makefile.mk

truckman Sun, 28 Aug 2016 13:43:04 -0700

Author: truckman
Date: Sun Aug 28 20:42:46 2016
New Revision: 1758150

URL: http://svn.apache.org/viewvc?rev=1758150&view=rev
Log:
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix:
        CVE-2016-1762
        CVE-2016-1833
        CVE-2016-1834
        CVE-2016-1835
        CVE-2016-1836
        CVE-2016-1837
        CVE-2016-1838
        CVE-2016-1839
        CVE-2016-1840
        CVE-2016-3627
        CVE-2016-3705
        CVE-2016-4449
        CVE-2016-4483
It is not known whether any of these affect OpenOffice.
 
Import a post-2.9.4 patch from the upstream git repo to fix a build
problem on systems with pre-C99 compilers.



Added:
    openoffice/trunk/main/libxml2/libxml2-c99.patch
Modified:
    openoffice/trunk/main/external_deps.lst
    openoffice/trunk/main/libxml2/libxml2-configure.patch
    openoffice/trunk/main/libxml2/libxml2-long-path.patch
    openoffice/trunk/main/libxml2/makefile.mk

Modified: openoffice/trunk/main/external_deps.lst
URL: 
http://svn.apache.org/viewvc/openoffice/trunk/main/external_deps.lst?rev=1758150&r1=1758149&r2=1758150&view=diff
==============================================================================
--- openoffice/trunk/main/external_deps.lst (original)
+++ openoffice/trunk/main/external_deps.lst Sun Aug 28 20:42:46 2016
@@ -174,8 +174,8 @@ if ( true )
     URL2 = $(OOO_EXTRAS)$(MD5)-$(name)
 
 if (SYSTEM_LIBXML != YES)
-    MD5 = daece17e045f1c107610e137ab50c179
-    name = libxml2-2.9.3.tar.gz
+    MD5 = ae249165c173b1ff386ee8ad676815f5
+    name = libxml2-2.9.4.tar.gz
     URL1 = http://xmlsoft.org/sources/$(name)
     URL2 = $(OOO_EXTRAS)$(MD5)-$(name)
 

Added: openoffice/trunk/main/libxml2/libxml2-c99.patch
URL: 
http://svn.apache.org/viewvc/openoffice/trunk/main/libxml2/libxml2-c99.patch?rev=1758150&view=auto
==============================================================================
--- openoffice/trunk/main/libxml2/libxml2-c99.patch (added)
+++ openoffice/trunk/main/libxml2/libxml2-c99.patch Sun Aug 28 20:42:46 2016
@@ -0,0 +1,48 @@
+From d77e5fc4bcdb7da748c9cca116a601ae4df60d21 Mon Sep 17 00:00:00 2001
+From: Chun-wei Fan <fanchun...@src.gnome.org>
+Date: Tue, 31 May 2016 21:04:50 +0800
+Subject: relaxng.c, xmlschemas.c: Fix build on pre-C99 compilers
+
+Make sure that the variables are declared at the top of the block.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=767063
+ ---
+ relaxng.c    | 3 ++-
+ xmlschemas.c | 2 +-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/relaxng.c b/relaxng.c
+index 56a3344..3d3e69c 100644
+diff -ur misc/libxml2-2.9.4/relaxng.c misc/build/libxml2-2.9.4/relaxng.c
+--- misc/libxml2-2.9.4/relaxng.c       2016-05-23 00:25:25.000000000 -0700
++++ misc/build/libxml2-2.9.4/relaxng.c 2016-08-28 00:37:26.017097000 -0700
+@@ -2088,6 +2088,7 @@
+                          const xmlChar * arg2)
+ {
+     char msg[1000];
++    xmlChar *result;
+ 
+     if (arg1 == NULL)
+         arg1 = BAD_CAST "";
+@@ -2215,7 +2216,7 @@
+         snprintf(msg, 1000, "Unknown error code %d\n", err);
+     }
+     msg[1000 - 1] = 0;
+-    xmlChar *result = xmlCharStrdup(msg);
++    result = xmlCharStrdup(msg);
+     return (xmlEscapeFormatString(&result));
+ }
+ 
+diff -ur misc/libxml2-2.9.4/xmlschemas.c misc/build/libxml2-2.9.4/xmlschemas.c
+--- misc/libxml2-2.9.4/xmlschemas.c    2016-05-23 00:25:25.000000000 -0700
++++ misc/build/libxml2-2.9.4/xmlschemas.c      2016-08-28 00:37:26.025519000 
-0700
+@@ -3168,8 +3168,8 @@
+               "valid.");
+       }
+       if (expected) {
+-          msg = xmlStrcat(msg, BAD_CAST " Expected is '");
+           xmlChar *expectedEscaped = xmlCharStrdup(expected);
++          msg = xmlStrcat(msg, BAD_CAST " Expected is '");
+           msg = xmlStrcat(msg, xmlEscapeFormatString(&expectedEscaped));
+           FREE_AND_NULL(expectedEscaped);
+           msg = xmlStrcat(msg, BAD_CAST "'.\n");

Modified: openoffice/trunk/main/libxml2/libxml2-configure.patch
URL: 
http://svn.apache.org/viewvc/openoffice/trunk/main/libxml2/libxml2-configure.patch?rev=1758150&r1=1758149&r2=1758150&view=diff
==============================================================================
--- openoffice/trunk/main/libxml2/libxml2-configure.patch (original)
+++ openoffice/trunk/main/libxml2/libxml2-configure.patch Sun Aug 28 20:42:46 
2016
@@ -1,6 +1,6 @@
-diff -ur misc/libxml2-2.9.3/include/libxml/xmlversion.h 
misc/build/libxml2-2.9.3/include/libxml/xmlversion.h
---- misc/libxml2-2.9.3/include/libxml/xmlversion.h     2015-11-20 
01:49:39.000000000 -0800
-+++ misc/build/libxml2-2.9.3/include/libxml/xmlversion.h       2016-03-26 
09:46:21.124032000 -0700
+diff -ur misc/libxml2-2.9.4/include/libxml/xmlversion.h 
misc/build/libxml2-2.9.4/include/libxml/xmlversion.h
+--- misc/libxml2-2.9.4/include/libxml/xmlversion.h     2015-11-20 
01:49:39.000000000 -0800
++++ misc/build/libxml2-2.9.4/include/libxml/xmlversion.h       2016-03-26 
09:46:21.124032000 -0700
 @@ -273,7 +273,7 @@
   *
   * Whether iconv support is available
@@ -19,9 +19,9 @@ diff -ur misc/libxml2-2.9.3/include/libx
  #define LIBXML_DEBUG_ENABLED
  #endif
  
-diff -ur misc/libxml2-2.9.3/xml2-config.in 
misc/build/libxml2-2.9.3/xml2-config.in
---- misc/libxml2-2.9.3/xml2-config.in  2015-05-06 05:04:36.000000000 -0700
-+++ misc/build/libxml2-2.9.3/xml2-config.in    2016-03-26 10:00:17.756184000 
-0700
+diff -ur misc/libxml2-2.9.4/xml2-config.in 
misc/build/libxml2-2.9.4/xml2-config.in
+--- misc/libxml2-2.9.4/xml2-config.in  2015-05-06 05:04:36.000000000 -0700
++++ misc/build/libxml2-2.9.4/xml2-config.in    2016-03-26 10:00:17.756184000 
-0700
 @@ -1,9 +1,14 @@
  #! /bin/sh
  

Modified: openoffice/trunk/main/libxml2/libxml2-long-path.patch
URL: 
http://svn.apache.org/viewvc/openoffice/trunk/main/libxml2/libxml2-long-path.patch?rev=1758150&r1=1758149&r2=1758150&view=diff
==============================================================================
--- openoffice/trunk/main/libxml2/libxml2-long-path.patch (original)
+++ openoffice/trunk/main/libxml2/libxml2-long-path.patch Sun Aug 28 20:42:46 
2016
@@ -1,5 +1,5 @@
---- misc/libxml2-2.9.3/uri.c   2015-11-02 23:28:09.000000000 -0800
-+++ misc/build/libxml2-2.9.3/uri.c     2016-03-26 10:19:45.838472000 -0700
+--- misc/libxml2-2.9.4/uri.c   2015-11-02 23:28:09.000000000 -0800
++++ misc/build/libxml2-2.9.4/uri.c     2016-03-26 10:19:45.838472000 -0700
 @@ -2412,6 +2412,15 @@
        return xmlStrdup((const xmlChar *) path);
  #endif

Modified: openoffice/trunk/main/libxml2/makefile.mk
URL: 
http://svn.apache.org/viewvc/openoffice/trunk/main/libxml2/makefile.mk?rev=1758150&r1=1758149&r2=1758150&view=diff
==============================================================================
--- openoffice/trunk/main/libxml2/makefile.mk (original)
+++ openoffice/trunk/main/libxml2/makefile.mk Sun Aug 28 20:42:46 2016
@@ -38,12 +38,13 @@ all:
 
 # --- Files --------------------------------------------------------
 
-LIBXML2VERSION=2.9.3
+LIBXML2VERSION=2.9.4
 
 TARFILE_NAME=$(PRJNAME)-$(LIBXML2VERSION)
-TARFILE_MD5=daece17e045f1c107610e137ab50c179
+TARFILE_MD5=ae249165c173b1ff386ee8ad676815f5
 
-PATCH_FILES=libxml2-configure.patch
+PATCH_FILES=libxml2-configure.patch \
+       libxml2-c99.patch
 
 # libxml2-global-symbols: #i112480#: Solaris ld won't export non-listed symbols
 #            libxml2-global-symbols.patch

svn commit: r1758150 - in /openoffice/trunk/main: external_deps.lst libxml2/libxml2-c99.patch libxml2/libxml2-configure.patch libxml2/libxml2-long-path.patch libxml2/makefile.mk

Reply via email to