From a23bfc9774201c5eeb6c2d981439d3202cb9c1df Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Tue, 26 Nov 2019 00:10:22 +0100 Subject: [PATCH] libxml2: update to 2.9.10 MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Heimpold (cherry picked from commit 10e867d0261a0e7d6a94a672104e7f25ae884eff) [remove no longer needed CVE-2019-19956 patch (fixed in libxml2 2.9.10)] Signed-off-by: Šimon Bořek --- libs/libxml2/Makefile | 6 ++--- libs/libxml2/patches/CVE-2019-19956.patch | 33 ----------------------- 2 files changed, 3 insertions(+), 36 deletions(-) delete mode 100644 libs/libxml2/patches/CVE-2019-19956.patch diff --git a/libs/libxml2/Makefile b/libs/libxml2/Makefile index ee9dfbefda..fb23685a28 100644 --- a/libs/libxml2/Makefile +++ b/libs/libxml2/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libxml2 -PKG_VERSION:=2.9.9 -PKG_RELEASE:=3 +PKG_VERSION:=2.9.10 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://xmlsoft.org/sources/ -PKG_HASH:=94fb70890143e3c6549f265cee93ec064c80a84c42ad0f23e85ee1fd6540a871 +PKG_HASH:=aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f PKG_LICENSE:=MIT PKG_LICENSE_FILES:=COPYING diff --git a/libs/libxml2/patches/CVE-2019-19956.patch b/libs/libxml2/patches/CVE-2019-19956.patch deleted file mode 100644 index bafc9a62a7..0000000000 --- a/libs/libxml2/patches/CVE-2019-19956.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 5a02583c7e683896d84878bd90641d8d9b0d0549 Mon Sep 17 00:00:00 2001 -From: Zhipeng Xie -Date: Wed, 7 Aug 2019 17:39:17 +0800 -Subject: [PATCH] Fix memory leak in xmlParseBalancedChunkMemoryRecover - -When doc is NULL, namespace created in xmlTreeEnsureXMLDecl -is bind to newDoc->oldNs, in this case, set newDoc->oldNs to -NULL and free newDoc will cause a memory leak. - -Found with libFuzzer. - -Closes #82. ---- - parser.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index 1ce1ccf14..26d9f4e3b 100644 ---- a/parser.c -+++ b/parser.c -@@ -13894,7 +13894,8 @@ xmlParseBalancedChunkMemoryRecover(xmlDocPtr doc, xmlSAXHandlerPtr sax, - xmlFreeParserCtxt(ctxt); - newDoc->intSubset = NULL; - newDoc->extSubset = NULL; -- newDoc->oldNs = NULL; -+ if(doc != NULL) -+ newDoc->oldNs = NULL; - xmlFreeDoc(newDoc); - - return(ret); --- -GitLab - -- 2.30.2