rpms/expat/F-11 expat-1.95.8-CVE-2009-3720.patch, NONE, 1.1 expat.spec, 1.32, 1.33
jorton
jorton at fedoraproject.org
Fri Oct 30 16:03:03 UTC 2009
- Previous message (by thread): rpms/celt/devel .cvsignore, 1.4, 1.5 celt.spec, 1.5, 1.6 sources, 1.4, 1.5
- Next message (by thread): rpms/perl-Test-Prereq/F-12 .cvsignore, 1.7, 1.8 perl-Test-Prereq.spec, 1.10, 1.11 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jorton
Update of /cvs/extras/rpms/expat/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2876
Modified Files:
expat.spec
Added Files:
expat-1.95.8-CVE-2009-3720.patch
Log Message:
* Fri Oct 30 2009 Joe Orton <jorton at redhat.com> - 2.0.1-6.1
- add security fix for CVE-2009-3720
expat-1.95.8-CVE-2009-3720.patch:
xmltok_impl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE expat-1.95.8-CVE-2009-3720.patch ---
--- expat-1.95.8/lib/xmltok_impl.c.cve3720
+++ expat-1.95.8/lib/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
const char *end,
POSITION *pos)
{
- while (ptr != end) {
+ while (ptr < end) {
switch (BYTE_TYPE(enc, ptr)) {
#define LEAD_CASE(n) \
case BT_LEAD ## n: \
Index: expat.spec
===================================================================
RCS file: /cvs/extras/rpms/expat/F-11/expat.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -p -r1.32 -r1.33
--- expat.spec 24 Feb 2009 15:54:27 -0000 1.32
+++ expat.spec 30 Oct 2009 16:03:02 -0000 1.33
@@ -1,9 +1,10 @@
Summary: An XML parser library
Name: expat
Version: 2.0.1
-Release: 6
+Release: 6%{?dist}.1
Group: System Environment/Libraries
Source: http://download.sourceforge.net/expat/expat-%{version}.tar.gz
+Patch1: expat-1.95.8-CVE-2009-3720.patch
URL: http://www.libexpat.org/
License: MIT
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -28,6 +29,7 @@ to develop XML applications with expat.
%prep
%setup -q
+%patch1 -p1 -b .cve3720
%build
rm -rf autom4te*.cache
@@ -74,6 +76,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_includedir}/*.h
%changelog
+* Fri Oct 30 2009 Joe Orton <jorton at redhat.com> - 2.0.1-6.1
+- add security fix for CVE-2009-3720
+
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
- Previous message (by thread): rpms/celt/devel .cvsignore, 1.4, 1.5 celt.spec, 1.5, 1.6 sources, 1.4, 1.5
- Next message (by thread): rpms/perl-Test-Prereq/F-12 .cvsignore, 1.7, 1.8 perl-Test-Prereq.spec, 1.10, 1.11 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list