diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2016-09-26 19:38:39 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2016-09-26 19:38:39 +0200 |
commit | 61684c5b8c0524c2a4a18513bf15e976df5d0e87 (patch) | |
tree | ce48f19db09dbdaa1e09f291cb92afba863eba6c | |
parent | 36f9862fb40e73f92dc937acfc1037494e7b585e (diff) | |
download | alpine_aports-61684c5b8c0524c2a4a18513bf15e976df5d0e87.tar.bz2 alpine_aports-61684c5b8c0524c2a4a18513bf15e976df5d0e87.tar.xz alpine_aports-61684c5b8c0524c2a4a18513bf15e976df5d0e87.zip |
main/expat: security fix for CVE-2016-4472
-rw-r--r-- | main/expat/APKBUILD | 12 | ||||
-rw-r--r-- | main/expat/CVE-2016-4472.patch | 37 |
2 files changed, 46 insertions, 3 deletions
diff --git a/main/expat/APKBUILD b/main/expat/APKBUILD index 4df3dbf67a..6ace041e43 100644 --- a/main/expat/APKBUILD +++ b/main/expat/APKBUILD | |||
@@ -10,10 +10,13 @@ depends= | |||
10 | makedepends= | 10 | makedepends= |
11 | source="http://downloads.sourceforge.net/project/expat/expat/$pkgver/expat-$pkgver.tar.bz2 | 11 | source="http://downloads.sourceforge.net/project/expat/expat/$pkgver/expat-$pkgver.tar.bz2 |
12 | CVE-2016-0718.patch | 12 | CVE-2016-0718.patch |
13 | CVE-2016-4472.patch | ||
13 | " | 14 | " |
14 | # secfixes: | 15 | # secfixes: |
15 | # 2.1.1-r1: | 16 | # 2.1.1-r1: |
16 | # - CVE-2016-0718 | 17 | # - CVE-2016-0718 |
18 | # 2.1.1-r2: | ||
19 | # - CVE-2016-4472 | ||
17 | 20 | ||
18 | subpackages="$pkgname-dev $pkgname-doc" | 21 | subpackages="$pkgname-dev $pkgname-doc" |
19 | 22 | ||
@@ -35,8 +38,11 @@ package() { | |||
35 | make DESTDIR="$pkgdir/" install || return 1 | 38 | make DESTDIR="$pkgdir/" install || return 1 |
36 | } | 39 | } |
37 | md5sums="7380a64a8e3a9d66a9887b01d0d7ea81 expat-2.1.1.tar.bz2 | 40 | md5sums="7380a64a8e3a9d66a9887b01d0d7ea81 expat-2.1.1.tar.bz2 |
38 | 1b44aacd01618cf14ceed11f77eccd69 CVE-2016-0718.patch" | 41 | 1b44aacd01618cf14ceed11f77eccd69 CVE-2016-0718.patch |
42 | 38dad12c39eb47603e880603208a71a5 CVE-2016-4472.patch" | ||
39 | sha256sums="aff584e5a2f759dcfc6d48671e9529f6afe1e30b0cd6a4cec200cbe3f793de67 expat-2.1.1.tar.bz2 | 43 | sha256sums="aff584e5a2f759dcfc6d48671e9529f6afe1e30b0cd6a4cec200cbe3f793de67 expat-2.1.1.tar.bz2 |
40 | 665c3bbd46dc7e65696b3f6b7f3ba23d1427eb95686ceb4e305b19e534036403 CVE-2016-0718.patch" | 44 | 665c3bbd46dc7e65696b3f6b7f3ba23d1427eb95686ceb4e305b19e534036403 CVE-2016-0718.patch |
45 | 38bd0e061aba9cffae29d30640545c1e8dc96d6edec74abd7805b57b5d6d9908 CVE-2016-4472.patch" | ||
41 | sha512sums="088e2ef3434f2affd4fc79fe46f0e9826b9b4c3931ddc780cd18892f1cd1e11365169c6807f45916a56bb6abcc627dcd17a23f970be0bf464f048f5be2713628 expat-2.1.1.tar.bz2 | 46 | sha512sums="088e2ef3434f2affd4fc79fe46f0e9826b9b4c3931ddc780cd18892f1cd1e11365169c6807f45916a56bb6abcc627dcd17a23f970be0bf464f048f5be2713628 expat-2.1.1.tar.bz2 |
42 | 6ab9227c70e210fd6970281103f433ca0d51c56f185a6c516cd239a1b69e20dbd523ef8d55260dac4a13503a44c3f5de050a04946a683da11ef18998a199fac0 CVE-2016-0718.patch" | 47 | 6ab9227c70e210fd6970281103f433ca0d51c56f185a6c516cd239a1b69e20dbd523ef8d55260dac4a13503a44c3f5de050a04946a683da11ef18998a199fac0 CVE-2016-0718.patch |
48 | c72b78a6342abc3f1d774c4e640cbf5827bcf9d1f8949f4e1875722d9f15b579cf845373878abd46a3db305f95f0d156e82cd5a2b155aeaf8dac7f5ddf74fffd CVE-2016-4472.patch" | ||
diff --git a/main/expat/CVE-2016-4472.patch b/main/expat/CVE-2016-4472.patch new file mode 100644 index 0000000000..ea6e7f5fe8 --- /dev/null +++ b/main/expat/CVE-2016-4472.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | From 35197760a63ec5adc1049008354c2a627c097188 Mon Sep 17 00:00:00 2001 | ||
2 | From: Pascal Cuoq <cuoq@trust-in-soft.com> | ||
3 | Date: Sun, 15 May 2016 09:05:46 +0200 | ||
4 | Subject: [PATCH] Avoid relying on undefined behavior in CVE-2015-1283 fix. It | ||
5 | does not really work: https://godbolt.org/g/Zl8gdF | ||
6 | |||
7 | --- | ||
8 | expat/lib/xmlparse.c | 6 ++++-- | ||
9 | 1 file changed, 4 insertions(+), 2 deletions(-) | ||
10 | |||
11 | diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c | ||
12 | index e308c79..bd88c3a 100644 | ||
13 | --- a/expat/lib/xmlparse.c | ||
14 | +++ b/lib/xmlparse.c | ||
15 | @@ -1693,7 +1693,8 @@ XML_GetBuffer(XML_Parser parser, int len) | ||
16 | } | ||
17 | |||
18 | if (len > bufferLim - bufferEnd) { | ||
19 | - int neededSize = len + (int)(bufferEnd - bufferPtr); | ||
20 | + /* Do not invoke signed arithmetic overflow: */ | ||
21 | + int neededSize = (int) ((unsigned)len + (unsigned)(bufferEnd - bufferPtr)); | ||
22 | if (neededSize < 0) { | ||
23 | errorCode = XML_ERROR_NO_MEMORY; | ||
24 | return NULL; | ||
25 | @@ -1725,7 +1726,8 @@ XML_GetBuffer(XML_Parser parser, int len) | ||
26 | if (bufferSize == 0) | ||
27 | bufferSize = INIT_BUFFER_SIZE; | ||
28 | do { | ||
29 | - bufferSize *= 2; | ||
30 | + /* Do not invoke signed arithmetic overflow: */ | ||
31 | + bufferSize = (int) (2U * (unsigned) bufferSize); | ||
32 | } while (bufferSize < neededSize && bufferSize > 0); | ||
33 | if (bufferSize <= 0) { | ||
34 | errorCode = XML_ERROR_NO_MEMORY; | ||
35 | -- | ||
36 | 2.10.0 | ||
37 | |||