Mail archive
alpine-aports

[alpine-aports] [PATCH] main/libxml: new upstream version 2.9.3

From: Christian Kampka <christian_at_kampka.net>
Date: Sat, 28 Nov 2015 21:20:17 +0100

---
 main/libxml2/APKBUILD              | 23 +++++++----------------
 main/libxml2/CVE-2014-0191.patch   | 36 ------------------------------------
 main/libxml2/libxml2-pthread.patch | 11 -----------
 3 files changed, 7 insertions(+), 63 deletions(-)
 delete mode 100644 main/libxml2/CVE-2014-0191.patch
 delete mode 100644 main/libxml2/libxml2-pthread.patch
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index b8f142c..096d326 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
_at_@ -1,8 +1,8 @@
 # Contributor: Carlo Landmeter <clandmeter_at_gmail.com>
 # Maintainer: Carlo Landmeter <clandmeter_at_gmail.com>
 pkgname=libxml2
-pkgver=2.9.2
-pkgrel=2
+pkgver=2.9.3
+pkgrel=0
 pkgdesc="XML parsing library, version 2"
 url="http://www.xmlsoft.org/"
 arch="all"
_at_@ -11,10 +11,7 @@ depends=
 depends_dev="zlib-dev"
 makedepends="$depends_dev python-dev"
 subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils"
-source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz
-	libxml2-pthread.patch
-	CVE-2014-0191.patch
-	"
+source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"
 
 options="!strip"
 
_at_@ -45,7 +42,7 @@ build() {
 package() {
 	cd "$_builddir"
 	make -j1 DESTDIR="$pkgdir" install
-		
+
 	install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
 }
 
_at_@ -69,12 +66,6 @@ utils() {
 }
 
 
-md5sums="9e6a9aca9d155737868b3dc5fd82f788  libxml2-2.9.2.tar.gz
-cc0da520c5296e87407d24166480da73  libxml2-pthread.patch
-e6f432aea642badcb848e5791bcf6df7  CVE-2014-0191.patch"
-sha256sums="5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc  libxml2-2.9.2.tar.gz
-97d5e152580774483c47b28483282a4180c2c375bb7716a807ec859e59c3ec2f  libxml2-pthread.patch
-288a762e8b115cecc02d920e4b36ebfa5249b8a6713a1a948e344d881d094ea8  CVE-2014-0191.patch"
-sha512sums="a4e3b20e2efceed39c20379b32b746d4a1cf65c0cf7719d26c9bf7483c1f04a4e5a442ae2f36dc4ae8a4d011b67cfb58d9f6d0be034fa3e897a49059c9289565  libxml2-2.9.2.tar.gz
-bda49c5e09605acc2bb36203521f750903d81345cc38af54b977e3ce71e288267fb3ab98f1813d846ab45461490482337f7af8b0f1a8a5e0b2c09e03bbadc7f7  libxml2-pthread.patch
-41b6737b5cfe6392e3d781ebde48db0bf221bde89701742408afe625a88a67f6f6aed5cf04c1983ba2e7e04c2d819a8011908d23060365225571691c5e61cf11  CVE-2014-0191.patch"
+md5sums="daece17e045f1c107610e137ab50c179  libxml2-2.9.3.tar.gz"
+sha256sums="4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d  libxml2-2.9.3.tar.gz"
+sha512sums="078afa65229de4f23e6538767253fb4f9f61d96cb72e445179c71d536b224d54922f22972a2b71434796f83f8c99f6a46c3b8813cb4582ad9fca696d141e0abb  libxml2-2.9.3.tar.gz"
diff --git a/main/libxml2/CVE-2014-0191.patch b/main/libxml2/CVE-2014-0191.patch
deleted file mode 100644
index 4d5fe1a..0000000
--- a/main/libxml2/CVE-2014-0191.patch
+++ /dev/null
_at_@ -1,36 +0,0 @@
-From 9cd1c3cfbd32655d60572c0a413e017260c854df Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard_at_redhat.com>
-Date: Tue, 22 Apr 2014 15:30:56 +0800
-Subject: Do not fetch external parameter entities
-
-Unless explicitely asked for when validating or replacing entities
-with their value. Problem pointed out by Daniel Berrange <berrange_at_redhat.com>
-
-diff --git a/parser.c b/parser.c
-index 9347ac9..c0dea05 100644
---- a/parser.c
-+++ b/parser.c
-_at_@ -2598,6 +2598,20 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
- 		    xmlCharEncoding enc;
- 
- 		    /*
-+		     * Note: external parsed entities will not be loaded, it is
-+		     * not required for a non-validating parser, unless the
-+		     * option of validating, or substituting entities were
-+		     * given. Doing so is far more secure as the parser will
-+		     * only process data coming from the document entity by
-+		     * default.
-+		     */
-+                    if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
-+		        ((ctxt->options & XML_PARSE_NOENT) == 0) &&
-+			((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
-+			(ctxt->validate == 0))
-+			return;
-+
-+		    /*
- 		     * handle the extra spaces added before and after
- 		     * c.f. http://www.w3.org/TR/REC-xml#as-PE
- 		     * this is done independently.
--- 
-cgit v0.10.1
-
diff --git a/main/libxml2/libxml2-pthread.patch b/main/libxml2/libxml2-pthread.patch
deleted file mode 100644
index 77d7b38..0000000
--- a/main/libxml2/libxml2-pthread.patch
+++ /dev/null
_at_@ -1,11 +0,0 @@
---- libxml2-2.9.1/threads.c.orig
-+++ libxml2-2.9.1/threads.c
-_at_@ -47,7 +47,7 @@
- #ifdef HAVE_PTHREAD_H
- 
- static int libxml_is_threaded = -1;
--#ifdef __GNUC__
-+#if defined(__GNUC__) && defined(__GLIBC__)
- #ifdef linux
- #if (__GNUC__ == 3 && __GNUC_MINOR__ >= 3) || (__GNUC__ > 3)
- extern int pthread_once (pthread_once_t *__once_control,
-- 
2.6.2
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Sat Nov 28 2015 - 21:20:17 GMT