summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-07-12 01:05:13 +0200
committerMarius Bakke <mbakke@fastmail.com>2019-07-12 01:05:13 +0200
commit60ccc1653a8ed040bbdfbc89f010614b0d9c4139 (patch)
tree2d39d547bfb17f358531dcbb6002b20e68501cc6
parentfb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd (diff)
downloadguix-60ccc1653a8ed040bbdfbc89f010614b0d9c4139.tar.gz
gnu: Remove expat/fixed.
The merge preceding this commit (fb9a23a3f3) ignored the replacement added in
5a836ce38c (gnu: expat: fix CVE-2018-20843), because the fix is already
present in Expat 2.2.7.  This commit removes the remaining bits.

* gnu/packages/patches/expat-CVE-2018-20843.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/xml.scm (expat/fixed): Remove variable.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/expat-CVE-2018-20843.patch21
-rw-r--r--gnu/packages/xml.scm8
3 files changed, 0 insertions, 30 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index b9575ad201..75cb7b62af 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -781,7 +781,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/evilwm-lost-focus-bug.patch		\
   %D%/packages/patches/exiv2-CVE-2017-14860.patch		\
   %D%/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch	\
-  %D%/packages/patches/expat-CVE-2018-20843.patch		\
   %D%/packages/patches/extundelete-e2fsprogs-1.44.patch		\
   %D%/packages/patches/fastcap-mulGlobal.patch			\
   %D%/packages/patches/fastcap-mulSetup.patch			\
diff --git a/gnu/packages/patches/expat-CVE-2018-20843.patch b/gnu/packages/patches/expat-CVE-2018-20843.patch
deleted file mode 100644
index 216fbe9667..0000000000
--- a/gnu/packages/patches/expat-CVE-2018-20843.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Fix extraction of namespace prefix from XML name.
-Fixes CVE-2018-20843
-
-This patch comes from upstream commit 11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
-https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
-
-CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
-
-diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
-index 30d55c5..737d7cd 100644
---- a/lib/xmlparse.c
-+++ b/lib/xmlparse.c
-@@ -6071,7 +6071,7 @@ setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE *elementType)
-       else
-         poolDiscard(&dtd->pool);
-       elementType->prefix = prefix;
--
-+      break;
-     }
-   }
-   return 1;
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index e708348006..78b9b713e5 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -88,14 +88,6 @@ stream-oriented parser in which an application registers handlers for
 things the parser might find in the XML document (like start tags).")
     (license license:expat)))
 
-(define expat/fixed
-  (package
-    (inherit expat)
-    (source
-     (origin
-       (inherit (package-source expat))
-       (patches (search-patches "expat-CVE-2018-20843.patch"))))))
-
 (define-public libebml
   (package
     (name "libebml")