[Libreoffice-commits] core.git: Branch 'aoo/trunk' - external_deps.lst libxml2/libxml2-c99.patch libxml2/libxml2-configure.patch libxml2/libxml2-long-path.patch libxml2/makefile.mk
Don Lewis
truckman at apache.org
Sun Aug 28 22:08:26 UTC 2016
external_deps.lst | 4 +--
libxml2/libxml2-c99.patch | 48 ++++++++++++++++++++++++++++++++++++++++
libxml2/libxml2-configure.patch | 12 +++++-----
libxml2/libxml2-long-path.patch | 4 +--
libxml2/makefile.mk | 7 +++--
5 files changed, 62 insertions(+), 13 deletions(-)
New commits:
commit a8ee4f315bbd286c6efcc271e4289c4abb220a77
Author: Don Lewis <truckman at apache.org>
Date: Sun Aug 28 20:42:46 2016 +0000
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix:
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4449
CVE-2016-4483
It is not known whether any of these affect OpenOffice.
Import a post-2.9.4 patch from the upstream git repo to fix a build
problem on systems with pre-C99 compilers.
diff --git a/external_deps.lst b/external_deps.lst
index 2c7e376..bfbaaf1 100644
--- a/external_deps.lst
+++ b/external_deps.lst
@@ -174,8 +174,8 @@ if ( true )
URL2 = $(OOO_EXTRAS)$(MD5)-$(name)
if (SYSTEM_LIBXML != YES)
- MD5 = daece17e045f1c107610e137ab50c179
- name = libxml2-2.9.3.tar.gz
+ MD5 = ae249165c173b1ff386ee8ad676815f5
+ name = libxml2-2.9.4.tar.gz
URL1 = http://xmlsoft.org/sources/$(name)
URL2 = $(OOO_EXTRAS)$(MD5)-$(name)
diff --git a/libxml2/libxml2-c99.patch b/libxml2/libxml2-c99.patch
new file mode 100644
index 0000000..7ce8f80
--- /dev/null
+++ b/libxml2/libxml2-c99.patch
@@ -0,0 +1,48 @@
+From d77e5fc4bcdb7da748c9cca116a601ae4df60d21 Mon Sep 17 00:00:00 2001
+From: Chun-wei Fan <fanchunwei at src.gnome.org>
+Date: Tue, 31 May 2016 21:04:50 +0800
+Subject: relaxng.c, xmlschemas.c: Fix build on pre-C99 compilers
+
+Make sure that the variables are declared at the top of the block.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=767063
+ ---
+ relaxng.c | 3 ++-
+ xmlschemas.c | 2 +-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/relaxng.c b/relaxng.c
+index 56a3344..3d3e69c 100644
+diff -ur misc/libxml2-2.9.4/relaxng.c misc/build/libxml2-2.9.4/relaxng.c
+--- misc/libxml2-2.9.4/relaxng.c 2016-05-23 00:25:25.000000000 -0700
++++ misc/build/libxml2-2.9.4/relaxng.c 2016-08-28 00:37:26.017097000 -0700
+@@ -2088,6 +2088,7 @@
+ const xmlChar * arg2)
+ {
+ char msg[1000];
++ xmlChar *result;
+
+ if (arg1 == NULL)
+ arg1 = BAD_CAST "";
+@@ -2215,7 +2216,7 @@
+ snprintf(msg, 1000, "Unknown error code %d\n", err);
+ }
+ msg[1000 - 1] = 0;
+- xmlChar *result = xmlCharStrdup(msg);
++ result = xmlCharStrdup(msg);
+ return (xmlEscapeFormatString(&result));
+ }
+
+diff -ur misc/libxml2-2.9.4/xmlschemas.c misc/build/libxml2-2.9.4/xmlschemas.c
+--- misc/libxml2-2.9.4/xmlschemas.c 2016-05-23 00:25:25.000000000 -0700
++++ misc/build/libxml2-2.9.4/xmlschemas.c 2016-08-28 00:37:26.025519000 -0700
+@@ -3168,8 +3168,8 @@
+ "valid.");
+ }
+ if (expected) {
+- msg = xmlStrcat(msg, BAD_CAST " Expected is '");
+ xmlChar *expectedEscaped = xmlCharStrdup(expected);
++ msg = xmlStrcat(msg, BAD_CAST " Expected is '");
+ msg = xmlStrcat(msg, xmlEscapeFormatString(&expectedEscaped));
+ FREE_AND_NULL(expectedEscaped);
+ msg = xmlStrcat(msg, BAD_CAST "'.\n");
diff --git a/libxml2/libxml2-configure.patch b/libxml2/libxml2-configure.patch
index 8d5437f..bc5bea2 100644
--- a/libxml2/libxml2-configure.patch
+++ b/libxml2/libxml2-configure.patch
@@ -1,6 +1,6 @@
-diff -ur misc/libxml2-2.9.3/include/libxml/xmlversion.h misc/build/libxml2-2.9.3/include/libxml/xmlversion.h
---- misc/libxml2-2.9.3/include/libxml/xmlversion.h 2015-11-20 01:49:39.000000000 -0800
-+++ misc/build/libxml2-2.9.3/include/libxml/xmlversion.h 2016-03-26 09:46:21.124032000 -0700
+diff -ur misc/libxml2-2.9.4/include/libxml/xmlversion.h misc/build/libxml2-2.9.4/include/libxml/xmlversion.h
+--- misc/libxml2-2.9.4/include/libxml/xmlversion.h 2015-11-20 01:49:39.000000000 -0800
++++ misc/build/libxml2-2.9.4/include/libxml/xmlversion.h 2016-03-26 09:46:21.124032000 -0700
@@ -273,7 +273,7 @@
*
* Whether iconv support is available
@@ -19,9 +19,9 @@ diff -ur misc/libxml2-2.9.3/include/libxml/xmlversion.h misc/build/libxml2-2.9.3
#define LIBXML_DEBUG_ENABLED
#endif
-diff -ur misc/libxml2-2.9.3/xml2-config.in misc/build/libxml2-2.9.3/xml2-config.in
---- misc/libxml2-2.9.3/xml2-config.in 2015-05-06 05:04:36.000000000 -0700
-+++ misc/build/libxml2-2.9.3/xml2-config.in 2016-03-26 10:00:17.756184000 -0700
+diff -ur misc/libxml2-2.9.4/xml2-config.in misc/build/libxml2-2.9.4/xml2-config.in
+--- misc/libxml2-2.9.4/xml2-config.in 2015-05-06 05:04:36.000000000 -0700
++++ misc/build/libxml2-2.9.4/xml2-config.in 2016-03-26 10:00:17.756184000 -0700
@@ -1,9 +1,14 @@
#! /bin/sh
diff --git a/libxml2/libxml2-long-path.patch b/libxml2/libxml2-long-path.patch
index cfa79c8..8435d57 100644
--- a/libxml2/libxml2-long-path.patch
+++ b/libxml2/libxml2-long-path.patch
@@ -1,5 +1,5 @@
---- misc/libxml2-2.9.3/uri.c 2015-11-02 23:28:09.000000000 -0800
-+++ misc/build/libxml2-2.9.3/uri.c 2016-03-26 10:19:45.838472000 -0700
+--- misc/libxml2-2.9.4/uri.c 2015-11-02 23:28:09.000000000 -0800
++++ misc/build/libxml2-2.9.4/uri.c 2016-03-26 10:19:45.838472000 -0700
@@ -2412,6 +2412,15 @@
return xmlStrdup((const xmlChar *) path);
#endif
diff --git a/libxml2/makefile.mk b/libxml2/makefile.mk
index 3ba8c87..bcb4710 100644
--- a/libxml2/makefile.mk
+++ b/libxml2/makefile.mk
@@ -38,12 +38,13 @@ all:
# --- Files --------------------------------------------------------
-LIBXML2VERSION=2.9.3
+LIBXML2VERSION=2.9.4
TARFILE_NAME=$(PRJNAME)-$(LIBXML2VERSION)
-TARFILE_MD5=daece17e045f1c107610e137ab50c179
+TARFILE_MD5=ae249165c173b1ff386ee8ad676815f5
-PATCH_FILES=libxml2-configure.patch
+PATCH_FILES=libxml2-configure.patch \
+ libxml2-c99.patch
# libxml2-global-symbols: #i112480#: Solaris ld won't export non-listed symbols
# libxml2-global-symbols.patch
More information about the Libreoffice-commits
mailing list