---- a/configure.ac -+++ b/configure.ac -@@ -392,7 +392,9 @@ if test "$with_zlib" = "no"; then - else - AC_CHECK_HEADERS(zlib.h, - [SAVE_LDFLAGS="${LDFLAGS}" -- LDFLAGS="-L${Z_DIR}/lib" -+ if test "x${Z_DIR}" != "x"; then -+ LDFLAGS="${LDFLAGS} -L${Z_DIR}/lib" -+ fi - AC_CHECK_LIB(z, gzread,[ - AC_DEFINE([HAVE_LIBZ], [1], [Have compression library]) - WITH_ZLIB=1 diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch b/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch deleted file mode 100644 index 8a6c98c..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch +++ /dev/null @@ -1,32 +0,0 @@ -From a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Mon, 23 Feb 2015 11:17:35 +0800 -Subject: [PATCH] Stop parsing on entities boundaries errors - -For https://bugzilla.gnome.org/show_bug.cgi?id=744980 - -There are times, like on unterminated entities that it's preferable to -stop parsing, even if that means less error reporting. Entities are -feeding the parser on further processing, and if they are ill defined -then it's possible to get the parser to bug. Also do the same on -Conditional Sections if the input is broken, as the structure of -the document can't be guessed. ---- - parser.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/parser.c b/parser.c -index a8d1b67..bbe97eb 100644 ---- a/parser.c -+++ b/parser.c -@@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) { - if (RAW != '>') { - xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED, - "xmlParseEntityDecl: entity %s not terminated\n", name); -+ xmlStopParser(ctxt); - } else { - if (input != ctxt->input) { - xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY, --- -2.4.10 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch b/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch deleted file mode 100644 index df30c89..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 9b8512337d14c8ddf662fcb98b0135f225a1c489 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Mon, 23 Feb 2015 11:29:20 +0800 -Subject: [PATCH] Cleanup conditional section error handling - -For https://bugzilla.gnome.org/show_bug.cgi?id=744980 - -The error handling of Conditional Section also need to be -straightened as the structure of the document can't be -guessed on a failure there and it's better to stop parsing -as further errors are likely to be irrelevant. ---- - parser.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/parser.c b/parser.c -index bbe97eb..fe603ac 100644 ---- a/parser.c -+++ b/parser.c -@@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - SKIP_BLANKS; - if (RAW != '[') { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL); -+ xmlStopParser(ctxt); -+ return; - } else { - if (ctxt->input->id != id) { - xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY, -@@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - SKIP_BLANKS; - if (RAW != '[') { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL); -+ xmlStopParser(ctxt); -+ return; - } else { - if (ctxt->input->id != id) { - xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY, -@@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - - } else { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL); -+ xmlStopParser(ctxt); -+ return; - } - - if (RAW == 0) --- -2.4.10 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch b/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch deleted file mode 100644 index f51863e..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch +++ /dev/null @@ -1,31 +0,0 @@ -From f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 3 Nov 2015 15:31:25 +0800 -Subject: [PATCH] CVE-2015-8035 Fix XZ compression support loop - -For https://bugzilla.gnome.org/show_bug.cgi?id=757466 -DoS when parsing specially crafted XML document if XZ support -is compiled in (which wasn't the case for 2.9.2 and master since -Nov 2013, fixed in next commit !) ---- - xzlib.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/xzlib.c b/xzlib.c -index 0dcb9f4..1fab546 100644 ---- a/xzlib.c -+++ b/xzlib.c -@@ -581,6 +581,10 @@ xz_decomp(xz_statep state) - xz_error(state, LZMA_DATA_ERROR, "compressed data error"); - return -1; - } -+ if (ret == LZMA_PROG_ERROR) { -+ xz_error(state, LZMA_PROG_ERROR, "compression error"); -+ return -1; -+ } - } while (strm->avail_out && ret != LZMA_STREAM_END); - - /* update available output and crc check value */ --- -2.4.10 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch b/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch deleted file mode 100644 index e9b6da6..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 18b8988511b0954272cac4d6c3e6724f9dbf6e0a Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 3 Nov 2015 15:46:29 +0800 -Subject: [PATCH] Reenable xz support by default - -For https://bugzilla.gnome.org/show_bug.cgi?id=757466 - -problem was introduced by commit f3f86ff465c92c79f834d7b981f3c7274a8bb5c8 -for https://bugzilla.gnome.org/show_bug.cgi?id=711026 ---- - configure.ac | 3 +++ - xmlIO.c | 12 ++++++------ - xzlib.c | 6 ++++-- - 3 files changed, 13 insertions(+), 8 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 14ac0a8..48e0577 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -445,6 +445,9 @@ else - fi], - [have_liblzma=no]) - LDFLAGS="${SAVE_LDFLAGS}"]) -+ else -+ # we still need to check for lzma,h header -+ AC_CHECK_HEADERS([lzma.h]) - fi - - # Found the library via either method? -diff --git a/xmlIO.c b/xmlIO.c -index e628ab0..8b13184 100644 ---- a/xmlIO.c -+++ b/xmlIO.c -@@ -1334,7 +1334,7 @@ xmlGzfileClose (void * context) { - } - #endif /* HAVE_ZLIB_H */ - --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - /************************************************************************ - * * - * I/O for compressed file accesses * -@@ -1451,7 +1451,7 @@ xmlXzfileClose (void * context) { - if (ret < 0) xmlIOErr(0, "xzclose()"); - return(ret); - } --#endif /* HAVE_LZMA_H */ -+#endif /* LIBXML_LZMA_ENABLED */ - - #ifdef LIBXML_HTTP_ENABLED - /************************************************************************ -@@ -2328,10 +2328,10 @@ xmlRegisterDefaultInputCallbacks(void) { - xmlRegisterInputCallbacks(xmlGzfileMatch, xmlGzfileOpen, - xmlGzfileRead, xmlGzfileClose); - #endif /* HAVE_ZLIB_H */ --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - xmlRegisterInputCallbacks(xmlXzfileMatch, xmlXzfileOpen, - xmlXzfileRead, xmlXzfileClose); --#endif /* HAVE_ZLIB_H */ -+#endif /* LIBXML_LZMA_ENABLED */ - - #ifdef LIBXML_HTTP_ENABLED - xmlRegisterInputCallbacks(xmlIOHTTPMatch, xmlIOHTTPOpen, -@@ -2683,7 +2683,7 @@ __xmlParserInputBufferCreateFilename(const char *URI, xmlCharEncoding enc) { - #endif - } - #endif --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - if ((xmlInputCallbackTable[i].opencallback == xmlXzfileOpen) && - (strcmp(URI, "-") != 0)) { - ret->compressed = __libxml2_xzcompressed(context); -@@ -3350,7 +3350,7 @@ xmlParserInputBufferGrow(xmlParserInputBufferPtr in, int len) { - * try to establish compressed status of input if not done already - */ - if (in->compressed == -1) { --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - if (in->readcallback == xmlXzfileRead) - in->compressed = __libxml2_xzcompressed(in->context); - #endif -diff --git a/xzlib.c b/xzlib.c -index 1fab546..782957f 100644 ---- a/xzlib.c -+++ b/xzlib.c -@@ -8,7 +8,7 @@ - */ - #define IN_LIBXML - #include "libxml.h" --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - - #include - #ifdef HAVE_ERRNO_H -@@ -34,7 +34,9 @@ - #ifdef HAVE_ZLIB_H - #include - #endif -+#ifdef HAVE_LZMA_H - #include -+#endif - - #include "xzlib.h" - #include -@@ -799,4 +801,4 @@ __libxml2_xzclose(xzFile file) - xmlFree(state); - return ret ? ret : LZMA_OK; - } --#endif /* HAVE_LZMA_H */ -+#endif /* LIBXML_LZMA_ENABLED */ --- -2.4.10 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch b/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch deleted file mode 100644 index 7a84fac..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/configure.in b/configure.in -index 7374564..13c8d4e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1444,19 +1444,11 @@ XML_LIBTOOLLIBS="libxml2.la" - AC_SUBST(WITH_ICONV) - - WITH_ICU=0 --ICU_LIBS="" - if test "$with_icu" != "yes" ; then - echo Disabling ICU support - else -- ICU_CONFIG=icu-config -- if ${ICU_CONFIG} --cflags >/dev/null 2>&1 -- then -- ICU_LIBS=`${ICU_CONFIG} --ldflags` -- WITH_ICU=1 -- echo Enabling ICU support -- else -- AC_MSG_ERROR([libicu config program icu-config not found]) -- fi -+ PKG_CHECK_MODULES(ICU, icu-i18n) -+ WITH_ICU=1 - fi - AC_SUBST(WITH_ICU) - AC_SUBST(ICU_LIBS) diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch b/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch deleted file mode 100644 index 7a10e20..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Thu, 23 Oct 2014 11:35:36 +0800 -Subject: [PATCH] Fix missing entities after CVE-2014-3660 fix - -For https://bugzilla.gnome.org/show_bug.cgi?id=738805 - -The fix for CVE-2014-3660 introduced a regression in some case -where entity substitution is required and the entity is used -first in anotther entity referenced from an attribute value ---- - parser.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index 67c9dfd..a8d1b67 100644 ---- a/parser.c -+++ b/parser.c -@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - * far more secure as the parser will only process data coming from - * the document entity by default. - */ -- if ((ent->checked == 0) && -+ if (((ent->checked == 0) || -+ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) && - ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) || - (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) { - unsigned long oldnbent = ctxt->nbentities; --- -2.3.5 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch b/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch deleted file mode 100644 index bb0766a..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch +++ /dev/null @@ -1,32 +0,0 @@ -From bd0526e66a56e75a18da8c15c4750db8f801c52d Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 23 Oct 2015 19:02:28 +0800 -Subject: Another variation of overflow in Conditional sections - -Which happen after the previous fix to -https://bugzilla.gnome.org/show_bug.cgi?id=756456 - -But stopping the parser and exiting we didn't pop the intermediary entities -and doing the SKIP there applies on an input which may be too small ---- - parser.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index a65e4cc..b9217ff 100644 ---- a/parser.c -+++ b/parser.c -@@ -6915,7 +6915,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - "All markup of the conditional section is not in the same entity\n", - NULL, NULL); - } -- SKIP(3); -+ if ((ctxt-> instate != XML_PARSER_EOF) && -+ ((ctxt->input->cur + 3) < ctxt->input->end)) -+ SKIP(3); - } - } - --- -cgit v0.11.2 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch b/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch deleted file mode 100644 index 1a059fe..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 41ac9049a27f52e7a1f3b341f8714149fc88d450 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 27 Oct 2015 10:53:44 +0800 -Subject: Fix an error in previous Conditional section patch - -an off by one mistake in the change, led to error on correct -document where the end of the included entity was exactly -the end of the conditional section, leading to regtest failure ---- - parser.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index b9217ff..d67b300 100644 ---- a/parser.c -+++ b/parser.c -@@ -6916,7 +6916,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - NULL, NULL); - } - if ((ctxt-> instate != XML_PARSER_EOF) && -- ((ctxt->input->cur + 3) < ctxt->input->end)) -+ ((ctxt->input->cur + 3) <= ctxt->input->end)) - SKIP(3); - } - } --- -cgit v0.11.2 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch b/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch deleted file mode 100644 index d98b382..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 17 Oct 2014 17:13:41 +0800 -Subject: Revert "Missing initialization for the catalog module" - -This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. -As this break xmlcatalog command -https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - -diff --git a/parser.c b/parser.c -index 1d93967..67c9dfd 100644 ---- a/parser.c -+++ b/parser.c -@@ -14830,9 +14830,6 @@ xmlInitParser(void) { - #ifdef LIBXML_XPATH_ENABLED - xmlXPathInit(); - #endif --#ifdef LIBXML_CATALOG_ENABLED -- xmlInitializeCatalog(); --#endif - xmlParserInitialized = 1; - #ifdef LIBXML_THREAD_ENABLED - } --- -cgit v0.10.1 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch b/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch deleted file mode 100644 index 1236f62..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch +++ /dev/null @@ -1,48 +0,0 @@ -From fff8a6b87e05200a0ad0af6f86c2e859c7de9172 Mon Sep 17 00:00:00 2001 -From: Michael Heimpold -Date: Mon, 22 Dec 2014 11:12:12 +0800 -Subject: [PATCH] threads: use forward declarations only for glibc - -Fixes bug #704908 - -The declarations of pthread functions, used to generate weak references -to them, fail to suppress macros. Thus, if any pthread function has -been provided as a macro, compiling threads.c will fail. -This breaks on musl libc, which defines pthread_equal as a macro (in -addition to providing the function, as required). - -Prevent the declarations for e.g. musl libc by refining the condition. - -The idea for this solution was borrowed from the alpine linux guys, see -http://git.alpinelinux.org/cgit/aports/tree/main/libxml2/libxml2-pthread.patch - -Signed-off-by: Michael Heimpold ---- - threads.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/threads.c b/threads.c -index 8921204..78006a2 100644 ---- a/threads.c -+++ b/threads.c -@@ -47,7 +47,7 @@ - #ifdef HAVE_PTHREAD_H - - static int libxml_is_threaded = -1; --#ifdef __GNUC__ -+#if defined(__GNUC__) && defined(__GLIBC__) - #ifdef linux - #if (__GNUC__ == 3 && __GNUC_MINOR__ >= 3) || (__GNUC__ > 3) - extern int pthread_once (pthread_once_t *__once_control, -@@ -89,7 +89,7 @@ extern int pthread_cond_signal () - __attribute((weak)); - #endif - #endif /* linux */ --#endif /* __GNUC__ */ -+#endif /* defined(__GNUC__) && defined(__GLIBC__) */ - #endif /* HAVE_PTHREAD_H */ - - /* --- -2.3.5 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch b/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch deleted file mode 100644 index c179d47..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch +++ /dev/null @@ -1,128 +0,0 @@ -From 9b987f8c98763ee569bde90b5268b43474ca106c Mon Sep 17 00:00:00 2001 -From: Christopher Swenson -Date: Fri, 27 Feb 2015 14:55:49 +0800 -Subject: [PATCH] Fix timsort invariant loop re: Envisage article - -See http://envisage-project.eu/proving-android-java-and-python-sorting-algorithm-is-broken-and-how-to-fix-it/ - -We use a "runLen" array of size 128, so it should be nearly impossible -to have our implementation overflow. - -But in any case, the fix is relatively simple -- checking two extra -conditions in the invariant calculation. - -I also took this opportunity to remove some redundancy in the -left/right merge logic in the invariant loop. ---- - timsort.h | 74 +++++++++++++++++++++++++++++++++------------------------------ - 1 file changed, 39 insertions(+), 35 deletions(-) - -diff --git a/timsort.h b/timsort.h -index efa3aab..795f272 100644 ---- a/timsort.h -+++ b/timsort.h -@@ -392,62 +392,66 @@ static void TIM_SORT_MERGE(SORT_TYPE *dst, const TIM_SORT_RUN_T *stack, const in - - static int TIM_SORT_COLLAPSE(SORT_TYPE *dst, TIM_SORT_RUN_T *stack, int stack_curr, TEMP_STORAGE_T *store, const size_t size) - { -- while (1) -- { -- int64_t A, B, C; -+ while (1) { -+ int64_t A, B, C, D; -+ int ABC, BCD, BD, CD; -+ - /* if the stack only has one thing on it, we are done with the collapse */ -- if (stack_curr <= 1) break; -+ if (stack_curr <= 1) { -+ break; -+ } -+ - /* if this is the last merge, just do it */ -- if ((stack_curr == 2) && -- (stack[0].length + stack[1].length == (int64_t) size)) -- { -+ if ((stack_curr == 2) && (stack[0].length + stack[1].length == size)) { - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[0].length += stack[1].length; - stack_curr--; - break; - } - /* check if the invariant is off for a stack of 2 elements */ -- else if ((stack_curr == 2) && (stack[0].length <= stack[1].length)) -- { -+ else if ((stack_curr == 2) && (stack[0].length <= stack[1].length)) { - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[0].length += stack[1].length; - stack_curr--; - break; -- } -- else if (stack_curr == 2) -+ } else if (stack_curr == 2) { - break; -+ } - -- A = stack[stack_curr - 3].length; -- B = stack[stack_curr - 2].length; -- C = stack[stack_curr - 1].length; -+ B = stack[stack_curr - 3].length; -+ C = stack[stack_curr - 2].length; -+ D = stack[stack_curr - 1].length; - -- /* check first invariant */ -- if (A <= B + C) -- { -- if (A < C) -- { -- TIM_SORT_MERGE(dst, stack, stack_curr - 1, store); -- stack[stack_curr - 3].length += stack[stack_curr - 2].length; -- stack[stack_curr - 2] = stack[stack_curr - 1]; -- stack_curr--; -- } -- else -- { -- TIM_SORT_MERGE(dst, stack, stack_curr, store); -- stack[stack_curr - 2].length += stack[stack_curr - 1].length; -- stack_curr--; -- } -+ if (stack_curr >= 4) { -+ A = stack[stack_curr - 4].length; -+ ABC = (A <= B + C); -+ } else { -+ ABC = 0; - } -- /* check second invariant */ -- else if (B <= C) -- { -+ -+ BCD = (B <= C + D) || ABC; -+ CD = (C <= D); -+ BD = (B < D); -+ -+ /* Both invariants are good */ -+ if (!BCD && !CD) { -+ break; -+ } -+ -+ /* left merge */ -+ if (BCD && !CD) { -+ TIM_SORT_MERGE(dst, stack, stack_curr - 1, store); -+ stack[stack_curr - 3].length += stack[stack_curr - 2].length; -+ stack[stack_curr - 2] = stack[stack_curr - 1]; -+ stack_curr--; -+ } else { -+ /* right merge */ - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[stack_curr - 2].length += stack[stack_curr - 1].length; - stack_curr--; - } -- else -- break; - } -+ - return stack_curr; - } - --- -2.3.5 - diff --git a/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch b/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch deleted file mode 100644 index bd4e482..00000000 --- a/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch +++ /dev/null @@ -1,65 +0,0 @@ -From e724879d964d774df9b7969fc846605aa1bac54c Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 30 Oct 2015 21:14:55 +0800 -Subject: Fix parsing short unclosed comment uninitialized access - -For https://bugzilla.gnome.org/show_bug.cgi?id=746048 -The HTML parser was too optimistic when processing comments and -didn't check for the end of the stream on the first 2 characters ---- - HTMLparser.c | 21 ++++++++++++++------- - 1 file changed, 14 insertions(+), 7 deletions(-) - -diff --git a/HTMLparser.c b/HTMLparser.c -index 19c10c3..bdf7807 100644 ---- a/HTMLparser.c -+++ b/HTMLparser.c -@@ -3264,12 +3264,17 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { - ctxt->instate = state; - return; - } -+ len = 0; -+ buf[len] = 0; - q = CUR_CHAR(ql); -+ if (!IS_CHAR(q)) -+ goto unfinished; - NEXTL(ql); - r = CUR_CHAR(rl); -+ if (!IS_CHAR(r)) -+ goto unfinished; - NEXTL(rl); - cur = CUR_CHAR(l); -- len = 0; - while (IS_CHAR(cur) && - ((cur != '>') || - (r != '-') || (q != '-'))) { -@@ -3300,18 +3305,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { - } - } - buf[len] = 0; -- if (!IS_CHAR(cur)) { -- htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, -- "Comment not terminated \n