From 9aa43069625996480534eaf399be499c245b9663 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 9 Aug 2016 14:47:28 +0000 Subject: [PATCH] libxslt: added overlay port --- libxslt/.footprint | 56 +++++++++++++++++++++++++++++++++++++ libxslt/.md5sum | 2 ++ libxslt/CVE-2015-7995.patch | 29 +++++++++++++++++++ libxslt/Pkgfile | 28 +++++++++++++++++++ 4 files changed, 115 insertions(+) create mode 100644 libxslt/.footprint create mode 100644 libxslt/.md5sum create mode 100644 libxslt/CVE-2015-7995.patch create mode 100644 libxslt/Pkgfile diff --git a/libxslt/.footprint b/libxslt/.footprint new file mode 100644 index 0000000..6117e7e --- /dev/null +++ b/libxslt/.footprint @@ -0,0 +1,56 @@ +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/bin/ +-rwxr-xr-x root/root usr/bin/xslt-config +-rwxr-xr-x root/root usr/bin/xsltproc +drwxr-xr-x root/root usr/include/ +drwxr-xr-x root/root usr/include/libexslt/ +-rw-r--r-- root/root usr/include/libexslt/exslt.h +-rw-r--r-- root/root usr/include/libexslt/exsltconfig.h +-rw-r--r-- root/root usr/include/libexslt/exsltexports.h +drwxr-xr-x root/root usr/include/libxslt/ +-rw-r--r-- root/root usr/include/libxslt/attributes.h +-rw-r--r-- root/root usr/include/libxslt/documents.h +-rw-r--r-- root/root usr/include/libxslt/extensions.h +-rw-r--r-- root/root usr/include/libxslt/extra.h +-rw-r--r-- root/root usr/include/libxslt/functions.h +-rw-r--r-- root/root usr/include/libxslt/imports.h +-rw-r--r-- root/root usr/include/libxslt/keys.h +-rw-r--r-- root/root usr/include/libxslt/namespaces.h +-rw-r--r-- root/root usr/include/libxslt/numbersInternals.h +-rw-r--r-- root/root usr/include/libxslt/pattern.h +-rw-r--r-- root/root usr/include/libxslt/preproc.h +-rw-r--r-- root/root usr/include/libxslt/security.h +-rw-r--r-- root/root usr/include/libxslt/templates.h +-rw-r--r-- root/root usr/include/libxslt/transform.h +-rw-r--r-- root/root usr/include/libxslt/variables.h +-rw-r--r-- root/root usr/include/libxslt/xslt.h +-rw-r--r-- root/root usr/include/libxslt/xsltInternals.h +-rw-r--r-- root/root usr/include/libxslt/xsltconfig.h +-rw-r--r-- root/root usr/include/libxslt/xsltexports.h +-rw-r--r-- root/root usr/include/libxslt/xsltlocale.h +-rw-r--r-- root/root usr/include/libxslt/xsltutils.h +drwxr-xr-x root/root usr/lib/ +-rw-r--r-- root/root usr/lib/libexslt.a +-rwxr-xr-x root/root usr/lib/libexslt.la +lrwxrwxrwx root/root usr/lib/libexslt.so -> libexslt.so.0.8.17 +lrwxrwxrwx root/root usr/lib/libexslt.so.0 -> libexslt.so.0.8.17 +-rwxr-xr-x root/root usr/lib/libexslt.so.0.8.17 +drwxr-xr-x root/root usr/lib/libxslt-plugins/ +-rw-r--r-- root/root usr/lib/libxslt.a +-rwxr-xr-x root/root usr/lib/libxslt.la +lrwxrwxrwx root/root usr/lib/libxslt.so -> libxslt.so.1.1.28 +lrwxrwxrwx root/root usr/lib/libxslt.so.1 -> libxslt.so.1.1.28 +-rwxr-xr-x root/root usr/lib/libxslt.so.1.1.28 +drwxr-xr-x root/root usr/lib/pkgconfig/ +-rw-r--r-- root/root usr/lib/pkgconfig/libexslt.pc +-rw-r--r-- root/root usr/lib/pkgconfig/libxslt.pc +-rw-r--r-- root/root usr/lib/xsltConf.sh +drwxr-xr-x root/root usr/share/ +drwxr-xr-x root/root usr/share/aclocal/ +-rw-r--r-- root/root usr/share/aclocal/libxslt.m4 +drwxr-xr-x root/root usr/share/man/ +drwxr-xr-x root/root usr/share/man/man1/ +-rw-r--r-- root/root usr/share/man/man1/xsltproc.1.gz +drwxr-xr-x root/root usr/share/man/man3/ +-rw-r--r-- root/root usr/share/man/man3/libexslt.3.gz +-rw-r--r-- root/root usr/share/man/man3/libxslt.3.gz diff --git a/libxslt/.md5sum b/libxslt/.md5sum new file mode 100644 index 0000000..16ce056 --- /dev/null +++ b/libxslt/.md5sum @@ -0,0 +1,2 @@ +b97b695cbe4171f8cb10df41f652aba5 CVE-2015-7995.patch +9667bf6f9310b957254fdcf6596600b7 libxslt-1.1.28.tar.gz diff --git a/libxslt/CVE-2015-7995.patch b/libxslt/CVE-2015-7995.patch new file mode 100644 index 0000000..fbcd7ea --- /dev/null +++ b/libxslt/CVE-2015-7995.patch @@ -0,0 +1,29 @@ +From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 +From: Daniel Veillard +Date: Thu, 29 Oct 2015 19:33:23 +0800 +Subject: Fix for type confusion in preprocessing attributes + +CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 +We need to check that the parent node is an element before dereferencing +its namespace +--- + libxslt/preproc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libxslt/preproc.c b/libxslt/preproc.c +index 0eb80a0..7f69325 100644 +--- a/libxslt/preproc.c ++++ b/libxslt/preproc.c +@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { + } else if (IS_XSLT_NAME(inst, "attribute")) { + xmlNodePtr parent = inst->parent; + +- if ((parent == NULL) || (parent->ns == NULL) || ++ if ((parent == NULL) || ++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || + ((parent->ns != inst->ns) && + (!xmlStrEqual(parent->ns->href, inst->ns->href))) || + (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { +-- +cgit v0.11.2 + diff --git a/libxslt/Pkgfile b/libxslt/Pkgfile new file mode 100644 index 0000000..14c5db1 --- /dev/null +++ b/libxslt/Pkgfile @@ -0,0 +1,28 @@ +# Description: XSL Transformations library. +# URL: http://xmlsoft.org/XSLT/ +# Maintainer: Danny Rawlins, crux at romster dot me +# Arch Maintainer: CRUX-ARM System Team, devel at crux-arm dot nu +# Packager: Tilman Sauerbeck, tilman at crux dot nu +# Depends on: libxml2 zlib xz + +name=libxslt +version=1.1.28 +release=3 +source=(ftp://xmlsoft.org/libxml2/$name-$version.tar.gz + CVE-2015-7995.patch) + +build() { + cd $name-$version + + patch -p1 -i $SRC/CVE-2015-7995.patch + + ./configure --prefix=/usr \ + --without-python \ + --without-crypto \ + --build=aarch64-unknown-linux-gnueabi + + make + make DESTDIR=$PKG install + + rm -r $PKG/usr/share/doc +} -- 2.26.2