From b0f126ee5452c909db872cbf7221e14b6ae26fbc Mon Sep 17 00:00:00 2001 From: Lukc Date: Thu, 23 Dec 2010 00:17:14 +0100 Subject: Recette de expat ajoutée. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- expat/.footprint | 15 +++++++++++++++ expat/.md5sum | 3 +++ expat/.sha256sum | 3 +++ expat/Pkgfile | 26 ++++++++++++++++++++++++++ expat/Pkgfile.old | 18 ++++++++++++++++++ expat/expat-CVE-2009-3560.patch | 15 +++++++++++++++ expat/expat-CVE-2009-3720.patch | 14 ++++++++++++++ 7 files changed, 94 insertions(+) create mode 100644 expat/.footprint create mode 100644 expat/.md5sum create mode 100644 expat/.sha256sum create mode 100644 expat/Pkgfile create mode 100644 expat/Pkgfile.old create mode 100644 expat/expat-CVE-2009-3560.patch create mode 100644 expat/expat-CVE-2009-3720.patch diff --git a/expat/.footprint b/expat/.footprint new file mode 100644 index 0000000..41ca660 --- /dev/null +++ b/expat/.footprint @@ -0,0 +1,15 @@ +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/bin/ +-rwxr-xr-x root/root usr/bin/xmlwf +drwxr-xr-x root/root usr/include/ +-rw-r--r-- root/root usr/include/expat.h +-rw-r--r-- root/root usr/include/expat_external.h +drwxr-xr-x root/root usr/lib/ +-rw-r--r-- root/root usr/lib/libexpat.a +-rwxr-xr-x root/root usr/lib/libexpat.la +lrwxrwxrwx root/root usr/lib/libexpat.so -> libexpat.so.1.5.2 +lrwxrwxrwx root/root usr/lib/libexpat.so.1 -> libexpat.so.1.5.2 +-rwxr-xr-x root/root usr/lib/libexpat.so.1.5.2 +drwxr-xr-x root/root usr/man/ +drwxr-xr-x root/root usr/man/man1/ +-rw-r--r-- root/root usr/man/man1/xmlwf.1.bz2 diff --git a/expat/.md5sum b/expat/.md5sum new file mode 100644 index 0000000..0818fba --- /dev/null +++ b/expat/.md5sum @@ -0,0 +1,3 @@ +ee8b492592568805593f81f8cdf2a04c expat-2.0.1.tar.gz +5ea67d4d96b7debe0eaafe2bf39a43b3 expat-CVE-2009-3560.patch +6e5ccf683c5df15d74711b2719bd7351 expat-CVE-2009-3720.patch diff --git a/expat/.sha256sum b/expat/.sha256sum new file mode 100644 index 0000000..f6238d8 --- /dev/null +++ b/expat/.sha256sum @@ -0,0 +1,3 @@ +847660b4df86e707c9150e33cd8c25bc5cd828f708c7418e765e3e983a2e5e93 expat-2.0.1.tar.gz +1358cb04c1e88b56bc3ee34139c90110a9b7675c7435b1a0dff7c23deba19541 expat-CVE-2009-3560.patch +9151f36adbd270b50ba64b48d0972172e6cc31506bde2620882afc9d993b0005 expat-CVE-2009-3720.patch diff --git a/expat/Pkgfile b/expat/Pkgfile new file mode 100644 index 0000000..d044501 --- /dev/null +++ b/expat/Pkgfile @@ -0,0 +1,26 @@ +description="A fast, non-validating, stream-oriented XML parsing library." +packager="Juergen Daubert " +maintainer="Lukc " +url="http://expat.sourceforge.net/" +depends=() + +name=expat +version=2.0.1 +release=2 +source=( + http://download.sourceforge.net/$name/$name-$version.tar.gz + expat-CVE-2009-3560.patch + expat-CVE-2009-3720.patch +) +build () +{ + cd $name-$version; + patch -p0 -d lib -i $SRC/expat-CVE-2009-3560.patch; + patch -p0 -d lib -i $SRC/expat-CVE-2009-3720.patch; + ./configure \ + ${CHOST:+--build=${CHOST}} \ + ${CTARGET:+--host=${CTARGET}} \ + --prefix=/usr; + make; + make prefix=$PKG/usr install +} diff --git a/expat/Pkgfile.old b/expat/Pkgfile.old new file mode 100644 index 0000000..cacd073 --- /dev/null +++ b/expat/Pkgfile.old @@ -0,0 +1,18 @@ +# Description: A fast, non-validating, stream-oriented XML parsing library +# URL: http://expat.sourceforge.net/ +# Maintainer: Juergen Daubert, jue at crux dot nu + +name=expat +version=2.0.1 +release=2 +source=(http://download.sourceforge.net/$name/$name-$version.tar.gz + expat-CVE-2009-3560.patch expat-CVE-2009-3720.patch) + +build() { + cd $name-$version + patch -p0 -d lib -i $SRC/expat-CVE-2009-3560.patch + patch -p0 -d lib -i $SRC/expat-CVE-2009-3720.patch + ./configure --prefix=/usr + make + make prefix=$PKG/usr install +} diff --git a/expat/expat-CVE-2009-3560.patch b/expat/expat-CVE-2009-3560.patch new file mode 100644 index 0000000..8abdece --- /dev/null +++ b/expat/expat-CVE-2009-3560.patch @@ -0,0 +1,15 @@ +# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 +# http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=patch&r1=1.166&r2=1.164 + +--- xmlparse.c 2009/09/29 02:49:16 1.164 ++++ xmlparse.c 2009/12/29 18:42:05 1.166 +@@ -3701,6 +3701,9 @@ + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ diff --git a/expat/expat-CVE-2009-3720.patch b/expat/expat-CVE-2009-3720.patch new file mode 100644 index 0000000..994d5ad --- /dev/null +++ b/expat/expat-CVE-2009-3720.patch @@ -0,0 +1,14 @@ +# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 +# http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch + +--- xmltok_impl.c 2006/11/26 17:34:46 1.13 ++++ xmltok_impl.c 2008/06/13 13:18:44 1.15 +@@ -1744,7 +1744,7 @@ + const char *end, + POSITION *pos) + { +- while (ptr != end) { ++ while (ptr < end) { + switch (BYTE_TYPE(enc, ptr)) { + #define LEAD_CASE(n) \ + case BT_LEAD ## n: \ -- cgit v1.2.3-70-g09d2