svn path=/nixpkgs/branches/x-updates/; revision=25902wip/yesman
parent
fc933aaa50
commit
5dcde6d437
@ -0,0 +1,18 @@ |
||||
From: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/expat/files/expat-2.0.1-CVE-2009-3560-revised.patch?revision=1.1
|
||||
|
||||
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560
|
||||
http://bugs.gentoo.org/show_bug.cgi?id=303727
|
||||
http://cvs.fedoraproject.org/viewvc/rpms/expat/devel/
|
||||
|
||||
--- a/lib/xmlparse.c
|
||||
+++ b/lib/xmlparse.c
|
||||
@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser,
|
||||
return XML_ERROR_UNCLOSED_TOKEN;
|
||||
case XML_TOK_PARTIAL_CHAR:
|
||||
return XML_ERROR_PARTIAL_CHAR;
|
||||
+ case -XML_TOK_PROLOG_S:
|
||||
+ tok = -tok;
|
||||
+ break;
|
||||
case XML_TOK_NONE:
|
||||
#ifdef XML_DTD
|
||||
/* for internal PE NOT referenced between declarations */
|
@ -1,7 +1,17 @@ |
||||
{stdenv, fetchurl}: stdenv.mkDerivation { |
||||
{ stdenv, fetchurl }: |
||||
|
||||
stdenv.mkDerivation { |
||||
name = "expat-2.0.1"; |
||||
|
||||
src = fetchurl { |
||||
url = mirror://sourceforge/expat/expat-2.0.1.tar.gz; |
||||
sha256 = "14sy5qx9hgjyfs743iq8ywldhp5w4n6cscqf2p4hgrw6vys60xl4"; |
||||
}; |
||||
|
||||
patches = [ ./cve-2009-3560.patch ]; |
||||
|
||||
meta = { |
||||
homepage = http://expat.sourceforge.net/; |
||||
description = "A stream-oriented XML parser library written in C"; |
||||
}; |
||||
} |
||||
|
Loading…
Reference in new issue