[Lunar-commits] <moonbase> libxml2: patch for DoS vulnerabilities

[Auke Kok]

commit 3088729ceb44f350d5f7fcc17fc01b24e6bff8ea
Author: Paul Bredbury <brebs at sent.com>
Date:   Sat Aug 15 21:43:21 2009 +0200

    libxml2: patch for DoS vulnerabilities
    
    Advisory is http://secunia.com/advisories/36207/
---
 libs/libxml2/BUILD   |    8 ++++++++
 libs/libxml2/DETAILS |    8 ++++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/libs/libxml2/BUILD b/libs/libxml2/BUILD
new file mode 100644
index 0000000..5a17f47
--- /dev/null
+++ b/libs/libxml2/BUILD
@@ -0,0 +1,8 @@
+(
+
+  # Fix DoS vulnerabilities - http://bugs.gentoo.org/show_bug.cgi?id=280617
+  patch_it $SOURCE2 1 &&
+
+  default_build
+
+) > $C_FIFO 2>&1
diff --git a/libs/libxml2/DETAILS b/libs/libxml2/DETAILS
index c496a30..ce0eccd 100644
--- a/libs/libxml2/DETAILS
+++ b/libs/libxml2/DETAILS
@@ -1,16 +1,20 @@
           MODULE=libxml2
          VERSION=2.7.3
           SOURCE=$MODULE-$VERSION.tar.gz
+         # From http://koji.fedoraproject.org/koji/buildinfo?buildID=126547
+         SOURCE2=libxml2-2.7.3-ficora-parse.patch
       SOURCE_URL=ftp://xmlsoft.org/$MODULE
+     SOURCE2_URL=$PATCH_URL
       SOURCE_VFY=sha1:fd4e427fb55c977876bc74c0e552ef7d3d794a07
+     SOURCE2_VFY=sha1:1c6ab8f48a4c0dbb0d0750a235e43a4406b05644
         WEB_SITE=http://xmlsoft.org
          ENTERED=20010922
-         UPDATED=20090308
+         UPDATED=20090815
            SHORT="XML version 2 parser for Gnome"
 
 cat << EOF
 The libXML library allows you to manipulate XML files. It offers SAX or
-DOM tree generation interfaces. It supports XML and HTML (real world
+DOM tree generation interfaces. It supports XML and HTML (real-world
 ones) parsing, flexible DTD validation, XPath, XPointer-XInclude, and
 pull and push modes with FTP and HTTP modules. It's written in C and
 should be fairly portable. The design is modular; most of the extensions