diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2013-11-04 17:08:47 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 22:57:36 +0200 |
| commit | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch) | |
| tree | 9b98e6e193c7870cb27ac861394c1c4592850922 /source/l/expat/expat-2.0.1-fixes-3.patch | |
| parent | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff) | |
| download | current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.xz | |
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/l/expat/expat-2.0.1-fixes-3.patch')
| -rw-r--r-- | source/l/expat/expat-2.0.1-fixes-3.patch | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/source/l/expat/expat-2.0.1-fixes-3.patch b/source/l/expat/expat-2.0.1-fixes-3.patch deleted file mode 100644 index 5059f297f..000000000 --- a/source/l/expat/expat-2.0.1-fixes-3.patch +++ /dev/null @@ -1,38 +0,0 @@ -Submitted By: Ken Moffat <ken at linuxfromscratch dot org> -Date: 2010-12-09 -Initial Package Version: 2.0.1 -Upstream Status: From Upstream -Origin: Unknown -Description: Fixes for CVE-2009-2625 (infinite loop and application hang via -malformed XML) CVE-2009-3560 (DOS via buffer overrun caused by malformed UTF-8) -and CVE-2009-3720 (DOS via buffer overrun caused by crafted UTF-8). This -replaces version -2 which had both the original and the revised fixes for -CVE-2009-3560 - the revised version is supposed to replace the original, not -add to it, because of problems with certain perl users of libexpat. - - -diff -Naur expat-2.0.1.orig//lib/xmlparse.c expat-2.0.1/lib/xmlparse.c ---- expat-2.0.1.orig//lib/xmlparse.c 2007-05-08 03:25:35.000000000 +0100 -+++ expat-2.0.1/lib/xmlparse.c 2010-12-06 18:01:03.082339393 +0000 -@@ -3703,6 +3703,9 @@ - return XML_ERROR_UNCLOSED_TOKEN; - case XML_TOK_PARTIAL_CHAR: - return XML_ERROR_PARTIAL_CHAR; -+ case -XML_TOK_PROLOG_S: -+ tok = -tok; -+ break; - case XML_TOK_NONE: - #ifdef XML_DTD - /* for internal PE NOT referenced between declarations */ -diff -Naur expat-2.0.1.orig//lib/xmltok_impl.c expat-2.0.1/lib/xmltok_impl.c ---- expat-2.0.1.orig//lib/xmltok_impl.c 2006-11-26 17:34:46.000000000 +0000 -+++ expat-2.0.1/lib/xmltok_impl.c 2010-12-06 18:01:03.082339393 +0000 -@@ -1744,7 +1744,7 @@ - const char *end, - POSITION *pos) - { -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ |