2008-06-06 05:48:45 -05:00
|
|
|
*** misc/libxml2-2.6.31/configure Fri Jan 11 09:01:56 2008
|
|
|
|
|
--- misc/build/libxml2-2.6.31/configure Thu Mar 27 14:09:56 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 3463,3477 ****
|
|
|
|
|
CFLAGS=$ac_save_CFLAGS
|
|
|
|
|
elif test $ac_cv_prog_cc_g = yes; then
|
|
|
|
|
if test "$GCC" = yes; then
|
|
|
|
|
! CFLAGS="-g -O2"
|
|
|
|
|
else
|
|
|
|
|
! CFLAGS="-g"
|
|
|
|
|
fi
|
|
|
|
|
else
|
|
|
|
|
if test "$GCC" = yes; then
|
|
|
|
|
! CFLAGS="-O2"
|
|
|
|
|
else
|
|
|
|
|
! CFLAGS=
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
|
|
|
|
|
--- 3463,3477 ----
|
|
|
|
|
CFLAGS=$ac_save_CFLAGS
|
|
|
|
|
elif test $ac_cv_prog_cc_g = yes; then
|
|
|
|
|
if test "$GCC" = yes; then
|
|
|
|
|
! CFLAGS="$ADDCFLAGS -g -O2"
|
|
|
|
|
else
|
|
|
|
|
! CFLAGS="$ADDCFLAGS -g"
|
|
|
|
|
fi
|
|
|
|
|
else
|
|
|
|
|
if test "$GCC" = yes; then
|
|
|
|
|
! CFLAGS="$ADDCFLAGS -O2"
|
|
|
|
|
else
|
|
|
|
|
! CFLAGS="$ADDCFLAGS"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
|
|
|
|
|
***************
|
|
|
|
|
*** 26207,26215 ****
|
|
|
|
|
|
|
|
|
|
{ echo "$as_me:$LINENO: checking for library containing setsockopt" >&5
|
|
|
|
|
echo $ECHO_N "checking for library containing setsockopt... $ECHO_C" >&6; }
|
|
|
|
|
! if test "${ac_cv_search_setsockopt+set}" = set; then
|
|
|
|
|
! echo $ECHO_N "(cached) $ECHO_C" >&6
|
|
|
|
|
! else
|
|
|
|
|
ac_func_search_save_LIBS=$LIBS
|
|
|
|
|
cat >conftest.$ac_ext <<_ACEOF
|
|
|
|
|
/* confdefs.h. */
|
|
|
|
|
--- 26207,26215 ----
|
|
|
|
|
|
|
|
|
|
{ echo "$as_me:$LINENO: checking for library containing setsockopt" >&5
|
|
|
|
|
echo $ECHO_N "checking for library containing setsockopt... $ECHO_C" >&6; }
|
|
|
|
|
! #if test "${ac_cv_search_setsockopt+set}" = set; then
|
|
|
|
|
! # echo $ECHO_N "(cached) $ECHO_C" >&6
|
|
|
|
|
! #else
|
|
|
|
|
ac_func_search_save_LIBS=$LIBS
|
|
|
|
|
cat >conftest.$ac_ext <<_ACEOF
|
|
|
|
|
/* confdefs.h. */
|
|
|
|
|
***************
|
|
|
|
|
*** 26279,26285 ****
|
|
|
|
|
fi
|
|
|
|
|
rm conftest.$ac_ext
|
|
|
|
|
LIBS=$ac_func_search_save_LIBS
|
|
|
|
|
! fi
|
|
|
|
|
{ echo "$as_me:$LINENO: result: $ac_cv_search_setsockopt" >&5
|
|
|
|
|
echo "${ECHO_T}$ac_cv_search_setsockopt" >&6; }
|
|
|
|
|
ac_res=$ac_cv_search_setsockopt
|
|
|
|
|
--- 26279,26285 ----
|
|
|
|
|
fi
|
|
|
|
|
rm conftest.$ac_ext
|
|
|
|
|
LIBS=$ac_func_search_save_LIBS
|
|
|
|
|
! #fi
|
|
|
|
|
{ echo "$as_me:$LINENO: result: $ac_cv_search_setsockopt" >&5
|
|
|
|
|
echo "${ECHO_T}$ac_cv_search_setsockopt" >&6; }
|
|
|
|
|
ac_res=$ac_cv_search_setsockopt
|
|
|
|
|
*** misc/libxml2-2.6.31/ltmain.sh Wed Aug 29 14:28:46 2007
|
|
|
|
|
--- misc/build/libxml2-2.6.31/ltmain.sh Thu Mar 27 13:54:03 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 3311,3318 ****
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
freebsd-elf)
|
|
|
|
|
! major=".$current"
|
|
|
|
|
! versuffix=".$current";
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
irix | nonstopux)
|
|
|
|
|
--- 3311,3318 ----
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
freebsd-elf)
|
|
|
|
|
! major=.`expr $current - $age`
|
|
|
|
|
! versuffix=".$major.$age.$revision";
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
irix | nonstopux)
|
|
|
|
|
*** misc/libxml2-2.6.31/xml2-config.in Fri Jan 11 08:22:32 2008
|
|
|
|
|
--- misc/build/libxml2-2.6.31/xml2-config.in Wed Apr 2 11:56:17 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 1,10 ****
|
|
|
|
|
#! /bin/sh
|
|
|
|
|
|
|
|
|
|
! prefix=@prefix@
|
|
|
|
|
! exec_prefix=@exec_prefix@
|
|
|
|
|
! includedir=@includedir@
|
|
|
|
|
! libdir=@libdir@
|
|
|
|
|
|
|
|
|
|
usage()
|
|
|
|
|
{
|
|
|
|
|
cat <<EOF
|
|
|
|
|
--- 1,15 ----
|
|
|
|
|
#! /bin/sh
|
|
|
|
|
|
|
|
|
|
! #prefix=@prefix@
|
|
|
|
|
! #exec_prefix=@exec_prefix@
|
|
|
|
|
! #includedir=@includedir@
|
|
|
|
|
! #libdir=@libdir@
|
|
|
|
|
|
|
|
|
|
+ prefix=${SOLARVERSION}/${INPATH}
|
|
|
|
|
+ exec_prefix=${SOLARVERSION}/${INPATH}
|
|
|
|
|
+ includedir=${SOLARVERSION}/${INPATH}/inc${UPDMINOREXT}/external
|
|
|
|
|
+ libdir=${SOLARVERSION}/${INPATH}/lib${UPDMINOREXT}
|
|
|
|
|
+
|
|
|
|
|
usage()
|
|
|
|
|
{
|
|
|
|
|
cat <<EOF
|
|
|
|
|
***************
|
|
|
|
|
*** 67,73 ****
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--cflags)
|
|
|
|
|
! echo @XML_INCLUDEDIR@ @XML_CFLAGS@
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--libtool-libs)
|
|
|
|
|
--- 72,79 ----
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--cflags)
|
|
|
|
|
! echo -I${includedir}
|
|
|
|
|
! # echo @XML_INCLUDEDIR@ @XML_CFLAGS@
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--libtool-libs)
|
|
|
|
|
***************
|
|
|
|
|
*** 82,100 ****
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--libs)
|
|
|
|
|
! if [ "`uname`" = "Linux" ]
|
|
|
|
|
! then
|
|
|
|
|
! if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
|
|
|
|
|
! then
|
|
|
|
|
! echo @XML_LIBS@
|
|
|
|
|
! else
|
|
|
|
|
! echo @XML_LIBDIR@ @XML_LIBS@
|
|
|
|
|
! fi
|
|
|
|
|
! else
|
|
|
|
|
! echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
|
|
|
|
|
! fi
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
*)
|
|
|
|
|
usage
|
|
|
|
|
exit 1
|
|
|
|
|
--- 88,111 ----
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
--libs)
|
2009-09-16 09:37:52 -05:00
|
|
|
! echo -L${libdir} ${LIBXML2LIB} -lm
|
2008-06-06 05:48:45 -05:00
|
|
|
! # if [ "`uname`" = "Linux" ]
|
|
|
|
|
! # then
|
|
|
|
|
! # if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
|
|
|
|
|
! # then
|
|
|
|
|
! # echo @XML_LIBS@
|
|
|
|
|
! # else
|
|
|
|
|
! # echo @XML_LIBDIR@ @XML_LIBS@
|
|
|
|
|
! # fi
|
|
|
|
|
! # else
|
|
|
|
|
! # echo @XML_LIBDIR@ @XML_LIBS@ @WIN32_EXTRA_LIBADD@
|
|
|
|
|
! # fi
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
+ print) # ugly configure hack
|
|
|
|
|
+ exit 0
|
|
|
|
|
+ ;;
|
|
|
|
|
+
|
|
|
|
|
*)
|
|
|
|
|
usage
|
|
|
|
|
exit 1
|
|
|
|
|
*** misc/libxml2-2.6.31/include/win32config.h Wed Apr 18 09:51:54 2007
|
|
|
|
|
--- misc/build/libxml2-2.6.31/include/win32config.h Mon Mar 31 19:09:09 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 92,98 ****
|
|
|
|
|
--- 92,100 ----
|
|
|
|
|
#if defined(_MSC_VER)
|
|
|
|
|
#define mkdir(p,m) _mkdir(p)
|
|
|
|
|
#define snprintf _snprintf
|
|
|
|
|
+ #if _MSC_VER < 1500
|
|
|
|
|
#define vsnprintf(b,c,f,a) _vsnprintf(b,c,f,a)
|
|
|
|
|
+ #endif
|
|
|
|
|
#elif defined(__MINGW32__)
|
|
|
|
|
#define mkdir(p,m) _mkdir(p)
|
|
|
|
|
#endif
|
|
|
|
|
*** misc/libxml2-2.6.31/include/wsockcompat.h Wed Jan 3 14:07:30 2007
|
|
|
|
|
--- misc/build/libxml2-2.6.31/include/wsockcompat.h Thu Apr 3 10:15:50 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 21,26 ****
|
|
|
|
|
--- 21,27 ----
|
|
|
|
|
|
|
|
|
|
/* Check if ws2tcpip.h is a recent version which provides getaddrinfo() */
|
|
|
|
|
#if defined(GetAddrInfo)
|
|
|
|
|
+ #include <wspiapi.h>
|
|
|
|
|
#define HAVE_GETADDRINFO
|
|
|
|
|
#endif
|
|
|
|
|
#endif
|
|
|
|
|
*** misc/libxml2-2.6.31/include/libxml/xmlversion.h Fri Jan 11 10:11:19 2008
|
|
|
|
|
--- misc/build/libxml2-2.6.31/include/libxml/xmlversion.h Thu Mar 27 13:54:03 2008
|
|
|
|
|
***************
|
|
|
|
|
*** 264,270 ****
|
|
|
|
|
*
|
|
|
|
|
* Whether iconv support is available
|
|
|
|
|
*/
|
|
|
|
|
! #if 1
|
|
|
|
|
#define LIBXML_ICONV_ENABLED
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
--- 264,270 ----
|
|
|
|
|
*
|
|
|
|
|
* Whether iconv support is available
|
|
|
|
|
*/
|
|
|
|
|
! #if 0
|
|
|
|
|
#define LIBXML_ICONV_ENABLED
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
***************
|
|
|
|
|
*** 282,288 ****
|
|
|
|
|
*
|
|
|
|
|
* Whether Debugging module is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 1
|
|
|
|
|
#define LIBXML_DEBUG_ENABLED
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
--- 282,288 ----
|
|
|
|
|
*
|
|
|
|
|
* Whether Debugging module is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 0
|
|
|
|
|
#define LIBXML_DEBUG_ENABLED
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
***************
|
|
|
|
|
*** 291,297 ****
|
|
|
|
|
*
|
|
|
|
|
* Whether the memory debugging is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 1
|
|
|
|
|
#define DEBUG_MEMORY_LOCATION
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
--- 291,297 ----
|
|
|
|
|
*
|
|
|
|
|
* Whether the memory debugging is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 0
|
|
|
|
|
#define DEBUG_MEMORY_LOCATION
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
***************
|
|
|
|
|
*** 300,306 ****
|
|
|
|
|
*
|
|
|
|
|
* Whether the runtime debugging is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 1
|
|
|
|
|
#define LIBXML_DEBUG_RUNTIME
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
--- 300,306 ----
|
|
|
|
|
*
|
|
|
|
|
* Whether the runtime debugging is configured in
|
|
|
|
|
*/
|
|
|
|
|
! #if 0
|
|
|
|
|
#define LIBXML_DEBUG_RUNTIME
|
|
|
|
|
#endif
|
|
|
|
|
|
2009-08-27 10:58:22 -05:00
|
|
|
diff -r -cN misc/libxml2-2.6.31/changelog misc/build/libxml2-2.6.31/changelog
|
|
|
|
|
*** misc/libxml2-2.6.31/changelog
|
|
|
|
|
--- misc/build/libxml2-2.6.31/changelog
|
|
|
|
|
***************
|
|
|
|
|
*** 0 ****
|
|
|
|
|
--- 1,10 ----
|
|
|
|
|
+ libxml2 (2.6.32.dfsg-5+lenny1) stable-security; urgency=high
|
|
|
|
|
+
|
|
|
|
|
+ * Non-maintainer upload by the Security Team.
|
|
|
|
|
+ * Fix multiple use-after-free flaws when parsing notation and
|
|
|
|
|
+ enumeration attribute types (CVE-2009-2416).
|
|
|
|
|
+ * Fix stack overflow when parsing root XML document element DTD
|
|
|
|
|
+ definition (CVE-2009-2414).
|
|
|
|
|
+
|
|
|
|
|
+ -- Nico Golde <nion@debian.org> Thu, 06 Aug 2009 13:04:00 +0000
|
|
|
|
|
+
|
|
|
|
|
diff -r -cN misc/libxml2-2.6.31/parser.c misc/build/libxml2-2.6.31/parser.c
|
|
|
|
|
*** misc/libxml2-2.6.31/parser.c
|
|
|
|
|
--- misc/build/libxml2-2.6.31/parser.c
|
|
|
|
|
***************
|
|
|
|
|
*** 4752,4761 ****
|
|
|
|
|
if (name == NULL) {
|
|
|
|
|
xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED,
|
|
|
|
|
"Name expected in NOTATION declaration\n");
|
|
|
|
|
! return(ret);
|
|
|
|
|
}
|
|
|
|
|
cur = xmlCreateEnumeration(name);
|
|
|
|
|
! if (cur == NULL) return(ret);
|
|
|
|
|
if (last == NULL) ret = last = cur;
|
|
|
|
|
else {
|
|
|
|
|
last->next = cur;
|
|
|
|
|
--- 4752,4766 ----
|
|
|
|
|
if (name == NULL) {
|
|
|
|
|
xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED,
|
|
|
|
|
"Name expected in NOTATION declaration\n");
|
|
|
|
|
! xmlFreeEnumeration(ret);
|
|
|
|
|
! return(NULL);
|
|
|
|
|
}
|
|
|
|
|
cur = xmlCreateEnumeration(name);
|
|
|
|
|
! if (cur == NULL) {
|
|
|
|
|
! xmlFreeEnumeration(ret);
|
|
|
|
|
! return(NULL);
|
|
|
|
|
! }
|
|
|
|
|
!
|
|
|
|
|
if (last == NULL) ret = last = cur;
|
|
|
|
|
else {
|
|
|
|
|
last->next = cur;
|
|
|
|
|
***************
|
|
|
|
|
*** 4765,4773 ****
|
|
|
|
|
} while (RAW == '|');
|
|
|
|
|
if (RAW != ')') {
|
|
|
|
|
xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL);
|
|
|
|
|
! if ((last != NULL) && (last != ret))
|
|
|
|
|
! xmlFreeEnumeration(last);
|
|
|
|
|
! return(ret);
|
|
|
|
|
}
|
|
|
|
|
NEXT;
|
|
|
|
|
return(ret);
|
|
|
|
|
--- 4770,4777 ----
|
|
|
|
|
} while (RAW == '|');
|
|
|
|
|
if (RAW != ')') {
|
|
|
|
|
xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL);
|
|
|
|
|
! xmlFreeEnumeration(ret);
|
|
|
|
|
! return(NULL);
|
|
|
|
|
}
|
|
|
|
|
NEXT;
|
|
|
|
|
return(ret);
|
|
|
|
|
***************
|
|
|
|
|
*** 4808,4814 ****
|
|
|
|
|
}
|
|
|
|
|
cur = xmlCreateEnumeration(name);
|
|
|
|
|
xmlFree(name);
|
|
|
|
|
! if (cur == NULL) return(ret);
|
|
|
|
|
if (last == NULL) ret = last = cur;
|
|
|
|
|
else {
|
|
|
|
|
last->next = cur;
|
|
|
|
|
--- 4812,4822 ----
|
|
|
|
|
}
|
|
|
|
|
cur = xmlCreateEnumeration(name);
|
|
|
|
|
xmlFree(name);
|
|
|
|
|
! if (cur == NULL) {
|
|
|
|
|
! xmlFreeEnumeration(ret);
|
|
|
|
|
! return(NULL);
|
|
|
|
|
! }
|
|
|
|
|
!
|
|
|
|
|
if (last == NULL) ret = last = cur;
|
|
|
|
|
else {
|
|
|
|
|
last->next = cur;
|
|
|
|
|
***************
|
|
|
|
|
*** 5206,5211 ****
|
|
|
|
|
--- 5214,5226 ----
|
|
|
|
|
const xmlChar *elem;
|
|
|
|
|
xmlChar type = 0;
|
|
|
|
|
|
|
|
|
|
+ if (ctxt->depth > 128) {
|
|
|
|
|
+ xmlFatalErrMsgInt(ctxt, XML_ERR_ELEMCONTENT_NOT_FINISHED,
|
|
|
|
|
+ "xmlParseElementChildrenContentDecl : depth %d too deep\n",
|
|
|
|
|
+ ctxt->depth);
|
|
|
|
|
+ return(NULL);
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
SKIP_BLANKS;
|
|
|
|
|
GROW;
|
|
|
|
|
if (RAW == '(') {
|
|
|
|
|
***************
|
|
|
|
|
*** 5214,5220 ****
|
|
|
|
|
--- 5229,5237 ----
|
|
|
|
|
/* Recurse on first child */
|
|
|
|
|
NEXT;
|
|
|
|
|
SKIP_BLANKS;
|
|
|
|
|
+ ctxt->depth++;
|
|
|
|
|
cur = ret = xmlParseElementChildrenContentDecl(ctxt, inputid);
|
|
|
|
|
+ ctxt->depth--;
|
|
|
|
|
SKIP_BLANKS;
|
|
|
|
|
GROW;
|
|
|
|
|
} else {
|
|
|
|
|
***************
|
|
|
|
|
*** 5344,5350 ****
|
|
|
|
|
--- 5361,5369 ----
|
|
|
|
|
/* Recurse on second child */
|
|
|
|
|
NEXT;
|
|
|
|
|
SKIP_BLANKS;
|
|
|
|
|
+ ctxt->depth++;
|
|
|
|
|
last = xmlParseElementChildrenContentDecl(ctxt, inputid);
|
|
|
|
|
+ ctxt->depth--;
|
|
|
|
|
SKIP_BLANKS;
|
|
|
|
|
} else {
|
|
|
|
|
elem = xmlParseName(ctxt);
|
