summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGustavo Zacarias <gustavo@zacarias.com.ar>2012-03-06 09:10:43 -0300
committerPeter Korsgaard <jacmet@sunsite.dk>2012-03-06 16:11:34 +0100
commite482a430ec4f8507f5a5caf06b3e72f4c30edfea (patch)
treef8eea6a7037fd0c2e1146cca763d8c70ccc1fcc2
parent3311e41dc0f36967bbadc972839269197c5e88a1 (diff)
expat: add security patch for CVE-2009-3560
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
-rw-r--r--package/expat/expat-2.0.1-CVE-2009-3560.patch14
1 files changed, 14 insertions, 0 deletions
diff --git a/package/expat/expat-2.0.1-CVE-2009-3560.patch b/package/expat/expat-2.0.1-CVE-2009-3560.patch
new file mode 100644
index 000000000..7cadc47b0
--- /dev/null
+++ b/package/expat/expat-2.0.1-CVE-2009-3560.patch
@@ -0,0 +1,14 @@
+http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560
+
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser,
+ return XML_ERROR_UNCLOSED_TOKEN;
+ case XML_TOK_PARTIAL_CHAR:
+ return XML_ERROR_PARTIAL_CHAR;
++ case -XML_TOK_PROLOG_S:
++ tok = -tok;
++ break;
+ case XML_TOK_NONE:
+ #ifdef XML_DTD
+ /* for internal PE NOT referenced between declarations */