diff options
| -rw-r--r-- | gnu/packages/patches/libxslt-CVE-2015-7995.patch | 29 | ||||
| -rw-r--r-- | gnu/packages/patches/libxslt-remove-date-timestamps.patch | 66 | ||||
| -rw-r--r-- | gnu/packages/xml.scm | 8 |
3 files changed, 3 insertions, 100 deletions
diff --git a/gnu/packages/patches/libxslt-CVE-2015-7995.patch b/gnu/packages/patches/libxslt-CVE-2015-7995.patch deleted file mode 100644 index f291d5b387..0000000000 --- a/gnu/packages/patches/libxslt-CVE-2015-7995.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard <veillard@redhat.com> -Date: Thu, 29 Oct 2015 19:33:23 +0800 -Subject: [PATCH] Fix for type confusion in preprocessing attributes - -CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 -We need to check that the parent node is an element before dereferencing -its namespace ---- - libxslt/preproc.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/libxslt/preproc.c b/libxslt/preproc.c -index 0eb80a0..7f69325 100644 ---- a/libxslt/preproc.c -+++ b/libxslt/preproc.c -@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { - } else if (IS_XSLT_NAME(inst, "attribute")) { - xmlNodePtr parent = inst->parent; - -- if ((parent == NULL) || (parent->ns == NULL) || -+ if ((parent == NULL) || -+ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || - ((parent->ns != inst->ns) && - (!xmlStrEqual(parent->ns->href, inst->ns->href))) || - (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { --- -2.6.3 - diff --git a/gnu/packages/patches/libxslt-remove-date-timestamps.patch b/gnu/packages/patches/libxslt-remove-date-timestamps.patch deleted file mode 100644 index 51470d0847..0000000000 --- a/gnu/packages/patches/libxslt-remove-date-timestamps.patch +++ /dev/null @@ -1,66 +0,0 @@ -Use deterministic SOURCE_DATE_EPOCH for embedded timestamps in generated documentation. - -Written by Eduard Sanou. - -https://bugzilla.gnome.org/show_bug.cgi?id=758148 - ---- libxslt-1.1.28.orig/libexslt/date.c -+++ libxslt-1.1.28/libexslt/date.c -@@ -46,6 +46,7 @@ - #include "exslt.h" - - #include <string.h> -+#include <errno.h> - - #ifdef HAVE_MATH_H - #include <math.h> -@@ -747,21 +748,46 @@ static exsltDateValPtr - exsltDateCurrent (void) - { - struct tm localTm, gmTm; -+ struct tm *tb = NULL; - time_t secs; - int local_s, gm_s; - exsltDateValPtr ret; -+ char *source_date_epoch; - - ret = exsltDateCreateDate(XS_DATETIME); - if (ret == NULL) - return NULL; - -- /* get current time */ - secs = time(NULL); -+ /* -+ * Allow the date and time to be set externally by an exported -+ * environment variable to enable reproducible builds. -+ */ -+ source_date_epoch = getenv("SOURCE_DATE_EPOCH"); -+ if (source_date_epoch) { -+ errno = 0; -+ secs = (time_t) strtol (source_date_epoch, NULL, 10); -+ if (errno == 0) { -+ tb = gmtime(&secs); -+ if (tb == NULL) { -+ /* SOURCE_DATE_EPOCH is not a valid date */ -+ return NULL; -+ } else { -+ localTm = *tb; -+ } -+ } else { -+ /* SOURCE_DATE_EPOCH is not a valid number */ -+ return NULL; -+ } -+ } else { -+ /* get current time */ - #if HAVE_LOCALTIME_R -- localtime_r(&secs, &localTm); -+ localtime_r(&secs, &localTm); - #else -- localTm = *localtime(&secs); -+ localTm = *localtime(&secs); - #endif -+ } -+ - - /* get real year, not years since 1900 */ - ret->value.date.year = localTm.tm_year + 1900; diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index e0d795b62f..e2d031dbd3 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -130,17 +130,15 @@ project (but it is usable outside of the Gnome platform).") (define-public libxslt (package (name "libxslt") - (version "1.1.28") + (version "1.1.29") (source (origin (method url-fetch) (uri (string-append "ftp://xmlsoft.org/libxslt/libxslt-" version ".tar.gz")) (sha256 (base32 - "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz")) - (patches (search-patches "libxslt-generated-ids.patch" - "libxslt-remove-date-timestamps.patch" - "libxslt-CVE-2015-7995.patch")))) + "1klh81xbm9ppzgqk339097i39b7fnpmlj8lzn8bpczl3aww6x5xm")) + (patches (search-patches "libxslt-generated-ids.patch")))) (build-system gnu-build-system) (home-page "http://xmlsoft.org/XSLT/index.html") (synopsis "C library for applying XSLT stylesheets to XML documents") |