expat: add security patch for CVE-2009-3560

author Gustavo Zacarias <gustavo@zacarias.com.ar>

Tue, 6 Mar 2012 12:10:43 +0000 (09:10 -0300)

committer Peter Korsgaard <jacmet@sunsite.dk>

Tue, 6 Mar 2012 15:11:34 +0000 (16:11 +0100)
author Gustavo Zacarias <gustavo@zacarias.com.ar>
Tue, 6 Mar 2012 12:10:43 +0000 (09:10 -0300)
committer Peter Korsgaard <jacmet@sunsite.dk>
Tue, 6 Mar 2012 15:11:34 +0000 (16:11 +0100)
diff --git a/package/expat/expat-2.0.1-CVE-2009-3560.patch b/package/expat/expat-2.0.1-CVE-2009-3560.patch

new file mode 100644 (file)

index 0000000..7cadc47
--- /dev/null
+++ b/package/expat/expat-2.0.1-CVE-2009-3560.patch
@@ -0,0 +1,14 @@
+http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560
+
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser,
+         return XML_ERROR_UNCLOSED_TOKEN;
+       case XML_TOK_PARTIAL_CHAR:
+         return XML_ERROR_PARTIAL_CHAR;
++      case -XML_TOK_PROLOG_S:
++        tok = -tok;
++        break;
+       case XML_TOK_NONE:
+ #ifdef XML_DTD
+         /* for internal PE NOT referenced between declarations */
author	Gustavo Zacarias <gustavo@zacarias.com.ar>
	Tue, 6 Mar 2012 12:10:43 +0000 (09:10 -0300)
committer	Peter Korsgaard <jacmet@sunsite.dk>
	Tue, 6 Mar 2012 15:11:34 +0000 (16:11 +0100)