diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2011-02-11 13:55:30 +0000 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2011-02-11 13:55:30 +0000 |
commit | 5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09 (patch) | |
tree | 0840a042999bde0fdef99587b714f3f985865108 /pkgs/development/libraries/expat | |
parent | fc933aaa50dbe74ab91e51571feeb568bd8f9e21 (diff) | |
download | nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar.gz nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar.bz2 nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar.lz nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar.xz nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.tar.zst nixpkgs-5dcde6d4370680c7e2bae609e3ebedbb3f9b1d09.zip |
* Expat: apply a fix for CVE-2009-3560.
svn path=/nixpkgs/branches/x-updates/; revision=25902
Diffstat (limited to 'pkgs/development/libraries/expat')
-rw-r--r-- | pkgs/development/libraries/expat/cve-2009-3560.patch | 18 | ||||
-rw-r--r-- | pkgs/development/libraries/expat/default.nix | 12 |
2 files changed, 29 insertions, 1 deletions
diff --git a/pkgs/development/libraries/expat/cve-2009-3560.patch b/pkgs/development/libraries/expat/cve-2009-3560.patch new file mode 100644 index 00000000000..71da9e39351 --- /dev/null +++ b/pkgs/development/libraries/expat/cve-2009-3560.patch @@ -0,0 +1,18 @@ +From: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/expat/files/expat-2.0.1-CVE-2009-3560-revised.patch?revision=1.1 + +http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560 +http://bugs.gentoo.org/show_bug.cgi?id=303727 +http://cvs.fedoraproject.org/viewvc/rpms/expat/devel/ + +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser, + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ diff --git a/pkgs/development/libraries/expat/default.nix b/pkgs/development/libraries/expat/default.nix index cd546a58169..35a2945207b 100644 --- a/pkgs/development/libraries/expat/default.nix +++ b/pkgs/development/libraries/expat/default.nix @@ -1,7 +1,17 @@ -{stdenv, fetchurl}: stdenv.mkDerivation { +{ stdenv, fetchurl }: + +stdenv.mkDerivation { name = "expat-2.0.1"; + src = fetchurl { url = mirror://sourceforge/expat/expat-2.0.1.tar.gz; sha256 = "14sy5qx9hgjyfs743iq8ywldhp5w4n6cscqf2p4hgrw6vys60xl4"; }; + + patches = [ ./cve-2009-3560.patch ]; + + meta = { + homepage = http://expat.sourceforge.net/; + description = "A stream-oriented XML parser library written in C"; + }; } |