diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-10 01:12:17 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-12-10 02:58:55 +0100 |
commit | 48a597699d66820c0bd3755087ede52100d5becc (patch) | |
tree | 0a68ef0f5214d3469e96283aed283b1095c0f39c /source/l/libxml2/libxml2.do-not-check-crc.diff | |
parent | 4f2f8fa3a5c832eb964c3e46084a072ecc592aa4 (diff) | |
download | current-48a597699d66820c0bd3755087ede52100d5becc.tar.gz current-48a597699d66820c0bd3755087ede52100d5becc.tar.xz |
Sun Dec 10 01:12:17 UTC 202320231210011217
l/libxml2-2.12.2-x86_64-2.txz: Rebuilt.
Add --sysconfdir=/etc option so that this can find the xml catalog.
Thanks to SpiderTux.
Fix the following security issues:
Fix integer overflows with XML_PARSE_HUGE.
Fix dict corruption caused by entity reference cycles.
Hashing of empty dict strings isn't deterministic.
Fix null deref in xmlSchemaFixupComplexType.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-40303
https://www.cve.org/CVERecord?id=CVE-2022-40304
https://www.cve.org/CVERecord?id=CVE-2023-29469
https://www.cve.org/CVERecord?id=CVE-2023-28484
(* Security fix *)
Diffstat (limited to 'source/l/libxml2/libxml2.do-not-check-crc.diff')
-rw-r--r-- | source/l/libxml2/libxml2.do-not-check-crc.diff | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/source/l/libxml2/libxml2.do-not-check-crc.diff b/source/l/libxml2/libxml2.do-not-check-crc.diff deleted file mode 100644 index 3e6507764..000000000 --- a/source/l/libxml2/libxml2.do-not-check-crc.diff +++ /dev/null @@ -1,35 +0,0 @@ -diff -up libxml2-2.9.0/xzlib.c.do-not-check-crc libxml2-2.9.0/xzlib.c ---- libxml2-2.9.0/xzlib.c.do-not-check-crc 2012-09-11 05:52:46.000000000 +0200 -+++ libxml2-2.9.0/xzlib.c 2012-11-19 19:28:42.431700534 +0100 -@@ -552,17 +552,20 @@ xz_decomp(xz_statep state) - #ifdef HAVE_ZLIB_H - if (state->how == GZIP) { - if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) { -- xz_error(state, LZMA_DATA_ERROR, "unexpected end of file"); -- return -1; -- } -- if (crc != state->zstrm.adler) { -- xz_error(state, LZMA_DATA_ERROR, "incorrect data check"); -- return -1; -- } -- if (len != (state->zstrm.total_out & 0xffffffffL)) { -- xz_error(state, LZMA_DATA_ERROR, "incorrect length check"); -- return -1; -- } -+ /* -+ xz_error(state, LZMA_DATA_ERROR, "unexpected end of file"); -+ return -1; -+ */ -+ } else { -+ if (crc != state->zstrm.adler) { -+ xz_error(state, LZMA_DATA_ERROR, "incorrect data check"); -+ return -1; -+ } -+ if (len != (state->zstrm.total_out & 0xffffffffL)) { -+ xz_error(state, LZMA_DATA_ERROR, "incorrect length check"); -+ return -1; -+ } -+ } - state->strm.avail_in = 0; - state->strm.next_in = NULL; - state->strm.avail_out = 0; |