rpms/PyXML/F-10 PyXML-0.8.4-buffer-over-read.patch, NONE, 1.1 PyXML.spec, 1.32, 1.33
Roman Rakus
rrakus at fedoraproject.org
Fri Oct 30 14:42:40 UTC 2009
Author: rrakus
Update of /cvs/extras/rpms/PyXML/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3164
Modified Files:
PyXML.spec
Added Files:
PyXML-0.8.4-buffer-over-read.patch
Log Message:
Fix buffer over read
PyXML-0.8.4-buffer-over-read.patch:
xmltok_impl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE PyXML-0.8.4-buffer-over-read.patch ---
--- PyXML-0.8.4/extensions/expat/lib/xmltok_impl.c.cve3720
+++ PyXML-0.8.4/extensions/expat/lib/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
const char *end,
POSITION *pos)
{
- while (ptr != end) {
+ while (ptr < end) {
switch (BYTE_TYPE(enc, ptr)) {
#define LEAD_CASE(n) \
case BT_LEAD ## n: \
Index: PyXML.spec
===================================================================
RCS file: /cvs/extras/rpms/PyXML/F-10/PyXML.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -p -r1.32 -r1.33
--- PyXML.spec 14 Jul 2008 15:56:24 -0000 1.32
+++ PyXML.spec 30 Oct 2009 14:42:40 -0000 1.33
@@ -1,11 +1,13 @@
Summary: XML libraries for python.
Name: PyXML
Version: 0.8.4
-Release: 10
+Release: 11%{?dist}
Source: http://prdownloads.sourceforge.net/pyxml/PyXML-%{version}.tar.gz
Patch0: PyXML-0.7.1-intern.patch
Patch1: PyXML-0.8.4-cvs20041111-python2.4-backport.patch
Patch2: PyXML-memmove.patch
+Patch3: PyXML-0.8.4-buffer-over-read.patch
+
License: MIT and Python and ZPLv1.0 and BSD
Group: Development/Libraries
Requires: python
@@ -40,6 +42,7 @@ programming interfaces and an interface
%patch0 -p1 -b .intern
%patch1 -p1 -b .python2.4-backport
%patch2 -p1
+%patch3 -p1 -b .buufer_over_read
%build
CFLAGS="$RPM_OPT_FLAGS" %{__python} -c 'import setuptools; execfile("setup.py")' build --with-xslt
@@ -60,6 +63,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/python?.?/site-packages/_xmlplus
%changelog
+* Fri Oct 30 2009 Roman Rakus <rrakus at redhat.com> - 0.8.4-11
+- Fix buffer over read
+
* Mon Jul 14 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 0.8.4-10
- fix license tag
More information about the fedora-extras-commits
mailing list