From 063f7e70c2f4ea4253b65aa62efdb78d719982ed Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 5 Oct 2017 05:49:08 +0200 Subject: [PATCH] libxslt: updated to 1.1.29 --- libxslt/.footprint | 6 +++--- libxslt/.md5sum | 3 +-- libxslt/CVE-2015-7995.patch | 29 ----------------------------- libxslt/Pkgfile | 11 +++++------ 4 files changed, 9 insertions(+), 40 deletions(-) delete mode 100644 libxslt/CVE-2015-7995.patch diff --git a/libxslt/.footprint b/libxslt/.footprint index 6117e7e..b2cfcc0 100644 --- a/libxslt/.footprint +++ b/libxslt/.footprint @@ -38,9 +38,9 @@ lrwxrwxrwx root/root usr/lib/libexslt.so.0 -> libexslt.so.0.8.17 drwxr-xr-x root/root usr/lib/libxslt-plugins/ -rw-r--r-- root/root usr/lib/libxslt.a -rwxr-xr-x root/root usr/lib/libxslt.la -lrwxrwxrwx root/root usr/lib/libxslt.so -> libxslt.so.1.1.28 -lrwxrwxrwx root/root usr/lib/libxslt.so.1 -> libxslt.so.1.1.28 --rwxr-xr-x root/root usr/lib/libxslt.so.1.1.28 +lrwxrwxrwx root/root usr/lib/libxslt.so -> libxslt.so.1.1.29 +lrwxrwxrwx root/root usr/lib/libxslt.so.1 -> libxslt.so.1.1.29 +-rwxr-xr-x root/root usr/lib/libxslt.so.1.1.29 drwxr-xr-x root/root usr/lib/pkgconfig/ -rw-r--r-- root/root usr/lib/pkgconfig/libexslt.pc -rw-r--r-- root/root usr/lib/pkgconfig/libxslt.pc diff --git a/libxslt/.md5sum b/libxslt/.md5sum index 16ce056..e4f716c 100644 --- a/libxslt/.md5sum +++ b/libxslt/.md5sum @@ -1,2 +1 @@ -b97b695cbe4171f8cb10df41f652aba5 CVE-2015-7995.patch -9667bf6f9310b957254fdcf6596600b7 libxslt-1.1.28.tar.gz +a129d3c44c022de3b9dcf6d6f288d72e libxslt-1.1.29.tar.gz diff --git a/libxslt/CVE-2015-7995.patch b/libxslt/CVE-2015-7995.patch deleted file mode 100644 index fbcd7ea..0000000 --- a/libxslt/CVE-2015-7995.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Thu, 29 Oct 2015 19:33:23 +0800 -Subject: Fix for type confusion in preprocessing attributes - -CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 -We need to check that the parent node is an element before dereferencing -its namespace ---- - libxslt/preproc.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/libxslt/preproc.c b/libxslt/preproc.c -index 0eb80a0..7f69325 100644 ---- a/libxslt/preproc.c -+++ b/libxslt/preproc.c -@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { - } else if (IS_XSLT_NAME(inst, "attribute")) { - xmlNodePtr parent = inst->parent; - -- if ((parent == NULL) || (parent->ns == NULL) || -+ if ((parent == NULL) || -+ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || - ((parent->ns != inst->ns) && - (!xmlStrEqual(parent->ns->href, inst->ns->href))) || - (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { --- -cgit v0.11.2 - diff --git a/libxslt/Pkgfile b/libxslt/Pkgfile index 14c5db1..4760898 100644 --- a/libxslt/Pkgfile +++ b/libxslt/Pkgfile @@ -6,20 +6,19 @@ # Depends on: libxml2 zlib xz name=libxslt -version=1.1.28 -release=3 -source=(ftp://xmlsoft.org/libxml2/$name-$version.tar.gz - CVE-2015-7995.patch) +version=1.1.29 +release=1 +source=(ftp://xmlsoft.org/libxml2/$name-$version.tar.gz) build() { cd $name-$version - patch -p1 -i $SRC/CVE-2015-7995.patch - ./configure --prefix=/usr \ --without-python \ --without-crypto \ --build=aarch64-unknown-linux-gnueabi + + sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool make make DESTDIR=$PKG install -- 2.26.2