From ba21117eb9d9ac915ea920a057ca40a7e3fe7be7 Mon Sep 17 00:00:00 2001 From: jorton Date: Dec 03 2009 13:54:56 +0000 Subject: - add security fix for CVE-2009-3560 (#533174) - run the test suite --- diff --git a/expat-1.95.8-CVE-2009-3560.patch b/expat-1.95.8-CVE-2009-3560.patch new file mode 100644 index 0000000..406c9c5 --- /dev/null +++ b/expat-1.95.8-CVE-2009-3560.patch @@ -0,0 +1,13 @@ + +http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165 + +--- expat-1.95.8/lib/xmlparse.c.cve3560 ++++ expat-1.95.8/lib/xmlparse.c +@@ -3637,7 +3637,6 @@ doProlog(XML_Parser parser, + return XML_ERROR_NO_ELEMENTS; + default: + tok = -tok; +- next = end; + break; + } + } diff --git a/expat-1.95.8-pedantic.patch b/expat-1.95.8-pedantic.patch deleted file mode 100644 index 0973176..0000000 --- a/expat-1.95.8-pedantic.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- expat-1.95.8/lib/expat.h.pedantic -+++ expat-1.95.8/lib/expat.h -@@ -43,7 +43,7 @@ - #define XML_STATUS_ERROR XML_STATUS_ERROR - XML_STATUS_OK = 1, - #define XML_STATUS_OK XML_STATUS_OK -- XML_STATUS_SUSPENDED = 2, -+ XML_STATUS_SUSPENDED = 2 - #define XML_STATUS_SUSPENDED XML_STATUS_SUSPENDED - }; - diff --git a/expat-2.0.1-confcxx.patch b/expat-2.0.1-confcxx.patch new file mode 100644 index 0000000..8b924e0 --- /dev/null +++ b/expat-2.0.1-confcxx.patch @@ -0,0 +1,13 @@ + +Configure for C++ too so the testsuite works. + +--- expat-2.0.1/configure.in.confcxx ++++ expat-2.0.1/configure.in +@@ -62,6 +62,7 @@ AC_SUBST(LIBAGE) + + dnl Checks for programs. + AC_PROG_CC ++AC_PROG_CXX + AC_PROG_INSTALL + + if test "$GCC" = yes ; then diff --git a/expat.spec b/expat.spec index f175de7..9c544b2 100644 --- a/expat.spec +++ b/expat.spec @@ -1,14 +1,16 @@ Summary: An XML parser library Name: expat Version: 2.0.1 -Release: 5%{?dist}.1 +Release: 8%{?dist} Group: System Environment/Libraries Source: http://download.sourceforge.net/expat/expat-%{version}.tar.gz -Patch1: expat-1.95.8-CVE-2009-3720.patch +Patch1: expat-2.0.1-confcxx.patch +Patch2: expat-1.95.8-CVE-2009-3560.patch +Patch3: expat-1.95.8-CVE-2009-3720.patch URL: http://www.libexpat.org/ License: MIT BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildRequires: autoconf, automake, libtool +BuildRequires: autoconf, automake, libtool, check-devel %description This is expat, the C library for parsing XML, written by James Clark. Expat @@ -29,11 +31,13 @@ to develop XML applications with expat. %prep %setup -q -%patch1 -p1 -b .cve3720 +%patch1 -p1 -b .confcxx +%patch2 -p1 -b .cve3560 +%patch3 -p1 -b .cve3720 %build rm -rf autom4te*.cache -cp `aclocal --print-ac-dir`/libtool.m4 conftools || exit 1 +rm conftools/libtool.m4 libtoolize --copy --force --automake && aclocal && autoheader && autoconf export CFLAGS="$RPM_OPT_FLAGS -fPIC" %configure --libdir=/%{_lib} @@ -55,6 +59,9 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libexpat.la lib=`echo $RPM_BUILD_ROOT/%{_lib}/libexpat.so.*.*` ln -sf ../../%{_lib}/`basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/libexpat.so +%check +make check + %clean rm -rf ${RPM_BUILD_ROOT} @@ -76,6 +83,10 @@ rm -rf ${RPM_BUILD_ROOT} %{_includedir}/*.h %changelog +* Tue Dec 1 2009 Joe Orton - 2.0.1-8 +- add security fix for CVE-2009-3560 (#533174) +- run the test suite + * Fri Oct 30 2009 Joe Orton - 2.0.1-5.1 - add security fix for CVE-2009-3720