gentoo resync : 05.04.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-04-05 21:17:31 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2019-04-05 21:17:31 +0100
commit: dc7cbdfa65fd814b3b9aa3c56257da201109e807 (patch)
tree: c85d72f6f31f21f178069c9d41d41a7c1ff4b362 /dev-libs/libxml2/files
parent: 0706fc6986773f4e4d391deff4ad5143c464ea4e (diff)
3 files changed, 0 insertions, 169 deletions
diff --git a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2017-8872.patch b/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2017-8872.patch
deleted file mode 100644
index 6062f63df9ea..000000000000
--- a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2017-8872.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-https://bugs.gentoo.org/618110
-https://bugzilla.gnome.org/show_bug.cgi?id=775200
-https://gitlab.gnome.org/GNOME/libxml2/issues/26
-
-From 123234f2cfcd9e9b9f83047eee1dc17b4c3f4407 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 11 Sep 2018 14:52:07 +0200
-Subject: [PATCH] Free input buffer in xmlHaltParser
-
-This avoids miscalculation of available bytes.
-
-Thanks to Yunho Kim for the report.
-
-Closes: #26
----
- parser.c                     |  5 +++++
- result/errors/759573.xml.err | 17 +++++++----------
- 2 files changed, 12 insertions(+), 10 deletions(-)
-
-diff --git a/parser.c b/parser.c
-index ca9fde2c8758..5813a6643e15 100644
---- a/parser.c
-+++ b/parser.c
-@@ -12462,7 +12462,12 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) {
- 	    ctxt->input->free((xmlChar *) ctxt->input->base);
- 	    ctxt->input->free = NULL;
- 	}
-+        if (ctxt->input->buf != NULL) {
-+            xmlFreeParserInputBuffer(ctxt->input->buf);
-+            ctxt->input->buf = NULL;
-+        }
- 	ctxt->input->cur = BAD_CAST"";
-+        ctxt->input->length = 0;
- 	ctxt->input->base = ctxt->input->cur;
-         ctxt->input->end = ctxt->input->cur;
-     }
-diff --git a/result/errors/759573.xml.err b/result/errors/759573.xml.err
-index 554039f65b91..38ef5c40b8e3 100644
---- a/result/errors/759573.xml.err
-+++ b/result/errors/759573.xml.err
-@@ -21,14 +21,11 @@ Entity: line 1:
-             ^
- ./test/errors/759573.xml:1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration
- 
--<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '&#37;<![INCLUDE[000&#37;&#3000;00
--     ^
-+
-+^
- ./test/errors/759573.xml:1: parser error : DOCTYPE improperly terminated
--<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '&#37;<![INCLUDE[000&#37;&#3000;00
--     ^
--./test/errors/759573.xml:1: parser error : StartTag: invalid element name
--<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '&#37;<![INCLUDE[000&#37;&#3000;00
--      ^
--./test/errors/759573.xml:1: parser error : Extra content at the end of the document
--<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '&#37;<![INCLUDE[000&#37;&#3000;00
--      ^
-+
-+^
-+./test/errors/759573.xml:1: parser error : Start tag expected, '<' not found
-+
-+^
--- 
-2.19.1
-
diff --git a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14404.patch b/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14404.patch
deleted file mode 100644
index 59bfc0fa9b88..000000000000
--- a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14404.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 12:54:38 +0200
-Subject: [PATCH] Fix nullptr deref with XPath logic ops
-
-If the XPath stack is corrupted, for example by a misbehaving extension
-function, the "and" and "or" XPath operators could dereference NULL
-pointers. Check that the XPath stack isn't empty and optimize the
-logic operators slightly.
-
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
-
-Also see
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
-https://bugzilla.redhat.com/show_bug.cgi?id=1595985
-
-This is CVE-2018-14404.
-
-Thanks to Guy Inbar for the report.
----
- xpath.c | 10 ++++------
- 1 file changed, 4 insertions(+), 6 deletions(-)
-
-diff --git a/xpath.c b/xpath.c
-index 3fae0bf4e0a0..5e3bb9ff6401 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -13234,9 +13234,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval &= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval &= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_OR:
-@@ -13252,9 +13251,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval |= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval |= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_EQUAL:
--- 
-2.19.1
-
diff --git a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14567.patch b/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14567.patch
deleted file mode 100644
index 0d289352d2f9..000000000000
--- a/dev-libs/libxml2/files/libxml2-2.9.8-CVE-2018-14567.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 13:14:11 +0200
-Subject: [PATCH] Fix infinite loop in LZMA decompression
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Check the liblzma error code more thoroughly to avoid infinite loops.
-
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
-Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
-
-This is CVE-2018-9251 and CVE-2018-14567.
-
-Thanks to Dongliang Mu and Simon Wörner for the reports.
----
- xzlib.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/xzlib.c b/xzlib.c
-index a839169ef2ec..0ba88cfa849d 100644
---- a/xzlib.c
-+++ b/xzlib.c
-@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
-                          "internal error: inflate stream corrupt");
-                 return -1;
-             }
-+            /*
-+             * FIXME: Remapping a couple of error codes and falling through
-+             * to the LZMA error handling looks fragile.
-+             */
-             if (ret == Z_MEM_ERROR)
-                 ret = LZMA_MEM_ERROR;
-             if (ret == Z_DATA_ERROR)
-@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
-             xz_error(state, LZMA_PROG_ERROR, "compression error");
-             return -1;
-         }
-+        if ((state->how != GZIP) &&
-+            (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
-+            xz_error(state, ret, "lzma error");
-+            return -1;
-+        }
-     } while (strm->avail_out && ret != LZMA_STREAM_END);
- 
-     /* update available output and crc check value */
--- 
-2.19.1
-
author	V3n3RiX <venerix@redcorelinux.org>	2019-04-05 21:17:31 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2019-04-05 21:17:31 +0100
commit	dc7cbdfa65fd814b3b9aa3c56257da201109e807 (patch)
tree	c85d72f6f31f21f178069c9d41d41a7c1ff4b362 /dev-libs/libxml2/files
parent	0706fc6986773f4e4d391deff4ad5143c464ea4e (diff)