commit 48c56302accbd06955cbfb3afdade196cf35aa17
Author: Kalev Lember <kalev(a)smartlink.ee>
Date: Mon May 23 14:33:46 2011 +0300
Update to 2.7.8
- Dropped upstreamed patches
- Use the CVE-2010-4494 patch from Fedora native libxml2 (#665965)
.gitignore | 1 +
libxml2-2.7.7-xpath-double-free.patch | 22 ++++++++++++++++++++++
libxml2-gnome-bug-561340-fix.patch | 11 -----------
mingw32-libxml2-2.7.2-with-modules.patch | 15 ---------------
mingw32-libxml2.spec | 21 +++++++++------------
sources | 2 +-
6 files changed, 33 insertions(+), 39 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index f604503..a9e0040 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
libxml2-2.7.6.tar.gz
+/libxml2-2.7.8.tar.gz
diff --git a/libxml2-2.7.7-xpath-double-free.patch
b/libxml2-2.7.7-xpath-double-free.patch
new file mode 100644
index 0000000..c5dbbee
--- /dev/null
+++ b/libxml2-2.7.7-xpath-double-free.patch
@@ -0,0 +1,22 @@
+--- a/xpath.c
++++ a/xpath.c
+@@ -11763,11 +11763,16 @@ xmlXPathCompOpEvalPositionalPredicate(xmlXPathParserContextPtr
ctxt,
+
+ if ((ctxt->error != XPATH_EXPRESSION_OK) || (res == -1)) {
+ xmlXPathObjectPtr tmp;
+- /* pop the result */
++ /* pop the result if any */
+ tmp = valuePop(ctxt);
+- xmlXPathReleaseObject(xpctxt, tmp);
+- /* then pop off contextObj, which will be freed later */
+- valuePop(ctxt);
++ if (tmp != contextObj) {
++ /*
++ * Free up the result
++ * then pop off contextObj, which will be freed later
++ */
++ xmlXPathReleaseObject(xpctxt, tmp);
++ valuePop(ctxt);
++ }
+ goto evaluation_error;
+ }
diff --git a/mingw32-libxml2.spec b/mingw32-libxml2.spec
index 2974ad5..25353aa 100644
--- a/mingw32-libxml2.spec
+++ b/mingw32-libxml2.spec
@@ -6,8 +6,8 @@
%define __debug_install_post %{_mingw32_debug_install_post}
Name: mingw32-libxml2
-Version: 2.7.6
-Release: 3%{?dist}
+Version: 2.7.8
+Release: 1%{?dist}
Summary: MinGW Windows libxml2 XML processing library
License: MIT
@@ -18,11 +18,10 @@ BuildRoot:
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# Not required for MinGW.
#Patch0: libxml2-multilib.patch
+Patch2: libxml2-2.7.7-xpath-double-free.patch
# MinGW-specific patches.
-Patch1000: mingw32-libxml2-2.7.2-with-modules.patch
Patch1001: mingw32-libxml2-static-build-compile-fix.patch
-Patch1002: libxml2-gnome-bug-561340-fix.patch
BuildArch: noarch
@@ -35,8 +34,6 @@ BuildRequires: mingw32-gettext
BuildRequires: mingw32-iconv
BuildRequires: mingw32-zlib
-BuildRequires: autoconf, automake, libtool
-
Requires: pkgconfig
@@ -59,13 +56,8 @@ Static version of the MinGW Windows XML processing library.
%prep
%setup -q -n libxml2-%{version}
-%patch1000 -p1
+%patch2 -p1 -b .CVE-2010-4494
%patch1001 -p0
-%patch1002 -p0
-
-# Patched configure.in, so rebuild configure.
-libtoolize --force --copy
-autoreconf
%build
@@ -133,6 +125,11 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Mon May 23 2011 Kalev Lember <kalev(a)smartlink.ee> - 2.7.8-1
+- Update to 2.7.8
+- Dropped upstreamed patches
+- Use the CVE-2010-4494 patch from Fedora native libxml2 (#665965)
+
* Mon May 23 2011 Kalev Lember <kalev(a)smartlink.ee> - 2.7.6-3
- Don't install html documentation which duplicates what is in Fedora native
diff --git a/sources b/sources
index 6f53129..4e904ff 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-7740a8ec23878a2f50120e1faa2730f2 libxml2-2.7.6.tar.gz
+8127a65e8c3b08856093099b52599c86 libxml2-2.7.8.tar.gz
Show replies by date