From bab26698457bbb26f8842c369477cdb1a02a4efd Mon Sep 17 00:00:00 2001 From: David Michael Date: Tue, 17 Jan 2017 11:55:09 -0800 Subject: [PATCH 1/4] bump(metadata/glsa): sync with upstream --- .../metadata/glsa/glsa-201010-01.xml | 12 +-- .../metadata/glsa/glsa-201206-15.xml | 10 +- .../metadata/glsa/glsa-201502-10.xml | 13 +-- .../metadata/glsa/glsa-201611-08.xml | 4 +- .../metadata/glsa/glsa-201701-33.xml | 91 +++++++++++++++++++ .../metadata/glsa/glsa-201701-34.xml | 50 ++++++++++ .../metadata/glsa/glsa-201701-35.xml | 74 +++++++++++++++ .../metadata/glsa/glsa-201701-36.xml | 65 +++++++++++++ .../metadata/glsa/glsa-201701-37.xml | 84 +++++++++++++++++ .../metadata/glsa/glsa-201701-38.xml | 69 ++++++++++++++ .../metadata/glsa/glsa-201701-39.xml | 49 ++++++++++ .../metadata/glsa/glsa-201701-40.xml | 53 +++++++++++ .../metadata/glsa/glsa-201701-41.xml | 48 ++++++++++ .../metadata/glsa/glsa-201701-42.xml | 58 ++++++++++++ .../metadata/glsa/timestamp.chk | 2 +- 15 files changed, 648 insertions(+), 34 deletions(-) create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-33.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-34.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-35.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-36.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-37.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-38.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-39.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-40.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-41.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-42.xml diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201010-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201010-01.xml index b692f80b3c..bd7bdae80a 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201010-01.xml +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201010-01.xml @@ -15,17 +15,7 @@ 1.4.3 - 1.2.46 - 1.2.47 - 1.2.49 - 1.2.50 - 1.2.51 - 1.2.52 - 1.2.53 - 1.2.54 - 1.2.55 - 1.2.56 - 1.2.57 + 1.2.46 1.4.3 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-15.xml index 083631f827..b8c3827a73 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-15.xml +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-15.xml @@ -17,15 +17,7 @@ 1.5.10 - 1.2.49 - 1.2.50 - 1.2.51 - 1.2.52 - 1.2.53 - 1.2.54 - 1.2.55 - 1.2.56 - 1.2.57 + 1.2.49 1.5.10 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-10.xml index b7b0800e4d..0ed4ed4a83 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-10.xml +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-10.xml @@ -14,17 +14,8 @@ 1.6.16 - 1.5.21 - 1.2.52 - 1.2.53 - 1.2.54 - 1.2.55 - 1.2.56 - 1.5.22 - 1.5.23 - 1.5.24 - 1.5.25 - 1.2.57 + 1.5.21 + 1.2.52 1.6.16 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-08.xml index 8718960983..ae2cd49faa 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-08.xml +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-08.xml @@ -14,8 +14,8 @@ remote - 1.2.56 - 1.5.26 + 1.2.56 + 1.5.26 1.6.21 1.6.21 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-33.xml new file mode 100644 index 0000000000..544b766798 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-33.xml @@ -0,0 +1,91 @@ + + + + PostgreSQL: Multiple vulnerabilities + Multiple vulnerabilities have been found in PostgreSQL, the worst + of which could result in execution of arbitrary code or privilege + escalation. + + postgres + January 12, 2017 + January 12, 2017: 4 + 562586 + 574456 + 602130 + remote + + + 9.5.4 + 9.4.9 + 9.3.14 + 9.2.18 + 9.1.23 + 9.5.4 + + + +

PostgreSQL is an open source object-relational database management + system. +

+ + +

Multiple vulnerabilities have been discovered in PostgreSQL. Please + review the CVE identifiers referenced below for details. +

+ + +

A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, or + escalate privileges. +

+ + +

There is no known workaround at this time.

+ + +

All PostgreSQL 9.5.x users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.4:9.5" + + +

All PostgreSQL 9.4.x users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">dev-db/postgresql-9.4.9:9.4" + + +

All PostgreSQL 9.3.x users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">dev-db/postgresql-9.3.14:9.3" + + +

All PostgreSQL 9.2.x users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">dev-db/postgresql-9.2.18:9.2" + + +

All PostgreSQL 9.1.x users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">dev-db/postgresql-9.1.23:9.1" + + + + CVE-2015-5288 + CVE-2015-5289 + CVE-2016-0766 + CVE-2016-0773 + CVE-2016-5423 + CVE-2016-5424 + + b-man + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-34.xml new file mode 100644 index 0000000000..022a03cc1c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-34.xml @@ -0,0 +1,50 @@ + + + + runC: Privilege escalation + A vulnerability in runC could lead to privilege escalation. + runc + January 12, 2017 + January 12, 2017: 1 + 605378 + remote + + + 1.0.0_rc2-r2 + 1.0.0_rc2-r2 + + + +

RunC is a CLI tool for spawning and running containers according to the + OCI specification. +

+ + +

A vulnerability was discovered in runC that allows additional container + processes via ‘runc exec’ to be ptraced by the pid 1 of the + container. This allows the main processes of the container, if running + as root, to gain access to file-descriptors of these new processes. +

+ + +

An attacker, who is able to successfully escape the container or modify + runC’s state before process initialization, could escalate privileges. +

+ + +

There is no known workaround at this time.

+ + +

All runC users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-emulation/runc-1.0.0_rc2-r2" + + + + CVE-2016-9962 + + b-man + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-35.xml new file mode 100644 index 0000000000..293cdc8a40 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-35.xml @@ -0,0 +1,74 @@ + + + + Mozilla SeaMonkey: Multiple vulnerabilities + Multiple vulnerabilities have been found in Mozilla SeaMonkey, the + worst of which could lead to the remote execution of arbitrary code. + + seamonkey + 2017-01-13 + 2017-01-13: 3 + 539242 + 541506 + 574968 + 604500 + remote + + + 2.46-r1 + 2.46-r1 + + + 2.46 + 2.46 + + + +

Mozilla SeaMonkey is a free and open-source Internet suite. It is the + continuation of the former Mozilla Application Suite, based on the same + source code. +

+ + +

Multiple vulnerabilities have been discovered in Mozilla SeaMonkey. + Please review the CVE identifiers referenced below for details. +

+ + +

A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, or obtain + sensitive information. +

+ + +

There is no known workaround at this time.

+ + +

All Mozilla SeaMonkey users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.46-r1" + + +

All Mozilla SeaMonkey-bin users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.46" + + + + CVE-2016-1521 + CVE-2016-1521 + CVE-2016-1522 + CVE-2016-1522 + CVE-2016-1523 + CVE-2016-1523 + CVE-2016-1526 + CVE-2016-1526 + CVE-2016-9079 + + b-man + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-36.xml new file mode 100644 index 0000000000..7b2749e1d5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-36.xml @@ -0,0 +1,65 @@ + + + + Apache: Multiple vulnerabilities + Multiple vulnerabilities have been found in Apache, the worst of + which could lead to a Denial of Service condition. + + apache + 2017-01-15 + 2017-01-17 + 529130 + 589226 + 601736 + 603130 + remote + + + 2.4.25 + 2.4.25 + + + +

The Apache HTTP server is one of the most popular web servers on the + Internet. +

+ + +

Multiple vulnerabilities have been discovered in Apache. Please review + the CVE identifiers, upstream Apache Software Foundation documentation, + and HTTPoxy website referenced below for details. +

+ + +

A remote attacker could cause a Denial of Service condition via multiple + vectors or response splitting and cache pollution. Additionally, an + attacker could intercept unsecured (HTTP) transmissions via the HTTPoxy + vulnerability. +

+ + +

There is no known workaround at this time.

+ + +

All Apache users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.25" + + + + Apache + Software Foundation Projects and "httpoxy" CERT VU #797896 + + CVE-2014-3583 + CVE-2016-0736 + CVE-2016-2161 + CVE-2016-5387 + CVE-2016-8740 + CVE-2016-8743 + HTTPoxy Website + + BlueKnight + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-37.xml new file mode 100644 index 0000000000..4d6574d9f4 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-37.xml @@ -0,0 +1,84 @@ + + + + libxml2: Multiple vulnerabilities + Multiple vulnerabilities have been found in libxml2, the worst of + which could lead to the execution of arbitrary code. + + libxml2 + 2017-01-16 + 2017-01-16: 01 + 564776 + 566374 + 572878 + 573820 + 577998 + 582538 + 582540 + 583888 + 589816 + 597112 + 597114 + 597116 + remote + + + 2.9.4-r1 + 2.9.4-r1 + + + +

libxml2 is the XML (eXtended Markup Language) C parser and toolkit + initially developed for the Gnome project. +

+ + +

Multiple vulnerabilities have been discovered in libxml2. Please review + the CVE identifiers referenced below for details. +

+ + +

A remote attacker could entice a user or automated system to process a + specially crafted XML document, possibly resulting in execution of + arbitrary code with the privileges of the process or a Denial of Service + condition. +

+ + +

There is no known workaround at this time.

+ + +

All libxml2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1" + + + + + CVE-2015-1819 + CVE-2015-5312 + CVE-2015-7497 + CVE-2015-7498 + CVE-2015-7499 + CVE-2015-7500 + CVE-2015-7941 + CVE-2015-7942 + CVE-2015-8035 + CVE-2015-8242 + CVE-2015-8806 + CVE-2016-1836 + CVE-2016-1838 + CVE-2016-1839 + CVE-2016-1840 + CVE-2016-2073 + CVE-2016-3627 + CVE-2016-3705 + CVE-2016-4483 + CVE-2016-4658 + CVE-2016-5131 + + b-man + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-38.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-38.xml new file mode 100644 index 0000000000..2e52d08533 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-38.xml @@ -0,0 +1,69 @@ + + + + Pidgin: Multiple vulnerabilities + Multiple vulnerabilities have been found in Pidgin, the worst of + which could lead to execution of arbitrary code. + + pidgin + 2017-01-17 + 2017-01-17: 01 + 586698 + remote + + + 2.11.0 + 2.11.0 + + + +

Pidgin is a client for a variety of instant messaging protocols.

+ + +

Multiple vulnerabilities have been discovered in Pidgin. Please review + the CVE identifiers referenced below for details. +

+ + +

A remote attacker might send specially crafted data using the MXit + protocol, possibly resulting in the remote execution of arbitrary code + with the privileges of the process, a Denial of Service condition, or in + leaking confidential information. +

+ + +

There is no known workaround at this time.

+ + +

All Pidgin users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.11.0" + + + + + CVE-2016-1000030 + + CVE-2016-2365 + CVE-2016-2366 + CVE-2016-2367 + CVE-2016-2368 + CVE-2016-2369 + CVE-2016-2370 + CVE-2016-2371 + CVE-2016-2372 + CVE-2016-2373 + CVE-2016-2374 + CVE-2016-2375 + CVE-2016-2376 + CVE-2016-2377 + CVE-2016-2378 + CVE-2016-2379 + CVE-2016-2380 + CVE-2016-4323 + + whissi + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-39.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-39.xml new file mode 100644 index 0000000000..83f18d0882 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-39.xml @@ -0,0 +1,49 @@ + + + + VLC: Buffer overflow + A buffer overflow in VLC might allow remote attackers to execute + arbitrary code. + + vlc + 2017-01-17 + 2017-01-17: 01 + 584510 + remote + + + 2.2.4 + 2.2.4 + + + +

VLC is a cross-platform media player and streaming server.

+ + +

A buffer overflow was discovered in the DecodeAdpcmImaQT function in + modules/codec/adpcm.c in the VideoLAN VLC media player. +

+ + +

Remote attackers, by enticing a user to execute a specially crafted + QuickTime IMA file, could cause a Denial of Service condition or possibly + execute arbitrary code. +

+ + +

There is no known workaround at this time.

+ + +

All VLC users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-video/vlc-2.2.4" + + + + CVE-2016-5108 + + whissi + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-40.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-40.xml new file mode 100644 index 0000000000..c02081bf4b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-40.xml @@ -0,0 +1,53 @@ + + + + xdelta: User-assisted execution of arbitrary code + A buffer overflow in xdelta might allow remote attackers to execute + arbitrary code. + + xdelta + 2017-01-17 + 2017-01-17: 01 + 574408 + remote + + + 3.0.10 + 3.0.10 + + + +

Xdelta is a C library and command-line tool for delta compression using + VCDIFF/RFC 3284 streams. +

+ + +

A buffer overflow can be triggered within xdelta when ran against a + malicious input file. +

+ + +

A remote attacker could coerce the victim to run xdelta against a + malicious input file. This may be leveraged by an attacker to crash + xdelta and gain control of program execution. +

+ + +

There is no known workaround at this time.

+ + +

All xdelta users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-util/xdelta-3.0.10" + + + + + CVE-2014-9765 + + + whissi + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-41.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-41.xml new file mode 100644 index 0000000000..906c448e7e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-41.xml @@ -0,0 +1,48 @@ + + + + MiniUPnPc: Buffer overflow + A buffer overflow in MiniUPnPc might allow remote attackers to + cause a Denial of Service condition. + + miniupnpc + 2017-01-17 + 2017-01-17: 01 + 512666 + remote + + + 1.9.20150427 + 1.9.20150427 + + + +

UPnP client library and a simple UPnP client.

+ + +

An out-of-bounds read was discovered in the getHTTPResponse function in + miniwget.c in MiniUPnPc. +

+ + +

Remote attackers, through specially crafted headers, could cause a + Denial of Service condition. +

+ + +

There is no known workaround at this time.

+ + +

All MiniUPnPc users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-libs/miniupnpc-1.9.20150427" + + + + CVE-2014-3985 + + whissi + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-42.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-42.xml new file mode 100644 index 0000000000..6251724186 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-42.xml @@ -0,0 +1,58 @@ + + + + file: Multiple vulnerabilities + Multiple vulnerabilities have been found in file, the worst of + which could allow remote attackers to execute arbitrary code. + + file + 2017-01-17 + 2017-01-17: 01 + 526544 + 538660 + 539106 + 579306 + remote + + + 5.23 + 5.23 + + + +

file is a utility that guesses a file format by scanning binary data for + patterns. +

+ + +

Multiple vulnerabilities have been discovered in file. Please review the + CVE identifiers referenced below for details. +

+ + +

A remote attacker could entice a user or automated system to process a + specially crafted input file, possibly resulting in execution of + arbitrary code with the privileges of the process, a Denial of Service + condition or have other unspecified impacts. +

+ + +

There is no known workaround at this time.

+ + +

All file users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/file-5.23" + + + + CVE-2014-3710 + CVE-2014-9652 + CVE-2014-9653 + CVE-2015-8865 + + whissi + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk index 486da2ff50..781b45073a 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Wed, 11 Jan 2017 22:43:24 +0000 +Tue, 17 Jan 2017 18:43:18 +0000 From b8e881c2b37f27f7c2494a14aadf095201a063e0 Mon Sep 17 00:00:00 2001 From: David Michael Date: Tue, 17 Jan 2017 12:30:24 -0800 Subject: [PATCH 2/4] bump(dev-libs/libxml2): sync with upstream --- .../portage-stable/dev-libs/libxml2/ChangeLog | 148 -- .../dev-libs/libxml2/ChangeLog-2015 | 1819 ----------------- .../portage-stable/dev-libs/libxml2/Manifest | 31 +- .../files/libxml2-2.7.1-catalog_path.patch | 16 +- .../files/libxml2-2.9.2-constant-memory.patch | 176 -- .../files/libxml2-2.9.2-cross-compile.patch | 17 - .../files/libxml2-2.9.2-cve-2015-7941-1.patch | 32 - .../files/libxml2-2.9.2-cve-2015-7941-2.patch | 49 - .../files/libxml2-2.9.2-cve-2015-8035.patch | 31 - .../files/libxml2-2.9.2-fix-lzma.patch | 114 -- .../files/libxml2-2.9.2-icu-pkgconfig.patch | 26 - .../libxml2-2.9.2-missing-entities.patch | 31 - ....9.2-overflow-conditional-sections-1.patch | 32 - ....9.2-overflow-conditional-sections-2.patch | 28 - .../files/libxml2-2.9.2-python-ABIFLAG.patch | 16 + ...-2.9.2-revert-missing-initialization.patch | 26 - .../libxml2-2.9.2-threads-declarations.patch | 48 - .../libxml2/files/libxml2-2.9.2-timsort.patch | 128 -- .../libxml2-2.9.2-unclosed-comments.patch | 65 - .../files/libxml2-2.9.4-CVE-2016-4658.patch | 249 +++ .../files/libxml2-2.9.4-CVE-2016-5131.patch | 174 ++ .../files/libxml2-2.9.4-nullptrderef.patch | 50 + .../files/libxml2-2.9.4-nullptrderef2.patch | 57 + ....9.2-r4.ebuild => libxml2-2.9.4-r1.ebuild} | 64 +- ...2-2.9.2-r1.ebuild => libxml2-2.9.4.ebuild} | 70 +- .../dev-libs/libxml2/metadata.xml | 5 +- .../md5-cache/dev-libs/libxml2-2.9.2-r1 | 13 - .../md5-cache/dev-libs/libxml2-2.9.2-r4 | 13 - .../metadata/md5-cache/dev-libs/libxml2-2.9.4 | 13 + .../md5-cache/dev-libs/libxml2-2.9.4-r1 | 13 + 30 files changed, 655 insertions(+), 2899 deletions(-) delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog-2015 delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-python-ABIFLAG.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-4658.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-5131.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-nullptrderef.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-nullptrderef2.patch rename sdk_container/src/third_party/portage-stable/dev-libs/libxml2/{libxml2-2.9.2-r4.ebuild => libxml2-2.9.4-r1.ebuild} (73%) rename sdk_container/src/third_party/portage-stable/dev-libs/libxml2/{libxml2-2.9.2-r1.ebuild => libxml2-2.9.4.ebuild} (74%) delete mode 100644 sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.2-r1 delete mode 100644 sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.2-r4 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog deleted file mode 100644 index 775eebfeac..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog +++ /dev/null @@ -1,148 +0,0 @@ -# ChangeLog for dev-libs/libxml2 -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# (auto-generated from git log) - -*libxml2-2.9.2-r1 (09 Aug 2015) - - 09 Aug 2015; Robin H. Johnson - +files/libxml2-2.7.1-catalog_path.patch, - +files/libxml2-2.8.0_rc1-winnt.patch, - +files/libxml2-2.9.2-constant-memory.patch, - +files/libxml2-2.9.2-cross-compile.patch, - +files/libxml2-2.9.2-icu-pkgconfig.patch, - +files/libxml2-2.9.2-missing-entities.patch, - +files/libxml2-2.9.2-revert-missing-initialization.patch, - +files/libxml2-2.9.2-threads-declarations.patch, - +files/libxml2-2.9.2-timsort.patch, +libxml2-2.9.2-r1.ebuild, +metadata.xml: - proj/gentoo: Initial commit - - This commit represents a new era for Gentoo: - Storing the gentoo-x86 tree in Git, as converted from CVS. - - This commit is the start of the NEW history. - Any historical data is intended to be grafted onto this point. - - Creation process: - 1. Take final CVS checkout snapshot - 2. Remove ALL ChangeLog* files - 3. Transform all Manifests to thin - 4. Remove empty Manifests - 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ - 5.1. Do not touch files with -kb/-ko keyword flags. - - Signed-off-by: Robin H. Johnson - X-Thanks: Alec Warner - did the GSoC 2006 migration - tests - X-Thanks: Robin H. Johnson - infra guy, herding this - project - X-Thanks: Nguyen Thai Ngoc Duy - Former Gentoo - developer, wrote Git features for the migration - X-Thanks: Brian Harring - wrote much python to improve - cvs2svn - X-Thanks: Rich Freeman - validation scripts - X-Thanks: Patrick Lauer - Gentoo dev, running new 2014 - work in migration - X-Thanks: Michał Górny - scripts, QA, nagging - X-Thanks: All of other Gentoo developers - many ideas and lots of paint on - the bikeshed - - 24 Aug 2015; Justin Lecher metadata.xml: - Use https by default - - Convert all URLs for sites supporting encrypted connections from http to - https - - Signed-off-by: Justin Lecher - - 24 Aug 2015; Mike Gilbert metadata.xml: - Revert DOCTYPE SYSTEM https changes in metadata.xml - - repoman does not yet accept the https version. - This partially reverts eaaface92ee81f30a6ac66fe7acbcc42c00dc450. - - Bug: https://bugs.gentoo.org/552720 - - 21 Oct 2015; Justin Lecher libxml2-2.9.2-r1.ebuild, - metadata.xml: - Add python3.5 support - - Package-Manager: portage-2.2.23 - Signed-off-by: Justin Lecher - - 31 Oct 2015; Mike Frysinger - +files/libxml2-2.9.2-disable-tests.patch, libxml2-2.9.2-r1.ebuild: - disable building of useless programs - - These aren't used during build or install, so disable them. - -*libxml2-2.9.2-r2 (09 Nov 2015) - - 09 Nov 2015; Gilles Dartiguelongue - +files/libxml2-2.9.2-cve-2015-7941-1.patch, - +files/libxml2-2.9.2-cve-2015-7941-2.patch, - +files/libxml2-2.9.2-cve-2015-8035.patch, - files/libxml2-2.9.2-disable-tests.patch, - +files/libxml2-2.9.2-fix-lzma.patch, - +files/libxml2-2.9.2-overflow-conditional-sections-1.patch, - +files/libxml2-2.9.2-overflow-conditional-sections-2.patch, - +files/libxml2-2.9.2-unclosed-comments.patch, +libxml2-2.9.2-r2.ebuild: - apply several security patches - - Security bugs: #560524, #564240 and #564776. - Also fix incorrect lzma support, bug #530386 and fix handling of - documentation and examples with USE=python, bug #533324. - - https://bugs.gentoo.org/show_bug.cgi?id=530386 - https://bugs.gentoo.org/show_bug.cgi?id=533324 - https://bugs.gentoo.org/show_bug.cgi?id=560524 - https://bugs.gentoo.org/show_bug.cgi?id=564240 - https://bugs.gentoo.org/show_bug.cgi?id=564776 - - Package-Manager: portage-2.2.23 - -*libxml2-2.9.2-r3 (09 Nov 2015) - - 09 Nov 2015; Gilles Dartiguelongue - -libxml2-2.9.2-r2.ebuild, +libxml2-2.9.2-r3.ebuild: - re-add missing call to eprefixify - - Package-Manager: portage-2.2.23 - -*libxml2-2.9.2-r4 (10 Nov 2015) - - 10 Nov 2015; Gilles Dartiguelongue - -libxml2-2.9.2-r3.ebuild, +libxml2-2.9.2-r4.ebuild: - fix python module installation, bug #565310 - - Package-Manager: portage-2.2.24 - - 11 Nov 2015; Agostino Sarubbo libxml2-2.9.2-r4.ebuild: - amd64 stable wrt bug #560524 - - Package-Manager: portage-2.2.20.1 - RepoMan-Options: --include-arches="amd64" - - 11 Nov 2015; Agostino Sarubbo libxml2-2.9.2-r4.ebuild: - x86 stable wrt bug #560524 - - Package-Manager: portage-2.2.20.1 - RepoMan-Options: --include-arches="x86" - - 12 Nov 2015; Jeroen Roovers libxml2-2.9.2-r4.ebuild: - Stable for PPC64 (bug #560524). - - Package-Manager: portage-2.2.24 - RepoMan-Options: --ignore-arches - - 12 Nov 2015; Jeroen Roovers libxml2-2.9.2-r4.ebuild: - Stable for HPPA (bug #560524). - - Package-Manager: portage-2.2.24 - RepoMan-Options: --ignore-arches - - 12 Nov 2015; Agostino Sarubbo libxml2-2.9.2-r4.ebuild: - ppc stable wrt bug #560524 - - Package-Manager: portage-2.2.20.1 - RepoMan-Options: --include-arches="ppc" - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog-2015 b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog-2015 deleted file mode 100644 index ddc6615a06..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/ChangeLog-2015 +++ /dev/null @@ -1,1819 +0,0 @@ -# ChangeLog for dev-libs/libxml2 -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/libxml2/ChangeLog,v 1.456 2015/06/05 08:16:42 vapier Exp $ - - 05 Jun 2015; Mike Frysinger libxml2-2.9.2-r1.ebuild: - Mark arm64/m68k/s390/sh stable. - - 27 May 2015; Alexandre Rostovtsev - -libxml2-2.9.2.ebuild: - Clean up vulnerable versions. - - 27 May 2015; Mikle Kolyada libxml2-2.9.2-r1.ebuild: - arm stable wrt bug #546720 - - 15 May 2015; Mike Frysinger - +files/libxml2-2.9.2-cross-compile.patch, libxml2-2.9.2-r1.ebuild: - Fix from Chromium OS for cross-compiling. - - 28 Apr 2015; Agostino Sarubbo libxml2-2.9.2-r1.ebuild: - Stable for alpha, wrt bug #546720 - - 26 Apr 2015; Mikle Kolyada libxml2-2.9.2-r1.ebuild: - ia64 stable wrt bug #546720 - - 26 Apr 2015; Pacho Ramos libxml2-2.9.2-r1.ebuild: - ppc stable wrt bug #546720 - - 24 Apr 2015; Mikle Kolyada libxml2-2.9.2-r1.ebuild: - sparc stable wrt bug #546720 - - 21 Apr 2015; Jeroen Roovers libxml2-2.9.2-r1.ebuild: - Stable for PPC64 (bug #546720). - - 21 Apr 2015; Jeroen Roovers libxml2-2.9.2-r1.ebuild: - Stable for HPPA (bug #546720). - - 20 Apr 2015; Agostino Sarubbo libxml2-2.9.2-r1.ebuild: - Stable for x86, wrt bug #546720 - - 20 Apr 2015; Agostino Sarubbo libxml2-2.9.2-r1.ebuild: - Stable for amd64, wrt bug #546720 - -*libxml2-2.9.2-r1 (19 Apr 2015) - - 19 Apr 2015; Alexandre Rostovtsev - +libxml2-2.9.2-r1.ebuild, +files/libxml2-2.9.2-constant-memory.patch, - +files/libxml2-2.9.2-missing-entities.patch, - +files/libxml2-2.9.2-threads-declarations.patch, - +files/libxml2-2.9.2-timsort.patch: - Add important patches from upstream, including a fix for a DoS vulnerability - (CVE-2015-1819, bug #546720, thanks to Agostino Sarubbo). - - 08 Apr 2015; Michał Górny libxml2-2.9.2.ebuild: - Drop old Python implementations - - 07 Mar 2015; Alexandre Rostovtsev - libxml2-2.9.2.ebuild: - python_parallel_foreach_impl is deprecated (bug #541886, thanks to Ilya - Gordeev). - - 19 Dec 2014; Pacho Ramos libxml2-2.9.2.ebuild: - amd64 stable, bug 529964 - - 18 Dec 2014; Pacho Ramos libxml2-2.9.2.ebuild: - x86 stable, bug 529964 - - 11 Dec 2014; Raúl Porcel libxml2-2.9.2.ebuild: - arm64/m68k/s390/sh stable - - 09 Dec 2014; Pacho Ramos - -files/libxml2-2.9.0-manual-python.patch, - -files/libxml2-2.9.0-thread-alloc.patch, - -files/libxml2-2.9.1-compression-detection.patch, - -files/libxml2-2.9.1-external-param-entities.patch, - -files/libxml2-2.9.1-icu-pkgconfig.patch, - -files/libxml2-2.9.1-missing-break.patch, - -files/libxml2-2.9.1-non-ascii-cr-lf.patch, - -files/libxml2-2.9.1-python-2.6.patch, -files/libxml2-2.9.1-python3.patch, - -files/libxml2-2.9.1-python3a.patch, - -files/libxml2-2.9.1-xmllint-postvalid.patch, -libxml2-2.9.1-r4.ebuild, - -libxml2-2.9.1-r5.ebuild: - Cleanup due to security bug #525656 - - 06 Dec 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for ia64, wrt bug #525656 - - 05 Dec 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for x86, wrt bug #525656 - - 03 Dec 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for ppc, wrt bug #525656 - - 02 Dec 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for alpha, wrt bug #525656 - - 01 Dec 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for sparc, wrt bug #525656 - - 29 Nov 2014; Markus Meier libxml2-2.9.2.ebuild: - arm stable, bug #525656 - - 29 Nov 2014; Agostino Sarubbo libxml2-2.9.2.ebuild: - Stable for ppc64, wrt bug #525656 - - 24 Nov 2014; Jeroen Roovers libxml2-2.9.2.ebuild: - Stable for HPPA (bug #525656). - - 23 Nov 2014; Mikle Kolyada libxml2-2.9.2.ebuild: - amd64 stable wrt bug #525656 - -*libxml2-2.9.2 (18 Oct 2014) - - 18 Oct 2014; Pacho Ramos - +files/libxml2-2.9.2-icu-pkgconfig.patch, - +files/libxml2-2.9.2-revert-missing-initialization.patch, - +libxml2-2.9.2.ebuild: - Version bump - -*libxml2-2.9.1-r5 (03 Sep 2014) - - 03 Sep 2014; Michał Górny +libxml2-2.9.1-r5.ebuild: - CHOST-ize xml2-config, for bug #518728. - - 24 Jun 2014; Mike Frysinger libxml2-2.9.1-r4.ebuild: - Mark arm64/m68k/s390/sh stable. - - 18 Jun 2014; Michał Górny libxml2-2.9.1-r4.ebuild: - Update dependencies to require guaranteed EAPI=5 or multilib ebuilds, bug - #513718. - - 18 Jun 2014; Alexandre Rostovtsev - -libxml2-2.9.1-r1.ebuild, -libxml2-2.9.1-r2.ebuild, -libxml2-2.9.1-r3.ebuild: - Punt old and vulnerable versions. - - 08 Jun 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for sparc, wrt bug #509834 - - 08 Jun 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for ppc, wrt bug #509834 - - 08 Jun 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for ppc64, wrt bug #509834 - - 08 Jun 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for ia64, wrt bug #509834 - - 25 May 2014; Markus Meier libxml2-2.9.1-r4.ebuild: - arm stable, bug #509834 - - 17 May 2014; Jeroen Roovers libxml2-2.9.1-r4.ebuild: - Stable for HPPA (bug #509834). - - 17 May 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for alpha, wrt bug #509834 - - 17 May 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for x86, wrt bug #509834 - - 17 May 2014; Agostino Sarubbo libxml2-2.9.1-r4.ebuild: - Stable for amd64, wrt bug #509834 - -*libxml2-2.9.1-r4 (17 May 2014) - - 17 May 2014; Alexandre Rostovtsev - +libxml2-2.9.1-r4.ebuild, +files/libxml2-2.9.1-xmllint-postvalid.patch: - Unbreak xmllint for docbook documents (bug #510508, thanks to Markos - Chandras). - - 15 May 2014; Markus Meier libxml2-2.9.1-r3.ebuild: - arm stable, bug #509834 - - 10 May 2014; Jeroen Roovers libxml2-2.9.1-r3.ebuild: - Stable for HPPA (bug #509834). - -*libxml2-2.9.1-r3 (08 May 2014) - - 08 May 2014; Alexandre Rostovtsev - +libxml2-2.9.1-r3.ebuild, +files/libxml2-2.9.1-external-param-entities.patch: - Fix denial of service vulnerability (CVE-2014-0191, bug #509834, thanks to - Agostino Sarubbo). Enable support for Python 3.4. Modernize python build as - suggested by Michał Górny. - - 28 Apr 2014; Michał Górny libxml2-2.9.1-r2.ebuild: - Replace multilib_build_binaries with multilib_is_native_abi. The two are - equivalent now, and the team has decided to use the old name as being less - confusing. - - 22 Feb 2014; Pacho Ramos libxml2-2.9.1-r2.ebuild: - Fix wrong commit, bug 502160 - - 18 Jan 2014; Mike Frysinger libxml2-2.9.1-r1.ebuild, - libxml2-2.9.1-r2.ebuild: - Add arm64 love. - - 18 Jan 2014; Mike Frysinger libxml2-2.9.1-r1.ebuild: - Mark m68k stable. - - 06 Jan 2014; Thomas Sachau (Tommy[D]) - libxml2-2.9.1-r2.ebuild: - Use multilib_build_binaries instead of multilib_is_native_abi, fixes build - failures of multilib-portage e.g. with 32bit mesa because of missing 32bit - python modules of libxml2 - - 03 Jan 2014; Alexandre Rostovtsev - libxml2-2.9.1-r2.ebuild: - Stylistic fix: make locals local, thanks to Arfrever for noticing. - -*libxml2-2.9.1-r2 (30 Dec 2013) - - 30 Dec 2013; Alexandre Rostovtsev - +libxml2-2.9.1-r2.ebuild, +files/libxml2-2.9.1-icu-pkgconfig.patch: - Add multilib support (bug #480404, thanks to David Heidelberger (okias) and - Alexis Ballier). - - 19 Oct 2013; Pacho Ramos - -files/libxml2-2.7.8-disable_static_modules.patch, - -files/libxml2-2.8.0-icu-linking.patch, - -files/libxml2-2.8.0-xmlParseAttValueComplex-underflow.patch, - -files/libxml2-2.9.0-disable_static_modules.patch, - -files/libxml2-2.9.0-excessive-entity-expansion.patch, - -files/libxml2-2.9.0-large-file-parse.patch, - -files/libxml2-2.9.0-nsclean.patch, -files/libxml2-2.9.0-rand_seed.patch, - -files/libxml2-2.9.0-streaming-validation.patch, - -files/libxml2-2.9.0-thread-portability.patch, -libxml2-2.8.0-r3.ebuild, - -libxml2-2.9.0-r2.ebuild, -libxml2-2.9.1.ebuild: - Drop old - - 05 Sep 2013; Michał Górny libxml2-2.9.0-r2.ebuild, - libxml2-2.9.1-r1.ebuild, libxml2-2.9.1.ebuild: - Clean up PYTHON_COMPAT from old implementations. - - 06 Aug 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for s390, wrt bug #476438 - - 21 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for sparc, wrt bug #476438 - - 21 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for sh, wrt bug #476438 - - 21 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for ia64, wrt bug #476438 - - 14 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for arm, wrt bug #476438 - - 14 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for alpha, wrt bug #476438 - - 13 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for ppc64, wrt bug #476438 - - 13 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for ppc, wrt bug #476438 - - 13 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for x86, wrt bug #476438 - - 13 Jul 2013; Jeroen Roovers libxml2-2.9.1-r1.ebuild: - Stable for HPPA (bug #476438). - - 12 Jul 2013; Agostino Sarubbo libxml2-2.9.1-r1.ebuild: - Stable for amd64, wrt bug #476438 - -*libxml2-2.9.1-r1 (12 Jul 2013) - - 12 Jul 2013; Alexandre Rostovtsev - +libxml2-2.9.1-r1.ebuild, +files/libxml2-2.9.1-python3a.patch: - Unbreak python2.5 and really fix python3 syntax in drv_libxml2.py (bug - #476586, thanks to Arfrever for the patch). - - 11 Jul 2013; Jeroen Roovers libxml2-2.9.1.ebuild: - Stable for HPPA (bug #476438). - - 11 Jul 2013; Alexandre Rostovtsev - libxml2-2.9.1.ebuild: - Accidentally inherited unneeded versionator eclass - -*libxml2-2.9.1 (11 Jul 2013) - - 11 Jul 2013; Alexandre Rostovtsev - libxml2-2.8.0-r3.ebuild, -libxml2-2.8.0-r4.ebuild, -libxml2-2.9.0-r1.ebuild, - +libxml2-2.9.1.ebuild, +files/libxml2-2.9.1-compression-detection.patch, - +files/libxml2-2.9.1-missing-break.patch, - +files/libxml2-2.9.1-non-ascii-cr-lf.patch, - +files/libxml2-2.9.1-python-2.6.patch, +files/libxml2-2.9.1-python3.patch: - Version bump. Fixes denial-of-service vulnerability (bug #476438, - CVE-2013-2877, thanks to Agostino Sarubbo). Drop old versions, except for - 2.8.0-r3 which for some reason was the only revision keyworded stable on - m68k. - - 09 Jun 2013; Mike Frysinger metadata.xml: - Add upstream CPE tag (security info) from ChromiumOS. - - 01 Mar 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for sh, wrt bug #458430 - - 26 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for s390, wrt bug #458430 - - 26 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for sparc, wrt bug #458430 - - 26 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for arm, wrt bug #458430 - - 26 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for ia64, wrt bug #458430 - - 26 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for alpha, wrt bug #458430 - - 25 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for ppc64, wrt bug #458430 - - 25 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for ppc, wrt bug #458430 - - 25 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for x86, wrt bug #458430 - - 25 Feb 2013; Agostino Sarubbo libxml2-2.9.0-r2.ebuild: - Stable for amd64, wrt bug #458430 - - 24 Feb 2013; Jeroen Roovers libxml2-2.9.0-r2.ebuild: - Stable for HPPA (bug #458430). - - 21 Feb 2013; Zac Medico libxml2-2.9.0-r2.ebuild: - Add ~arm-linux keyword. - -*libxml2-2.9.0-r2 (20 Feb 2013) - - 20 Feb 2013; Alexandre Rostovtsev - -libxml2-2.9.0.ebuild, +libxml2-2.9.0-r2.ebuild, - +files/libxml2-2.9.0-excessive-entity-expansion.patch: - Fix entity expansion DoS vulnerability (CVE-2013-1664, bug #458430, thanks to - Dirkjan Ochtman). Drop old. - -*libxml2-2.9.0-r1 (18 Dec 2012) -*libxml2-2.8.0-r4 (18 Dec 2012) - - 18 Dec 2012; Alexandre Rostovtsev - -libxml2-2.8.0-r2.ebuild, +libxml2-2.8.0-r4.ebuild, +libxml2-2.9.0-r1.ebuild, - +files/libxml2-2.9.0-manual-python.patch: - Update to EAPI5 and python-r1.eclass. Always install pre-built docs in a - devhelp-compatible location. Add a patch for cleaner multiple python ABI - support. - - 15 Dec 2012; Raúl Porcel libxml2-2.8.0-r3.ebuild: - alpha/ia64/m68k/s390/sh/sparc stable wrt #444836 - - 02 Dec 2012; Agostino Sarubbo libxml2-2.8.0-r3.ebuild: - Stable for ppc64, wrt bug #444836 - - 02 Dec 2012; Markus Meier libxml2-2.8.0-r3.ebuild: - arm stable, bug #444836 - - 29 Nov 2012; libxml2-2.8.0-r3.ebuild: - Stable for ppc, wrt bug #444836 - - 27 Nov 2012; Jeroen Roovers libxml2-2.8.0-r3.ebuild: - Stable for HPPA (bug #444836). - - 27 Nov 2012; Agostino Sarubbo libxml2-2.8.0-r3.ebuild: - Stable for x86, wrt bug #444836 - - 27 Nov 2012; Agostino Sarubbo libxml2-2.8.0-r3.ebuild: - Stable for amd64, wrt bug #444836 - -*libxml2-2.9.0 (27 Nov 2012) - - 27 Nov 2012; Alexandre Rostovtsev - +libxml2-2.9.0.ebuild, +files/libxml2-2.9.0-disable_static_modules.patch, - +files/libxml2-2.9.0-large-file-parse.patch, - +files/libxml2-2.9.0-nsclean.patch, +files/libxml2-2.9.0-rand_seed.patch, - +files/libxml2-2.9.0-streaming-validation.patch, - +files/libxml2-2.9.0-thread-alloc.patch, - +files/libxml2-2.9.0-thread-portability.patch: - Version bump featuring improved push parser and XPath evaluation (bug - #444290). Update to EAPI5, always install docs in a devhelp-compatible - location following current gnome team style guidelines, and run a more - complete test suite. - - 26 Nov 2012; Alexandre Rostovtsev - libxml2-2.8.0-r3.ebuild: - Comment typo - -*libxml2-2.8.0-r3 (26 Nov 2012) - - 26 Nov 2012; Alexandre Rostovtsev - +libxml2-2.8.0-r3.ebuild, - +files/libxml2-2.8.0-xmlParseAttValueComplex-underflow.patch: - Fix buffer underflow (bug #444836, CVE-2012-5134, thanks to Mike Gilbert). - - 22 Sep 2012; Pacho Ramos - -files/libxml2-2.8.0_rc1-randomization-threads.patch, - -libxml2-2.8.0-r1.ebuild, -libxml2-2.8.0_rc1.ebuild: - Drop old. - - 18 Sep 2012; Anthony G. Basile libxml2-2.8.0-r2.ebuild: - stable ppc, bug #434344 - - 17 Sep 2012; Anthony G. Basile libxml2-2.8.0-r2.ebuild: - stable ppc64, bug #434344 - - 15 Sep 2012; Raúl Porcel libxml2-2.8.0-r2.ebuild: - alpha/arm/ia64/s390/sh/sparc stable wrt #434344 - - 15 Sep 2012; Andreas Schuerch libxml2-2.8.0-r2.ebuild: - x86 stable, see bug 434344 - - 11 Sep 2012; Agostino Sarubbo libxml2-2.8.0-r2.ebuild: - Stable for amd64, wrt bug #434344 - - 10 Sep 2012; Jeroen Roovers libxml2-2.8.0-r2.ebuild: - Stable for HPPA (bug #434344). - -*libxml2-2.8.0-r2 (09 Sep 2012) - - 09 Sep 2012; Alexandre Rostovtsev - -files/libxml2-2.7.2-winnt.patch, -libxml2-2.7.8-r5.ebuild, - -files/libxml2-2.7.8-allocation-error-copying-entities.patch, - -files/libxml2-2.7.8-error-xpath.patch, - -files/libxml2-2.7.8-hardening-xpath.patch, - -files/libxml2-2.7.8-hash-randomization.patch, - -files/libxml2-2.7.8-reactivate-script.patch, - -files/libxml2-2.7.8-reallocation-failures.patch, - -files/libxml2-2.7.8-windows-thread_t.patch, - -files/libxml2-2.7.8-xpath-freeing.patch, - -files/libxml2-2.7.8-xpath-freeing2.patch, - -files/libxml2-2.7.8-xpath-memory.patch, +libxml2-2.8.0-r2.ebuild: - Add upstream patches to ensure special treatment for namespace nodes - (CVE-2012-2871, bug #434344, thanks to Paweł Hajdan, Jr. and Sean Amoss). - Drop old version. - - 04 Jun 2012; Alexandre Rostovtsev - libxml2-2.8.0-r1.ebuild, +files/libxml2-2.8.0-icu-linking.patch: - De-uglify fix for bug #417539 with an upstreamable patch, thanks to Rafał - Mużyło and Arfrever. - - 29 May 2012; Brent Baude libxml2-2.8.0_rc1.ebuild: - Marking libxml2-2.8.0_rc1 ppc64 for bug 416209 - - 27 May 2012; Jeroen Roovers libxml2-2.8.0-r1.ebuild: - Marked ~hppa (bug #417569). - - 26 May 2012; Raúl Porcel libxml2-2.8.0_rc1.ebuild: - alpha/ia64/m68k/s390/sh/sparc stable wrt #416209 - - 26 May 2012; Alexis Ballier libxml2-2.8.0-r1.ebuild: - keyword ~amd64-fbsd, bug #417569 - - 26 May 2012; Markus Meier libxml2-2.8.0_rc1.ebuild: - arm stable, bug #416209 - -*libxml2-2.8.0-r1 (26 May 2012) - - 26 May 2012; Alexandre Rostovtsev - -libxml2-2.8.0.ebuild, +libxml2-2.8.0-r1.ebuild: - Prevent libxml2's python module from linking to out-of-build-tree libxml2 - library by hacking the relink_command entry in its build-time .la file. Fixes - bug #417539 ("'LIBXML2_2.7.9' not found" errors). Forced to drop hppa and - amd64-fbsd keywords, bug #417569. Drop broken 2.8.0 ebuild. - -*libxml2-2.8.0 (25 May 2012) - - 25 May 2012; Alexandre Rostovtsev - libxml2-2.8.0_rc1.ebuild, +libxml2-2.8.0.ebuild: - Version bump to 2.8.0 final. Point rc1's SRC_URI at Gentoo mirrors since the - rc1 tarball is no longer available from upstream (bug #416209 comment #10). - - 22 May 2012; Jeroen Roovers libxml2-2.8.0_rc1.ebuild: - Stable for HPPA (bug #416209). - - 21 May 2012; Agostino Sarubbo libxml2-2.8.0_rc1.ebuild: - Stable for amd64, wrt bug #416209 - - 21 May 2012; Jeff Horelick libxml2-2.8.0_rc1.ebuild: - marked x86 per bug 416209 - - 21 May 2012; Brent Baude libxml2-2.8.0_rc1.ebuild: - Marking libxml2-2.8.0_rc1 ppc for bug 416209 - - 21 May 2012; Alexandre Rostovtsev - libxml2-2.8.0_rc1.ebuild: - Remove unnecessary definition, thanks to Arfrever for pointing out. - -*libxml2-2.8.0_rc1 (21 May 2012) - - 21 May 2012; Alexandre Rostovtsev - -libxml2-2.7.8-r4.ebuild, +libxml2-2.8.0_rc1.ebuild, - +files/libxml2-2.8.0_rc1-randomization-threads.patch, - +files/libxml2-2.8.0_rc1-winnt.patch: - Version bump with numerous bugfixes, including for bug #416209 (out-of-bounds - write, CVE-2011-3102, thanks to Paweł Hajdan, Jr.). Drop old. - - 26 Apr 2012; Alexis Ballier libxml2-2.7.8-r5.ebuild: - keyword ~amd64-fbsd - - 08 Mar 2012; Alexandre Rostovtsev - libxml2-2.7.8-r5.ebuild, +files/libxml2-2.7.8-windows-thread_t.patch: - Fix building against pthreads-win32 (bug #407371, thanks to Nathan Phillip - Brink (binki)). - - 03 Mar 2012; Raúl Porcel libxml2-2.7.8-r5.ebuild: - arm/ia64/m68k/s390/sh/sparc stable wrt #405261 - - 03 Mar 2012; Brent Baude libxml2-2.7.8-r5.ebuild: - Marking libxml2-2.7.8-r5 ppc64 for bug 405261 - - 02 Mar 2012; Tobias Klausmann libxml2-2.7.8-r5.ebuild: - Stable on alpha, bug #405261 - - 29 Feb 2012; Jeff Horelick libxml2-2.7.8-r5.ebuild: - marked x86 per security bug 405261 - - 28 Feb 2012; Brent Baude libxml2-2.7.8-r5.ebuild: - Marking libxml2-2.7.8-r5 ppc for bug 405261 - - 23 Feb 2012; Agostino Sarubbo libxml2-2.7.8-r5.ebuild: - Stable for AMD64, wrt security bug #405261 - - 23 Feb 2012; Jeroen Roovers libxml2-2.7.8-r5.ebuild: - Stable for HPPA (bug #405261). - -*libxml2-2.7.8-r5 (23 Feb 2012) - - 23 Feb 2012; Alexandre Rostovtsev - -libxml2-2.7.8-r1.ebuild, -libxml2-2.7.8-r2.ebuild, -libxml2-2.7.8-r3.ebuild, - +libxml2-2.7.8-r5.ebuild, +files/libxml2-2.7.8-hash-randomization.patch: - Add hashing randomization to prevent DoS vulnerability (CVE-2012-0841, bug - #405261, thanks to Michael Harrison for reporting). Drop old. - - 20 Feb 2012; Patrick Lauer libxml2-2.7.8-r1.ebuild, - libxml2-2.7.8-r2.ebuild, libxml2-2.7.8-r3.ebuild, libxml2-2.7.8-r4.ebuild: - Restricting pypy #403751 - - 16 Jan 2012; Jeroen Roovers libxml2-2.7.8-r4.ebuild: - Stable for HPPA (bug #398361). - - 14 Jan 2012; Raúl Porcel libxml2-2.7.8-r4.ebuild: - alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #398361 - - 12 Jan 2012; Pawel Hajdan jr libxml2-2.7.8-r4.ebuild: - x86 stable wrt bug #398361 - - 11 Jan 2012; Mark Loeser libxml2-2.7.8-r4.ebuild: - Stable for ppc/ppc64; bug #398361 - - 10 Jan 2012; Agostino Sarubbo libxml2-2.7.8-r4.ebuild: - Stable for AMD64, wrt security bug #398361 - -*libxml2-2.7.8-r4 (10 Jan 2012) - - 10 Jan 2012; Alexandre Rostovtsev - +libxml2-2.7.8-r4.ebuild, - +files/libxml2-2.7.8-allocation-error-copying-entities.patch: - Fix heap-based overflow in parsing long entity references (CVE-2011-3919, bug - #398361, thanks to Agostino Sarubbo for reporting). - - 30 Oct 2011; Raúl Porcel libxml2-2.7.8-r3.ebuild: - alpha/ia64/m68k/s390/sh/sparc stable wrt #385699 - - 28 Oct 2011; Markus Meier libxml2-2.7.8-r3.ebuild: - arm stable, bug #385699 - - 21 Oct 2011; Pawel Hajdan jr libxml2-2.7.8-r3.ebuild: - x86 stable wrt bug #385699 - - 20 Oct 2011; Tony Vroon libxml2-2.7.8-r3.ebuild: - Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & Ian - "idella4" Delaney in security bug #386985. - - 18 Oct 2011; Jeroen Roovers libxml2-2.7.8-r3.ebuild: - Stable for HPPA (bug #385699). - - 18 Oct 2011; Jeroen Roovers libxml2-2.7.8-r2.ebuild: - Stable for HPPA (bug #385699). - - 16 Oct 2011; Kacper Kowalik libxml2-2.7.8-r3.ebuild: - ppc/ppc64 stable wrt #386985 - -*libxml2-2.7.8-r3 (15 Oct 2011) - - 15 Oct 2011; Pacho Ramos -libxml2-2.7.8.ebuild, - +libxml2-2.7.8-r3.ebuild, +files/libxml2-2.7.8-error-xpath.patch, - +files/libxml2-2.7.8-hardening-xpath.patch: - Fix CVE-2011-{2821,2834}, bug #386985, thanks to Michael Harrison and Tim - Sammut. Remove old. - - 14 Oct 2011; Samuli Suominen libxml2-2.7.8-r2.ebuild: - amd64 stable wrt #385699 - -*libxml2-2.7.8-r2 (14 Aug 2011) - - 14 Aug 2011; Nirbheek Chauhan +libxml2-2.7.8-r2.ebuild: - USE=static-libs support, bug 378249 - - 03 Jul 2011; Kacper Kowalik libxml2-2.7.8-r1.ebuild: - ppc64 stable wrt #370715 - - 22 Jun 2011; Brent Baude libxml2-2.7.8-r1.ebuild: - Marking libxml2-2.7.8-r1 ppc for bug 370715 - - 19 Jun 2011; Raúl Porcel libxml2-2.7.8-r1.ebuild: - alpha/ia64/m68k/s390/sh/sparc stable wrt #370715 - - 14 Jun 2011; Markus Meier libxml2-2.7.8-r1.ebuild: - amd64/arm stable, bug #370715 - - 14 Jun 2011; Pawel Hajdan jr libxml2-2.7.8-r1.ebuild: - x86 stable wrt bug #370715 - - 14 Jun 2011; Jeroen Roovers libxml2-2.7.8-r1.ebuild: - Stable for HPPA (bug #370715). - -*libxml2-2.7.8-r1 (13 Jun 2011) - - 13 Jun 2011; Pacho Ramos -libxml2-2.7.7.ebuild, - +libxml2-2.7.8-r1.ebuild, +files/libxml2-2.7.8-reallocation-failures.patch: - Fix some potential problems on reallocation failures (CVE-2011-1944), bug - #370715 by Sylvia. Remove old. - - 26 Feb 2011; Arfrever Frehtes Taifersar Arahesis - libxml2-2.7.8.ebuild, +files/libxml2-2.7.8-disable_static_modules.patch: - Don't install .a files in Python site-packages directories. - - 19 Feb 2011; Fabian Groffen libxml2-2.7.8.ebuild: - Drop --with-zlib argument for Prefix, it's no longer necessary - - 16 Feb 2011; Kacper Kowalik libxml2-2.7.8.ebuild: - ppc/ppc64 stable wrt #345555 - - 14 Feb 2011; Jeroen Roovers libxml2-2.7.8.ebuild: - Stable for HPPA (bug #345555). - - 13 Feb 2011; Raúl Porcel libxml2-2.7.8.ebuild: - alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #345555 - - 13 Feb 2011; Markos Chandras libxml2-2.7.8.ebuild: - Stable on amd64 wrt bug #345555 - - 13 Feb 2011; Christian Faulhammer libxml2-2.7.8.ebuild: - stable x86, security bug 345555 - - 12 Feb 2011; Pacho Ramos - +files/libxml2-2.7.1-catalog_path.patch, +files/libxml2-2.7.2-winnt.patch, - libxml2-2.7.8.ebuild: - Apply fixes for PREFIX support (bug #317891), thanks a lot to Fabian Groffen - for the patch. - -*libxml2-2.7.8 (11 Feb 2011) - - 11 Feb 2011; Pacho Ramos -libxml2-2.7.6.ebuild, - +libxml2-2.7.8.ebuild, +files/libxml2-2.7.8-reactivate-script.patch, - +files/libxml2-2.7.8-xpath-freeing.patch, - +files/libxml2-2.7.8-xpath-freeing2.patch, - +files/libxml2-2.7.8-xpath-memory.patch: - Version bump including security fixes, bump to eapi3, remove old. - - 31 Dec 2010; Arfrever Frehtes Taifersar Arahesis - libxml2-2.7.7.ebuild: - Restrict Jython ABIs. - - 09 Aug 2010; Zac Medico libxml2-2.7.6.ebuild, - libxml2-2.7.7.ebuild: - Fix python dep so that if pyxml is pulled in, it pulls in python too - (without requiring python[xml] in this case). - - 09 Aug 2010; Zac Medico libxml2-2.7.6.ebuild, - libxml2-2.7.7.ebuild: - With USE=python, require either python[xml] or pyxml, in order to avoid - a "SAXReaderNotAvailable: No parsers found" exception raised from - xml.sax.make_parser(). This should solve stage3 libxml2 build failures. - - 30 May 2010; Raúl Porcel libxml2-2.7.7.ebuild: - alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #317819 - - 17 May 2010; Jeroen Roovers libxml2-2.7.7.ebuild: - Stable for HPPA (bug #317819). - - 14 May 2010; Robin H. Johnson libxml2-2.7.7.ebuild: - Fix so that the catalyst autobuilds can continue safely. If the Python - binary is not present in $ROOT, python_execute_function returns - successfully but silently, WITHOUT running the command (with disasterous - side-effects). - - 11 May 2010; Brent Baude libxml2-2.7.7.ebuild: - stable ppc64, bug 317819 - - 11 May 2010; Pawel Hajdan jr libxml2-2.7.7.ebuild: - x86 stable wrt bug #317819 - - 10 May 2010; nixnut libxml2-2.7.7.ebuild: - ppc stable #317819 - - 04 May 2010; libxml2-2.7.7.ebuild: - amd64 stable, thanks to Roeland Douma (bug #317819) - - 24 Apr 2010; Raúl Porcel libxml2-2.7.6.ebuild: - alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #309949 - - 11 Apr 2010; Pawel Hajdan jr libxml2-2.7.6.ebuild: - x86 stable wrt bug #309949 - - 06 Apr 2010; Gilles Dartiguelongue - -libxml2-2.7.4-r1.ebuild, -files/libxml2-2.7.4-parser-grow.patch, - libxml2-2.7.7.ebuild: - Enable multiple python ABI support, bug #312193. Clean up old revision. - - 24 Mar 2010; Brent Baude libxml2-2.7.6.ebuild: - stable ppc, bug 309949 - - 21 Mar 2010; Brent Baude libxml2-2.7.6.ebuild: - stable ppc64, bug 309949 - -*libxml2-2.7.7 (18 Mar 2010) - - 18 Mar 2010; Samuli Suominen +libxml2-2.7.7.ebuild: - Version bump wrt #309723. - - 18 Mar 2010; Markos Chandras libxml2-2.7.6.ebuild: - Stable on amd64 wrt bug #309949 - - 08 Mar 2010; Zac Medico libxml2-2.7.3-r2.ebuild, - libxml2-2.7.4-r1.ebuild, libxml2-2.7.6.ebuild: - Specify - +libxml2-2.7.6.ebuild: - Version bump, fixes Relax-NG validation problems. - - 08 Dec 2009; Gilles Dartiguelongue -libxml2-2.7.4.ebuild, - libxml2-2.7.4-r1.ebuild: - Make sure to remove unneeded /usr/share/doc directory, bug #295762 - -*libxml2-2.7.4-r1 (16 Sep 2009) - - 16 Sep 2009; Romain Perier - +libxml2-2.7.4-r1.ebuild, +files/libxml2-2.7.4-parser-grow.patch: - Fix inkscape extension loader problem per bug #285125, patch import from - upstream bug #595128, thanks to Andreas Proteus - for tests. - -*libxml2-2.7.4 (13 Sep 2009) - - 13 Sep 2009; Gilles Dartiguelongue -libxml2-2.7.3.ebuild, - -libxml2-2.7.3-r1.ebuild, +libxml2-2.7.4.ebuild: - Version bump, bug #284726. - - 30 Aug 2009; Brent Baude libxml2-2.7.3-r2.ebuild: - Marking libxml2-2.7.3-r2 ppc64 for bug 280617 - - 23 Aug 2009; nixnut libxml2-2.7.3-r2.ebuild: - ppc stable #280617 - - 14 Aug 2009; Markus Meier libxml2-2.7.3-r2.ebuild: - amd64 stable, bug #280617 - - 14 Aug 2009; Raúl Porcel libxml2-2.7.3-r2.ebuild: - alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #280617 - - 13 Aug 2009; Christian Faulhammer - libxml2-2.7.3-r2.ebuild: - stable x86, security bug 280617 - - 12 Aug 2009; Jeroen Roovers libxml2-2.7.3-r2.ebuild: - Stable for HPPA (bug #280617). - -*libxml2-2.7.3-r2 (11 Aug 2009) - - 11 Aug 2009; Gilles Dartiguelongue - +libxml2-2.7.3-r2.ebuild, - +files/libxml2-2.7.3-CVE-2009-2414-CVE-2009-2416.patch: - Version bump. Fix CVE 2009-2414 and CVE 2009-2416, bug #280617. - - 31 May 2009; Gilles Dartiguelongue - libxml2-2.7.3-r1.ebuild: - Do not install 3 different documentation directories, bug #248127. - -*libxml2-2.7.3-r1 (27 Apr 2009) - - 27 Apr 2009; Gilles Dartiguelongue - -files/libxml2-2.7.2-CVE-2008-422x.patch, - -files/libxml2-2.7.2-old-sax-parser-behaviour-option.patch, - -files/libxml2-2.7.2-xmlAddChildList-pointer.patch, - -files/libxml2-2.7.2-xmlTextWriterFullEndElement-indent.patch, - +files/libxml2-2.7.3-printf-rename.patch, -libxml2-2.7.2-r1.ebuild, - -libxml2-2.7.2-r2.ebuild, +libxml2-2.7.3-r1.ebuild: - Fix macro conflict with wxGTK, bug #266653 - - 12 Apr 2009; Friedrich Oslage ChangeLog: - Stable on sparc, bug #260063 - - 18 Mar 2009; Jeroen Roovers libxml2-2.7.3.ebuild: - Stable for HPPA (maybe bug #260063). - - 17 Mar 2009; Raúl Porcel libxml2-2.7.3.ebuild: - alpha/sparc stable - - 17 Mar 2009; Raúl Porcel libxml2-2.7.2-r2.ebuild, - libxml2-2.7.3.ebuild: - arm/ia64/m68k/s390/sh stable - - 15 Mar 2009; Markus Meier libxml2-2.7.3.ebuild: - x86 stable, bug #260063 - - 11 Mar 2009; Daniel Gryniewicz libxml2-2.7.3.ebuild: - Marked stable on amd64 - - 06 Mar 2009; Brent Baude libxml2-2.7.3.ebuild: - Marking libxml2-2.7.3 ppc stable for bug 260063 - - 05 Mar 2009; Brent Baude libxml2-2.7.3.ebuild: - Marking libxml2-2.7.3 ppc64 stable for bug 260063 - - 31 Jan 2009; Tiago Cunha libxml2-2.7.2-r2.ebuild: - stable sparc, bug 249703 - - 31 Jan 2009; Tobias Klausmann - libxml2-2.7.2-r2.ebuild: - Stable on alpha, bug #249703 - - 29 Jan 2009; Gilles Dartiguelongue - libxml2-2.7.2-r1.ebuild, libxml2-2.7.2-r2.ebuild, libxml2-2.7.3.ebuild: - Applying suggested changes in bug #251550 comment #9. - -*libxml2-2.7.3 (26 Jan 2009) - - 26 Jan 2009; Mart Raudsepp +libxml2-2.7.3.ebuild: - Version bump. - - 26 Jan 2009; Gilles Dartiguelongue - -files/libxml2-2.6.30-CVE-2007-6284.patch, - -files/libxml2-2.6.32-CVE-2008-422x.patch, -libxml2-2.6.30-r1.ebuild, - -libxml2-2.6.31.ebuild, -libxml2-2.6.32.ebuild, -libxml2-2.6.32-r1.ebuild, - -libxml2-2.7.1.ebuild, -libxml2-2.7.2.ebuild, libxml2-2.7.2-r1.ebuild, - libxml2-2.7.2-r2.ebuild: - Clean up old security flawed revisions. Make sure python bindings are - optimized, bug #251550. - - 25 Jan 2009; Markus Meier libxml2-2.7.2-r2.ebuild: - x86 stable, bug #249703 - - 24 Jan 2009; Tobias Scherbaum - libxml2-2.7.2-r2.ebuild: - ppc stable, bug #249703 - - 23 Jan 2009; Brent Baude libxml2-2.7.2-r2.ebuild: - Marking libxml2-2.7.2-r2 ppc64 for bug 249703 - - 20 Jan 2009; Tobias Heinlein - libxml2-2.7.2-r2.ebuild: - amd64 stable wrt security bug 249703 - - 20 Jan 2009; Jeroen Roovers libxml2-2.7.2-r2.ebuild: - Stable for HPPA (bug #249703). - -*libxml2-2.7.2-r2 (11 Jan 2009) - - 11 Jan 2009; Mart Raudsepp - +files/libxml2-2.7.2-old-sax-parser-behaviour-option.patch, - +files/libxml2-2.7.2-xmlAddChildList-pointer.patch, - +files/libxml2-2.7.2-xmlTextWriterFullEndElement-indent.patch, - +libxml2-2.7.2-r2.ebuild: - Add a patch to allow a fix for bug 249703 - xml_parse_into_struct php - function breakage. Also a few more patches from upstream while at it. - - 23 Dec 2008; Robin H. Johnson - +files/libxml2-2.6.32-CVE-2008-422x.patch, +libxml2-2.6.32-r1.ebuild: - Backport the security fix from bug #245960 because libxml2-2.7.x causes - massive PHP breakage per bug #249703. - - 07 Dec 2008; Mike Frysinger libxml2-2.6.30-r1.ebuild, - libxml2-2.6.31.ebuild, libxml2-2.6.32.ebuild, libxml2-2.7.1.ebuild, - libxml2-2.7.2.ebuild, libxml2-2.7.2-r1.ebuild: - Remove unused bootstrap/build from IUSE. - - 24 Nov 2008; Brent Baude libxml2-2.7.2-r1.ebuild: - Marking libxml2-2.7.2-r1 ppc64 for bug 245960 - - 20 Nov 2008; Raúl Porcel libxml2-2.7.2-r1.ebuild: - alpha/arm/ia64 stable wrt #245960 - - 19 Nov 2008; Markus Meier libxml2-2.7.2-r1.ebuild: - amd64/x86 stable, bug #245960 - - 18 Nov 2008; Tobias Scherbaum - libxml2-2.7.2-r1.ebuild: - ppc stable, bug #245960 - - 18 Nov 2008; Jeroen Roovers libxml2-2.7.2-r1.ebuild: - Stable for HPPA (bug #245960). - - 18 Nov 2008; Ferris McCormick libxml2-2.7.2-r1.ebuild: - Sparc stable --- Security Bug #245960 --- looks good, all tests pass. - -*libxml2-2.7.2-r1 (18 Nov 2008) - - 18 Nov 2008; Mart Raudsepp - +files/libxml2-2.7.2-CVE-2008-422x.patch, +libxml2-2.7.2-r1.ebuild: - Fix for CVE-2008-4225 - possible infinite loop. Fix for CVE-2008-4226 - - possible integer overflow leading to memory corruption and potential - arbitrary code execution with huge XML files. Bug 245960 - - 13 Nov 2008; Brent Baude libxml2-2.6.32.ebuild: - Marking libxml2-2.6.32 ppc64 stable for bug 236971 - - 13 Nov 2008; Brent Baude libxml2-2.6.32.ebuild: - Marking libxml2-2.6.32 ppc64 stable for bug 236971 - - 05 Oct 2008; Jeroen Roovers libxml2-2.7.2.ebuild: - Stable for HPPA (bug #239346). - - 04 Oct 2008; Brent Baude libxml2-2.7.2.ebuild: - Marking libxml2-2.7.2 ppc64 for bug 239346 - - 04 Oct 2008; Brent Baude ChangeLog: - Marking libxml2-2.7.2 ~ppc64 for bug 239346 - - 04 Oct 2008; Tobias Scherbaum - libxml2-2.7.2.ebuild: - ppc stable, bug #239346 - - 04 Oct 2008; Raúl Porcel libxml2-2.7.2.ebuild: - alpha/ia64 stable wrt #239346 - - 04 Oct 2008; Markus Meier libxml2-2.7.2.ebuild: - amd64/x86 stable, bug #239346 - - 03 Oct 2008; Friedrich Oslage libxml2-2.7.2.ebuild: - Stable on sparc, security bug #239346 - -*libxml2-2.7.2 (03 Oct 2008) - - 03 Oct 2008; Mart Raudsepp +libxml2-2.7.2.ebuild: - New version with a small amount of bug fixes, including a fix for a DoS - problem (infinite loop with growing memory usage) when there is an entity - in an entity definition; bug 239346 - - 01 Oct 2008; Tobias Scherbaum - libxml2-2.7.1.ebuild: - ppc stable, bug #234099 - - 28 Sep 2008; Markus Meier libxml2-2.7.1.ebuild: - amd64 stable, bug #234099 - - 27 Sep 2008; Raúl Porcel libxml2-2.7.1.ebuild: - alpha/ia64/x86 stable wrt #234099 - - 27 Sep 2008; Markus Rothe libxml2-2.7.1.ebuild: - Stable on ppc64; bug #234099 - - 25 Sep 2008; Ferris McCormick libxml2-2.7.1.ebuild: - Sparc stable --- Security Bug #234099 --- tests are all fine. - - 25 Sep 2008; Jeroen Roovers libxml2-2.7.1.ebuild: - Stable for HPPA (bug #234099). - - 25 Sep 2008; Jeroen Roovers libxml2-2.6.32.ebuild: - Stable for HPPA (bug #236971). - -*libxml2-2.7.1 (25 Sep 2008) - - 25 Sep 2008; Mart Raudsepp - -files/libxml2-2.6.32-CVE-2008-3281.patch, -libxml2-2.6.32-r1.ebuild, - +libxml2-2.7.1.ebuild: - Version bump. Includes ABI compatible fix for CVE-2008-3281, security fix - for CVE-2008-3529 - xmlParseAttValueComplex() heap-based buffer overflow, - and various bug fixes and new API. Addresses bugs 234099, 235529, 237413 - and 237806 - -*libxml2-2.6.32-r1 (22 Aug 2008) - - 22 Aug 2008; Mart Raudsepp - +files/libxml2-2.6.32-CVE-2008-3281.patch, +libxml2-2.6.32-r1.ebuild: - Security (denial of service) fix - possible recursive evaluation of - entities in xmlStringLenDecodeEntities() allowing possible memory and CPU - exhaustion (CVE-2008-3281) - - 12 Aug 2008; Raúl Porcel libxml2-2.6.32.ebuild: - alpha/ia64/sparc stable wrt #229709 - - 10 Aug 2008; Markus Meier libxml2-2.6.32.ebuild: - x86 stable, bug #229709 - - 30 Jul 2008; Brent Baude libxml2-2.6.32.ebuild: - Marking libxml2-2.6.32 ppc stable for bug 229709 - - 26 Jul 2008; Olivier Crête libxml2-2.6.32.ebuild: - Stable on amd64, bug #229709 - - 26 Jun 2008; Rémi Cardona libxml2-2.6.32.ebuild: - download the correct testsuite tarball, see bug #229421 - -*libxml2-2.6.32 (27 May 2008) - - 27 May 2008; Rémi Cardona +libxml2-2.6.32.ebuild: - bump to 2.6.32, mostly bugfixes, no major new features - - 13 Apr 2008; Kenneth Prugh libxml2-2.6.31.ebuild: - amd64 stable, bug #217398 - - 13 Apr 2008; Markus Rothe libxml2-2.6.31.ebuild: - Stable on ppc64; bug #217398 - - 12 Apr 2008; Raúl Porcel libxml2-2.6.31.ebuild: - alpha/ia64/sparc/x86 stable wrt #217398 - - 12 Apr 2008; Jeroen Roovers libxml2-2.6.31.ebuild: - Stable for HPPA (bug #217398). - - 12 Apr 2008; nixnut libxml2-2.6.31.ebuild: - Stable on ppc wrt bug 217398 - - 09 Mar 2008; Mart Raudsepp - -files/libxml2-2.6.27-tar_in_tests.patch, -libxml2-2.6.28.ebuild, - -libxml2-2.6.29.ebuild, -libxml2-2.6.30.ebuild: - Remove security vulnerable old versions - -*libxml2-2.6.31 (28 Feb 2008) - - 28 Feb 2008; Gilles Dartiguelongue - +libxml2-2.6.31.ebuild: - bump to 2.6.31 and add examples use flag per bug #111508 - - 08 Feb 2008; Chris Gianelloni - libxml2-2.6.30-r1.ebuild: - Since libxml2 will never get pulled into stage2, change the check to be more - accurate by checking ROOT, instead. Thanks to Andrew Gaffney - for pointing this out. - - 05 Feb 2008; Chris Gianelloni - libxml2-2.6.30-r1.ebuild: - Added some code to skip the catalog generation on stage1/stage2, since we - won't necessarily have xmlcatalog in the seed stage and libxml2 wouldn't get - rebuilt until stage3, ending up with an empty catalog. This fixes bug - #208887. - - 11 Jan 2008; Saleem Abdulrasool - libxml2-2.6.28.ebuild, libxml2-2.6.29.ebuild: - Fix a few quoting issues - - 11 Jan 2008; Saleem Abdulrasool Manifest: - Fix digest - -*libxml2-2.6.30-r1 (11 Jan 2008) - - 11 Jan 2008; Daniel Gryniewicz - +files/libxml2-2.6.30-CVE-2007-6284.patch, +libxml2-2.6.30-r1.ebuild: - Fix CVE-2007-6284 - bug #202628 - - 27 Nov 2007; Jeroen Roovers libxml2-2.6.30.ebuild: - Stable for HPPA (bug #199322). - - 20 Nov 2007; Markus Rothe libxml2-2.6.30.ebuild: - Stable on ppc64; bug #199322 - - 19 Nov 2007; Joshua Kinard libxml2-2.6.30.ebuild: - Stable on mips, per #199322. - - 17 Nov 2007; Raúl Porcel libxml2-2.6.30.ebuild: - alpha/ia64/sparc stable wrt #199322 - - 17 Nov 2007; nixnut libxml2-2.6.30.ebuild: - Stable on ppc wrt bug 199322 - - 17 Nov 2007; Dawid Węgliński libxml2-2.6.30.ebuild: - Stable on x86 (bug #199322) - - 16 Nov 2007; Samuli Suominen libxml2-2.6.30.ebuild: - amd64 stable wrt #199322 - -*libxml2-2.6.30 (11 Sep 2007) - - 11 Sep 2007; Leonardo Boshell - +libxml2-2.6.30.ebuild: - New bug-fix release. - -*libxml2-2.6.29 (24 Jul 2007) - - 24 Jul 2007; Daniel Gryniewicz +libxml2-2.6.29.ebuild: - Bump to 2.6.29 - - Portability: patches from Andreas Stricke for WinCEi, - fix compilation warnings (William Brack), avoid warnings on Apple OS/X - (Wendy Doyle and Mark Rowe), Windows compilation and threading - improvements (Rob Richards), compilation against old Python versions, - new GNU tar changes (Ryan Hill) - - Documentation: xmlURIUnescapeString comment, - - Bugfixes: xmlBufferAdd problem (Richard Jones), 'make valgrind' - flag fix (Richard Jones), regexp interpretation of \, - htmlCreateDocParserCtxt (Jean-Daniel Dupas), configure.in - typo (Bjorn Reese), entity content failure, xmlListAppend() fix - (Georges-André Silber), XPath number serialization (William Brack), - nanohttp gzipped stream fix (William Brack and Alex Cornejo), - xmlCharEncFirstLine typo (Mark Rowe), uri bug (François Delyon), - XPath string value of PI nodes (William Brack), XPath node set - sorting bugs (William Brack), avoid outputting namespace decl - dups in the writer (Rob Richards), xmlCtxtReset bug, UTF-8 encoding - error handling, recustion on next in catalogs, fix a Relax-NG crash, - workaround wrong file: URIs, htmlNodeDumpFormatOutput on attributes, - invalid character in attribute detection bug, big comments before - internal subset streaming bug, HTML parsing of attributes with : in - the name - - Improvement: keep URI query parts in raw form (Richard Jones), - embed tag support in HTML (Michael Day) - - 02 Jun 2007; Brent Baude libxml2-2.6.28.ebuild: - Marking libxml2-2.6.28 ppc stable for bug #171107 - - 31 May 2007; Jeroen Roovers libxml2-2.6.28.ebuild: - Stable for HPPA (bug #171107). - - 31 May 2007; Daniel Gryniewicz libxml2-2.6.28.ebuild: - Marked stable on amd64 for bug #171107 - - 31 May 2007; Brent Baude libxml2-2.6.28.ebuild: - Marking libxml2-2.6.28 ppc64 stable for bug #171107 - - 30 May 2007; Raúl Porcel libxml2-2.6.28.ebuild: - alpha/ia64 stable wrt #171107 - - 29 May 2007; Andrej Kacian libxml2-2.6.28.ebuild: - Stable on x86, bug #171107. - - 29 May 2007; Gustavo Zacarias libxml2-2.6.28.ebuild: - Stable on sparc wrt #171107 - - 27 May 2007; Joshua Kinard libxml2-2.6.28.ebuild: - Stable on mips. - - 21 May 2007; -libxml2-2.6.26.ebuild: - Remove old - - 21 May 2007; Raúl Porcel libxml2-2.6.27.ebuild: - alpha stable wrt #164978 - - 12 May 2007; Joshua Kinard libxml2-2.6.27.ebuild: - Stable on mips. - -*libxml2-2.6.28 (23 Apr 2007) - - 23 Apr 2007; Daniel Gryniewicz +libxml2-2.6.28.ebuild: - Bump to 2.6.28 - - 04 Feb 2007; Jeroen Roovers libxml2-2.6.27.ebuild: - Stable for HPPA (bug #164978). - - 04 Feb 2007; Markus Rothe libxml2-2.6.27.ebuild: - Stable on ppc64; bug #164978 - - 03 Feb 2007; Andrej Kacian libxml2-2.6.27.ebuild: - Stable on x86, bug #164978. - - 03 Feb 2007; Tobias Scherbaum - libxml2-2.6.27.ebuild: - Stable on ppc wrt bug #164978. - - 03 Feb 2007; Olivier Crête libxml2-2.6.27.ebuild: - Stable on amd64 per bug #164978 - - 02 Feb 2007; Gustavo Zacarias libxml2-2.6.27.ebuild: - Stable on sparc wrt #164978 - - 18 Dec 2006; Leonardo Boshell - +files/libxml2-2.6.27-tar_in_tests.patch, libxml2-2.6.27.ebuild: - Added patch from Ryan Hill to fix some calls to 'tar' when running tests, - (bug #158386). - -*libxml2-2.6.27 (14 Dec 2006) - - 14 Dec 2006; Leonardo Boshell - +libxml2-2.6.27.ebuild: - New release. - - 27 Oct 2006; Fabian Groffen libxml2-2.6.23.ebuild, - libxml2-2.6.23-r1.ebuild, libxml2-2.6.24.ebuild, libxml2-2.6.26.ebuild: - Dropped ppc-macos keyword, see you in prefix. - - 17 Oct 2006; Roy Marples libxml2-2.6.26.ebuild: - Added ~sparc-fbsd keyword. - - 12 Oct 2006; Fernando J. Pereda libxml2-2.6.26.ebuild: - Stable on alpha - - 03 Sep 2006; Joshua Kinard libxml2-2.6.26.ebuild: - Marked stable on mips. - - 16 Aug 2006; Markus Rothe libxml2-2.6.26.ebuild: - Stable on ppc64 - - 17 Jul 2006; Daniel Gryniewicz libxml2-2.6.26.ebuild: - Marked stable on amd64 for bug #139612 - - 16 Jul 2006; Tobias Scherbaum - libxml2-2.6.26.ebuild: - hppa stable, bug #139612 - - 14 Jul 2006; Tobias Scherbaum - libxml2-2.6.26.ebuild: - ppc stable, bug #139612 - - 13 Jul 2006; Aron Griffis libxml2-2.6.26.ebuild: - Mark 2.6.26 stable on ia64 - - 12 Jul 2006; Chris Gianelloni libxml2-2.6.26.ebuild: - Stable on x86 wrt bug #139612. - - 10 Jul 2006; Gustavo Zacarias libxml2-2.6.26.ebuild: - Stable on sparc wrt #139612 - -*libxml2-2.6.26 (22 Jun 2006) - - 22 Jun 2006; Leonardo Boshell - +libxml2-2.6.26.ebuild: - New release. - -*libxml2-2.6.24 (17 May 2006) - - 17 May 2006; Leonardo Boshell - +files/libxml2-2.6.24-pythondir_fix.patch, +libxml2-2.6.24.ebuild: - New release. - - 30 Mar 2006; Diego Pettenò - libxml2-2.6.23-r1.ebuild: - Add ~x86-fbsd keyword. - - 20 Feb 2006; Joshua Kinard libxml2-2.6.23.ebuild: - Marked stable on mips. - - 04 Feb 2006; Aron Griffis libxml2-2.6.23.ebuild: - Mark 2.6.23 stable on alpha - - 31 Jan 2006; Kevin F. Quinn - libxml2-2.6.23-r1.ebuild: - fix stupid error - mv from distfiles is daft - fixed to cp - -*libxml2-2.6.23-r1 (30 Jan 2006) - - 30 Jan 2006; Kevin F. Quinn libxml2-2.6.23.ebuild, - +libxml2-2.6.23-r1.ebuild: - Add test tarballs to SRC_URI and unpack them - conditional on USE=test - Resolves bug #105170 - - 22 Jan 2006; Markus Rothe libxml2-2.6.23.ebuild: - Stable on ppc64 - - 22 Jan 2006; libxml2-2.6.23.ebuild: - Marked stable on amd64 per bug #119634 - - 22 Jan 2006; Tobias Scherbaum - libxml2-2.6.23.ebuild: - Marked ppc stable for bug #119634; Stabilize Gnome-2.12.2 - - 22 Jan 2006; Joshua Jackson libxml2-2.6.23.ebuild: - Stable on x86 for bug #119634; Stabilize Gnome-2.12.2 - - 20 Jan 2006; Gustavo Zacarias libxml2-2.6.23.ebuild: - Stable on sparc wrt #119634 - -*libxml2-2.6.23 (12 Jan 2006) - - 12 Jan 2006; Leonardo Boshell - +libxml2-2.6.23.ebuild: - Version bump. Dropped 'static' flag. - - 30 Nov 2005; Tom Gall libxml2-2.6.22.ebuild: - stable on ppc64 - - 11 Nov 2005; Michael Hanselmann libxml2-2.6.22.ebuild: - Stable on hppa, ppc. - - 06 Nov 2005; MATSUU Takuto libxml2-2.6.22.ebuild: - Stable on sh. - - 03 Nov 2005; Seemant Kulleen libxml2-2.6.22.ebuild: - stable on amd64 - - 02 Nov 2005; Gustavo Zacarias libxml2-2.6.22.ebuild: - Stable on sparc - - 01 Nov 2005; John N. Laliberte - libxml2-2.6.22.ebuild: - stable on x86 - -*libxml2-2.6.22 (14 Sep 2005) - - 14 Sep 2005; Leonardo Boshell - +libxml2-2.6.22.ebuild: - New version. - - 12 Sep 2005; Michael Hanselmann - libxml2-2.6.20-r2.ebuild: - Stable on ppc. - -*libxml2-2.6.21-r1 (12 Sep 2005) - - 12 Sep 2005; Leonardo Boshell - -libxml2-2.6.21.ebuild, +libxml2-2.6.21-r1.ebuild: - Don't pass --with-mem-debug, as it causes segmentation faults in programs - using the library (bug #105120). - - 10 Sep 2005; Aron Griffis libxml2-2.6.20-r2.ebuild: - Mark 2.6.20-r2 stable on alpha - - 07 Sep 2005; Aron Griffis libxml2-2.6.20-r2.ebuild: - Mark 2.6.20-r2 stable on ia64 - - 07 Sep 2005; Aaron Walker libxml2-2.6.20-r2.ebuild: - Stable on mips. - -*libxml2-2.6.21 (06 Sep 2005) - - 06 Sep 2005; Leonardo Boshell - +libxml2-2.6.21.ebuild: - New version. Re-added 'debug' USE flag for other switches. Apply the - 'readline' flag to --with-history switch. - - 06 Sep 2005; Markus Rothe libxml2-2.6.20-r2.ebuild: - Stable on ppc64 - - 05 Sep 2005; Gustavo Zacarias - libxml2-2.6.20-r2.ebuild: - Stable on sparc - - 05 Sep 2005; Leonardo Boshell - libxml2-2.6.20-r2.ebuild: - Stable on x86. - -*libxml2-2.6.20-r2 (03 Aug 2005) - - 03 Aug 2005; Leonardo Boshell - libxml2-2.6.20-r2.ebuild: - Drop the 'debug' USE flag. Its meaning doesn't really relate to the effect - of the switch --with-debug in libxml2, and some packages rely on the - debugging module, see bug #100898). Added 'static' USE flag. - - 31 Jul 2005; Tobias Scherbaum - libxml2-2.6.19.ebuild: - ppc stable - -*libxml2-2.6.20-r1 (29 Jul 2005) - - 29 Jul 2005; John N. Laliberte - -libxml2-2.6.20.ebuild, +libxml2-2.6.20-r1.ebuild: - add doc and debug useflags. thanks to Flameeyes, fixes #60049 - - 14 Jul 2005; Martin Schlemmer libxml2-2.6.20.ebuild: - Fix post install to use $ROOT. - -*libxml2-2.6.20 (13 Jul 2005) - - 13 Jul 2005; Aaron Walker +libxml2-2.6.20.ebuild: - Version bump. - - 11 Jul 2005; Stephen P. Becker libxml2-2.6.19.ebuild: - stable on mips - - 07 Jul 2005; Markus Rothe libxml2-2.6.19.ebuild: - Stable on ppc64 - - 06 Jul 2005; Rene Nussbaumer libxml2-2.6.19.ebuild: - Stable on hppa. - - 27 Jun 2005; Gustavo Zacarias libxml2-2.6.19.ebuild: - Stable on sparc - - 27 Jun 2005; Aron Griffis libxml2-2.6.19.ebuild: - Stable on alpha amd64 ia64 x86 - - 14 Jun 2005; Fernando J. Pereda libxml2-2.6.17.ebuild: - Stable on alpha - - 25 May 2005; Markus Rothe libxml2-2.6.17.ebuild: - Stable on ppc64 - - 08 May 2005; Marcus D. Hanwell libxml2-2.6.17.ebuild: - Stable on amd64. - - 25 Apr 2005; Gustavo Zacarias libxml2-2.6.17.ebuild: - Stable on sparc - - 26 Apr 2005; Mike Gardiner libxml2-2.6.17.ebuild: - Keyworded x86 ppc - -*libxml2-2.6.19 (23 Apr 2005) - - 23 Apr 2005; Martin Schlemmer +libxml2-2.6.19.ebuild: - Update version (mainly for gcc4 support). - - 21 Apr 2005; Kito libxml2-2.6.18.ebuild: - ~ppc-macos keyword - - 08 Apr 2005; Markus Rothe libxml2-2.6.16.ebuild: - Stable on ppc64 - - 01 Apr 2005; Simon Stelling libxml2-2.6.16.ebuild: - stable on amd64 - - 26 Mar 2005; Danny van Dyk libxml2-2.6.18.ebuild: - Fixed BUG #86766 (multilib-strict). - -*libxml2-2.6.18 (20 Mar 2005) - - 20 Mar 2005; Joe McCann +libxml2-2.6.18.ebuild: - new version - - 09 Mar 2005; Mike Gardiner libxml2-2.6.16.ebuild: - Keyworded ppc - - 07 Feb 2005; Bryan Østergaard libxml2-2.6.16.ebuild: - Stable on alpha. - - 06 Feb 2005; Joshua Kinard libxml2-2.6.16.ebuild: - Marked stable on mips. - - 26 Jan 2005; Gustavo Zacarias libxml2-2.6.16.ebuild: - Stable on sparc - -*libxml2-2.6.17 (25 Jan 2005) - - 25 Jan 2005; Mike Gardiner libxml2-2.6.16.ebuild, - +libxml2-2.6.17.ebuild: - New version, see bugs #79290 and #66696, marked 2.6.16 stable on x86 - - 03 Jan 2005; Joe McCann - +files/libxml2-2.6.16-xlattable.patch, libxml2-2.6.16.ebuild: - Patch to fix undefined var, bug #76447 - -*libxml2-2.6.16 (11 Dec 2004) - - 11 Dec 2004; Mike Gardiner +libxml2-2.6.16.ebuild: - New version - - 30 Nov 2004; Guy Martin libxml2-2.6.15-r1.ebuild: - Stable on hppa since bug with binutils is fixed. - - 01 Nov 2004; Markus Rothe - - libxml2-2.6.15-r1.ebuild: - Marked stable on ppc64. Bug #69154 - - 01 Nov 2004; Joshua Kinard libxml2-2.6.15-r1.ebuild: - Marked stable on mips. - - 31 Oct 2004; Bryan Østergaard - libxml2-2.6.15-r1.ebuild: - Stable on alpha, bug 69154. - - 30 Oct 2004; Michael Hanselmann - libxml2-2.6.15-r1.ebuild: - Stable on ppc. - - 30 Oct 2004; Gustavo Zacarias - libxml2-2.6.15-r1.ebuild: - Stable on sparc wrt #69154 - - 30 Oct 2004; Simon Stelling libxml2-2.6.15-r1.ebuild: - stable on amd64 for security reasons (bug #69154) - -*libxml2-2.6.15-r1 (30 Oct 2004) - - 30 Oct 2004; foser libxml2-2.6.15-r1.ebuild : - Add patch to fix scrollkeeper crash - -*libxml2-2.6.15 (30 Oct 2004) - - 30 Oct 2004; foser libxml2-2.6.15.ebuild : - New release, fixes security issues (#69154) - - 19 Sep 2004; Joshua Kinard libxml2-2.6.11.ebuild: - Marked stable on mips. - - 27 Aug 2004; Mike Frysinger libxml2-2.6.11.ebuild, - libxml2-2.6.12.ebuild: - Newer versions of libxml2 bomb with binutils on hppa for some reason ... - -*libxml2-2.6.12 (23 Aug 2004) - - 23 Aug 2004; Mike Gardiner +libxml2-2.6.12.ebuild: - New version 2.6.12 - - 18 Aug 2004; Aron Griffis libxml2-2.6.11.ebuild: - stable on alpha and ia64 - - 07 Aug 2004; Travis Tilley libxml2-2.6.11.ebuild: - stable on amd64 - - 05 Aug 2004; Gustavo Zacarias libxml2-2.6.11.ebuild: - Stable on sparc - - 31 Jul 2004; libxml2-2.6.11.ebuild: - stable on x86 for gnome 2.6.2 - - 27 Jul 2004; libxml2-2.6.11.ebuild, libxml2-2.6.6.ebuild, - libxml2-2.6.7.ebuild, libxml2-2.6.9.ebuild: - use gnuconfig_update, needed for uclibc and probably others likes mips/mips64 - etc.. - -*libxml2-2.6.11 (13 Jul 2004) - - 13 Jul 2004; Mike Gardiner +libxml2-2.6.11.ebuild: - New version, as requested in bug #56875 - - 23 Jun 2004; Aron Griffis libxml2-2.6.7.ebuild: - Stable on alpha and ia64 - - 19 Jun 2004; Tom Gall libxml2-2.6.9.ebuild: - stable on ppc64, bug #54140 - - 13 May 2004; Stephen P. Becker libxml2-2.6.7.ebuild: - Stable on mips. - - 02 May 2004; Michael McCabe libxml2-2.6.9.ebuild: - Added s390 keywords - - 27 Apr 2004; Gustavo Zacarias libxml2-2.6.7.ebuild: - Stable on sparc - -*libxml2-2.6.9 (25 Apr 2004) - - 25 Apr 2004; foser libxml2-2.6.9.ebuild : - New release - -*libxml2-2.6.7 (07 Mar 2004) - - 07 Mar 2004; foser libxml2-2.6.7.ebuild : - New release - - 24 Feb 2004; Christian Birchinger libxml2-2.6.6.ebuild: - Marked stable on all archs. Security update for Bug #42735 - - 17 Feb 2004; Joshua Kinard libxml2-2.6.6.ebuild: - Added ~mips to keywords. - -*libxml2-2.6.6 (14 Feb 2004) - - 14 Feb 2004; Alastair Tse libxml2-2.6.6.ebuild: - version bump - - 10 Feb 2004; Bartosch Pixa libxml2-2.6.4.ebuild: - set ppc in keywords - - 09 Feb 2004; libxml2-2.6.4.ebuild: - stable on hppa, again... - - 09 Feb 2004; libxml2-2.6.4.ebuild: - stable on hppa and sparc - - 08 Feb 2004; libxml2-2.6.4.ebuild: - x86 stable - - 28 Jan 2004; Aron Griffis libxml2-2.6.3.ebuild: - stable on alpha and ia64 - - 18 Jan 2004; libxml2-2.5.11.ebuild: - Added ~mips to KEYWORDS. - - 13 Jan 2004; libxml2-2.6.3.ebuild: - stable on sparc - -*libxml2-2.6.4 (10 Jan 2003) - - 10 Jan 2003; foser libxml2-2.6.4.ebuild : - New release - - 02 Jan 2004; Martin Schlemmer libxml2-2.6.2.ebuild, - libxml2-2.6.3.ebuild: - Run elibtoolize, as else we get references to PORTAGE_TMPDIR in - /usr/lib/python?.?/site-packages/libxml2mod.la among things. - - 13 Dec 2003; Guy Martin libxml2-2.5.11.ebuild: - Marked stable on hppa. - -*libxml2-2.6.3 (11 Dec 2003) - - 12 Jan 2003; Guy Martin libxml2-2.6.3.ebuild : - Marked stable on hppa. - - 11 Dec 2003; foser libxml2-2.6.3.ebuild : - New release - - 14 Nov 2003; Aron Griffis libxml2-2.6.2.ebuild: - Stable on ia64 - -*libxml2-2.6.2 (09 Nov 2003) - - 09 Nov 2003; Alastair Tse libxml2-2.6.2.ebuild: - version bump. should solve #33030 - - 04 Nov 2003; Christian Birchinger libxml2-2.5.11.ebuild: - Added sparc stable keyword - -*libxml2-2.6.1 (29 Oct 2003) - - 29 Oct 2003; foser libxml2-2.6.1.ebuild : - New version, readded ia64 keyword that seems to have vanished - esthetic ebuild cleanups - - 22 Oct 2003; Bartosch Pixa libxml2-2.5.11.ebuild: - set ppc in keywords - - 20 Oct 2003; Aron Griffis libxml2-2.5.11.ebuild: - Stable on alpha - - 05 Oct 2003; Mike Gardiner libxml2-2.5.11.ebuild: - Marked stable on x86 - - 23 Sep 2003; Bartosch Pixa libxml2-2.5.8.ebuild: - set ppc in keywords - - 21 Sep 2003; Alastair Tse libxml2-2.5.11.ebuild, - libxml2-2.5.8.ebuild: - add inherit for flag-o-matic - - 18 Sep 2003; Alastair Tse libxml2-2.5.11.ebuild, - libxml2-2.5.8.ebuild: - remove quotes in filter-flags - - 17 Sep 2003; Alastair Tse libxml2-2.5.11.ebuild, - libxml2-2.5.8.ebuild: - filter -funroll-loops and -fprefetch-loop-arrays to prevent problems down the - line with scrollkeeper and gconf (#26320). filters for all marchs - but possibly athlon-xp specific. - -*libxml2-2.5.11 (11 Sep 2003) - - 11 Sep 2003; Mike Gardiner libxml2-2.5.11.ebuild: - New version - - 07 Sep 2003; Mike Gardiner libxml2-2.5.10.ebuild, - libxml2-2.5.8.ebuild, libxml2-2.5.9.ebuild: - Added catalog initialisation, for if the catalog doesnt exist - -*libxml-2.5.10 (18 Aug 2003) - - 18 Aug 2003; foser libxml2-2.5.10.ebuild : - New version, removed alpha patch, is applied upstream now - -*libxml-2.5.9 (10 Aug 2003) - - 10 Aug 2003; foser libxml2-2.5.9.ebuild : - New version - - 09 Jul 2003; Christian Birchinger libxml2-2.5.7.ebuild: - Added sparc stable keyword - -*libxml2-2.5.8 (07 Jun 2003) - - 23 Jul 2003; Guy Martin libxml-2.5.8.ebuild : - Marked stable on hppa. - - 07 Jun 2003; foser libxml-2.5.8.ebuild : - New version, fix homepage, add ipv6 USE flag - - 24 Jun 2003; Aron Griffis libxml2-2.5.7.ebuild: - Mark stable on alpha - - 24 May 2003; Tavis Ormandy libxml2-2.5.4.ebuild, - libxml2-2.5.7.ebuild, files/libxml2-2.5.4-dec-alpha-compiler.diff, - files/libxml2-2.5.7-dec-alpha-compiler.diff: - ccc fixes, author assumes ccc == tru64 - - 08 May 2003; Christian Birchinger libxml2-2.5.6.ebuild: - Added stable sparc keyword - -*libxml2-2.5.7 (26 Apr 2003) - - 26 Apr 2003; Alastair Tse libxml2-2.4.23.ebuild, - libxml2-2.4.23.ebuild, libxml2-2.4.24.ebuild, libxml2-2.4.24.ebuild, - libxml2-2.4.28-r1.ebuild, libxml2-2.4.28-r1.ebuild, libxml2-2.4.28.ebuild, - libxml2-2.4.28.ebuild, libxml2-2.5.5.ebuild, libxml2-2.5.5.ebuild, - libxml2-2.5.7.ebuild: - version bump and cleanup - -*libxml2-2.5.6 (01 Apr 2003) - - 14 Jun 2003; Guy Martin libxml2-2.5.6.ebuild : - Added hppa to KEYWORDS. - - 01 Apr 2003; foser libxml2-2.5.6.ebuild : - New version - -*libxml2-2.5.5 (27 Mar 2003) - - 27 Mar 2003; Daniel Robbins libxml2-2.5.5.ebuild: - bumping into unstable x86. - - 13 Mar 2003; Olivier Reisch libxml2-2.5.4.ebuild: - Mark stable on ppc - -*libxml2-2.5.4 (03 Mar 2003) - - 19 Mar 2003; Guy Martin libxml2-2.5.4.ebuild : - Added hppa to keywords. - - 09 Mar 2003; Aron Griffis libxml2-2.5.4.ebuild: - Mark stable on alpha - - 03 Mar 2003; foser libxml2-2.5.4.ebuild : - New version - - 12 Feb 2003; Guy Martin : - Added hppa to keywords. - - 09 Feb 2003; Aron Griffis libxml2-2.5.2.ebuild : - Add ~alpha to KEYWORDS - -*libxml2-2.5.2 (05 Feb 2003) - - 08 Apr 2003; Todd Sunderlin libxml2-2.5.2.ebuild: - Marked stable for sparc. - - 07 Jan 2003; Jason Wever libxml2-2.5.2.ebuild : - Added ~sparc to keywords - - 05 Feb 2003; foser libxml2-2.5.1.ebuild : - New version - -*libxml2-2.5.1 (30 Jan 2003) - - 30 Jan 2003; foser libxml2-2.5.1.ebuild : - GNOME 2.2 RC2 commit - -*libxml2-2.4.30 (07 Jan 2003) - - 22 Feb 2003; Aron Griffis libxml2-2.4.30.ebuild : - Mark stable on alpha - - 07 Jan 2003; foser libxml2-2.4.30.ebuild : - New version - Added stripping of all unknown CFLAGS (bug #14265) - -*libxml2-2.4.28-r1 (22 Dec 2002) - - 22 Dec 2002; Martin Schlemmer libxml2-2.4.28-r1.ebuild : - - Force compile with zlib support, else gnome2 breaks (libgnomeprint for example - fails to compile with fresh or existing system). - - 06 Dec 2002; Rodney Rees : changed sparc ~sparc keywords - -*libxml2-2.4.28 (26 Nov 2002) - - 26 Nov 2002; Dan Armak ChangeLog : - - A new version with a patch added that fixes the roblems with KDE doc - generation that have been present since version 2.4.26. This patch will - be present in 2.4.29. - -*libxml2-2.4.26 (27 Oct 2002) - - 07 Nov 2002; foser libxml2-2.4.26.ebuild : - Fixed the ebuild a bit. Now USE flags for deps. - - 27 Oct 2002; foser libxml2-2.4.26.ebuild : - Gnome 2.1 commit - -*libxml2-2.4.24 (06 Sep 2002) - - 17 Sep 2002; Spider libxml2-2.4.24.ebuild : ppc keyword - added - - 16 Sep 2002; Maarten Thibaut libxml2-2.4.24.ebuild ChangeLog : - Adding sparc/sparc64 keywords. Revamping ChangeLog layout. - - 06 Sep 2002; Spider libxml2-2.4.24.ebuild : - new verison, patched up python/Makefile to make it adhere to DESTDIR - -*libxml2-2.4.23 (07 Jul 2002) - - 01 Aug 2002; Mark Guertin libxml2-2.4.23.ebuild : - Added ppc to keywords - - 07 Jul 2002; Gabriele Giorgetti libxml2-2.4.23.ebuild : - new version - -*libxml2-2.4.22 (27 May 2002) - - 27 May 2002; Spider libxml2-2.4.22.ebuild : - version bump - -*libxml2-2.4.21-r1 (9 MAy 2002) - - 26 May 2002; Martin Schlemmer : - Libtoolize to fix .la files from python site packages. - -*libxml2-2.4.21 (9 MAy 2002) - - 9 May 2002; Spider : - bump version, change from .tar.gz to .tar.bz2 - -*libxml2-2.4.20 (16 Apr 2002) - - 16 Apr 2002; Seemant Kulleen libxml2-2.4.20.ebuild, - files/digest-libxml2-2.4.20 : - Quick version update. - -*libxml2-2.4.19 (27 Mar 2002) - - 27 Mar 2002; Seemant Kulleen libxml2-2.4.19.ebuild : - Copied 2.4.18's ebuild over. - -*libxml2-2.4.18 (21 March 2002) - -*libxml2-2.4.16 (3 March 2002) - -*libxml2-2.4.15 (17 Feb 2002) - -*libxml2-2.4.13 (1 Feb 2002) - - 1 Feb 2002; G.Bevin ChangeLog : - Added initial ChangeLog which should be updated whenever the package is - updated in any way. This changelog is targetted to users. This means that the - comments should well explained and written in clean English. The details about - writing correct changelogs are explained in the skel.ChangeLog file which you - can find in the root directory of the portage repository. diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest index f551293ce9..b241eb4852 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest @@ -1,26 +1,17 @@ -AUX libxml2-2.7.1-catalog_path.patch 2209 SHA256 b3343f0611f9cb6e55bf62047a988653e3e9cc50f194b18adbc330b455236290 SHA512 99c1953865c560d2b7a01cf5fd61b1c5150857f3df8a9753ca583f6ff0a99e01c02d2586bb12220a615cf9c40a540dbe0d17996c0547bc0d20cbeefd6b45682d WHIRLPOOL 9b4daf434b38a0ae8103f02625ae033e7a94012a18cabc981f34b93fe8b422477905b74cfee300eb6a37e1af8bd358dd84804a5d0b6be8645ae9ee3e4c6fcd9b +AUX libxml2-2.7.1-catalog_path.patch 2225 SHA256 8ff974c4c3cd04a16741e87247d0a0a63b09bfb0a285c1cc1d7d0aa855142d3c SHA512 bcad080ee84c926c75df8baa47937bdfcfa207235263249f4025e64cbb5ac9be883e1ac4dc1ee55944116da2f84ced27b7cae781aa855579796f3f53a54aacb1 WHIRLPOOL 83e1812e537a7babf1ae694352498628da643db860ebe62021a6b77cc1e3abae35cdbc44d05d889b12adba031b015dfe62c8f19560e45c53a3c3a082cadeabe6 AUX libxml2-2.8.0_rc1-winnt.patch 2392 SHA256 c18b2c15550b3ff4709a85cd18d16368928319b1b7fd8875dc34acd67076b134 SHA512 e78d010c82f18386b4f0ff84497585755b43416563bccd11f8e4dbf0153ca8842934fe05dce6c2373d8360574a2165795a78ea991682aed9610000d2bfcb0164 WHIRLPOOL a87eefa17ad113ae4aed14744715b4e1781e0869a3bb789bdf4f243bdb3687d0d4b6ee2addc85bf5b2f86b9d1cc442d946f0329011f033e3a7855ae0ad79b745 -AUX libxml2-2.9.2-constant-memory.patch 6332 SHA256 0c3be9bf93626ae9c6f5517d68515acf272beda14575ecc38b282502b0c032dc SHA512 ebc428f6c1a74162b4a1d5cba09631ab9d10eb71a64d2f13248b27bf19f4f5eb14655f431b788b507b2e743ce5855b2c54deab1be257366261671442d49c6074 WHIRLPOOL d98d91783eb5d8108963f86a8dfcbc372ceacccf3ee354a0abebcace5772f601801c7131085a1b031c9cf29d8dbded8a66ed6d10f9832932e4ad9fa95e98efe6 -AUX libxml2-2.9.2-cross-compile.patch 487 SHA256 495d0c9d461b57e05a92b57c7eec6136ee318badfffa0c6f81f44097611eca5b SHA512 aa856ea455233137f059c603d68ec8990602053d59606c8921849c0c40a78468ad4e75d09f333faf1c798e31c03cb55e8ddfcdf78b8ec9628f6bd8875a56e959 WHIRLPOOL bf24d7726d061fc27c568eb0ea979bda34b37e6fadd889ad57a5f98cb313461a9162702262c6a545cd3dc54b922be015e0bc542d2c4e1e94efedf929a246f216 -AUX libxml2-2.9.2-cve-2015-7941-1.patch 1134 SHA256 b7a29616966bb66de87a6025f8cbc8902946f09a06254f1fb18b715957044149 SHA512 e03ec3809a47cd33d18b4e19e3e32d9f790f8c4c26c53e67b37de1b1080cc302bbeadb829132d3357b15101bbf2aae85dad6207a3177bdb039bd665a6fa208a7 WHIRLPOOL 288b9a470e18171e8dad4049f2b99e41ad48906bf319d697f376590767813f756a34ff3fd43288469a4a1bafa420a2a1500601a245c164438b8c6053b7bf2203 -AUX libxml2-2.9.2-cve-2015-7941-2.patch 1472 SHA256 2caef4b29c3935db35a5594c4f1f0b6181a41361d87ff35d64db8ff38cc303da SHA512 eaeaec27abb29c1ddb1b936c8204b9a052e75b2dde30a6859765a2e64561d77fe23c247adc057d730d14f5047663230df8c1f6aa6db39799c8e56b8a069877b5 WHIRLPOOL e625c339ba6e05a6318f6f8bbf8fdc385e18f5fbbca7e87e486e7990e343392c979e1cfea0670f1fb0d9fa0221a7a4bf77eb1f9a6c4bcd3b0320f23ae9f603af -AUX libxml2-2.9.2-cve-2015-8035.patch 1000 SHA256 aeba2f719ce88de2ce555b40941bccfbff12f95c97738aacc2a6ce8bdfe45273 SHA512 191f6c1eb4d96d6cc1943f4119d6ffd98c2cf87d92ba7a266e3913e21967425dce63dde9b2d756275e00ffdcae51eb24783faab3a1f8db1dc33e0ffbe420d4b3 WHIRLPOOL 6c9967e04e7bdc6d1f46fc1733101f81ba4af2f3f44e1958e0f600ee90c574f967f528ebbecf7f2e91a6305bb53b17ccbd9df3b66d199c1931bf7b16eae858b1 AUX libxml2-2.9.2-disable-tests.patch 2118 SHA256 4558ea3360dab8ce500b8f6438c128b9928959dce18cd5667d5403c317c8b3c1 SHA512 b38aa354b949c64da2a1cbe7dcff47f13eaa6c7a88bb34300995b17481d016192174e6f0613c55a351e21835fc2f2f70f87cc27f1fe8be99e8005a2e092a27ef WHIRLPOOL 7fa224dd404750ddacbfb9cde05c4b18c1bf9d7d794e23bfa11a4de316cca7c5df721e4b8bcf1f5d91d7ae3af58e158a4fb1051770634757f9d1b3358d34c7d3 -AUX libxml2-2.9.2-fix-lzma.patch 3332 SHA256 47af4d5d316e257c9d2f0ea20d5dce5f0081c8e859dde485505a91d94d99a6d7 SHA512 44bd4b9d5ac83c7f9fb3d2691a4cc382f46d81af78eba9963e94d7123696a9b25b382aa6710bf1b6af70105930ca308d142bc00a2b37ab52a4921c6f82c76ff5 WHIRLPOOL 54a756f2c7f96fe252b8c6b2245e7569b68e9fd215494c54ed6f0a3ef6063db21749021fb77ec402d1cf63f4cf5897db82be359f43804b032dd93a18b407fdfd -AUX libxml2-2.9.2-icu-pkgconfig.patch 653 SHA256 b7e0e8ce27990d1ad8ef8eb3372a6cb9f8d7de5b0674613082ec3f6cdf214af1 SHA512 516fe55dc1500146e3fb1b8cf1c567aca668f54e65d7b595694cf668278217f0c2c82a03201dcdb463f8d5adda2620b42176a799bbaf2e1521500f8ed3971601 WHIRLPOOL f49a55065ab1a7d4159aa32b3182ae79c0b1d753f4aa81ef109eb38a2baa86c53a2ac98c391eebf0d1152206ec967adc1e4b41d6bbdabe3e6de791360d5c17af -AUX libxml2-2.9.2-missing-entities.patch 1139 SHA256 8cf04e6355d0ca8d1e96fb5e5e92819d395609f07aa5fe7e4876efc6023485d6 SHA512 4ab3ea64010f194acf5ba92268db42487234096896e0dfe00eafdaff00dcb0a3b692824e6acb4bfc072e44a41b65c7fafffad2eb3fad2e2c55874c166fc919aa WHIRLPOOL b397f2415bfed48f13d6547a42cdcd52054aaae1b168eae8bd3daf451392942347cb31d0a92b3f7cbc67cc8ad22dcf6423aba319d4eaed054d37f16d5d6bccbd -AUX libxml2-2.9.2-overflow-conditional-sections-1.patch 943 SHA256 9095165d17db7e66060307fea16872ce5be63bd9f52e858f05200d6f12391ee4 SHA512 bbf93ce9f9277f049ccac6644f72e4c2d42a7513762950c928bbdab3813a9a20123a3aef5c83b8448213026761150bc4ad5a2a89dd9eb770793b642a54ca3fd0 WHIRLPOOL 6ba96d77402aca20419b822b87da948dc5bca4685583019f1dbed7c51e21a11fb9b6a5982d1083b77bb4c8e23c22f83f811c1038e51e39ac129de2680877998c -AUX libxml2-2.9.2-overflow-conditional-sections-2.patch 846 SHA256 bd98845e4fb4405ae45f4dbdac097ac40db4e8ac8d2ff7194ac0997404ca37bf SHA512 40837e2cc46aa8972818aa4526926cffd213e4c5a689c66f4c4b864c339582588e03d98f4fcf5781977b3a71a2a0850de17540b0293e58755f07346471e76aa4 WHIRLPOOL 4c347f7358a0c5ce6993e8166983a113a2e3bb1bb46f0733d19e90699b4428c1d445c28fd5e3b6402617ebe7bbe6fd51b4e0d94af700a87a0113e1dfb2749c18 -AUX libxml2-2.9.2-revert-missing-initialization.patch 715 SHA256 160258250f519b9d71e7d4ba913df6b2ba6109e1ac533bd19a3061ffbe82cd18 SHA512 cdad2b866684cc3193a5f3254339659e28ab4af988ba257ac0c41d42bf18c82665127cc705d36313f3bd4e5d6e1bb5bab0e966e9068398c62755ba54adea6b17 WHIRLPOOL 9addff866a02bee035b7aeccd4bd50baa74b0104c166cf02927fd779c92e41b119896a7fb2dcd0e255c7614018a80585b37f954ec36ae1a5871e0f885baff187 -AUX libxml2-2.9.2-threads-declarations.patch 1505 SHA256 2b6c128ffe2008067fa92d440e4d77764cc0e98d7d654a8216dbd5ddd9c0f7fa SHA512 a8f1cc01879d3e35312ace8d47f248480c380e12220be686dc65aaa5f1b9bb13e27606c56f0c657e5a294e630d669a7884a450f6476e4c581655d393de9e7e18 WHIRLPOOL 9569285cf69c834943647911d6b0e8652601c5305fcfd056895698c4f853614f1271da16a80416c2f7e7e83fa8ae63e817f1b772bfadf61376b5840bd02a1df6 -AUX libxml2-2.9.2-timsort.patch 3801 SHA256 eff9c354f9314cf08346a42364247dea79cd0472fd892a52656ed5bdbadeffff SHA512 d9d6849867005ae2ba9358c9db2f03d9f31a74136c0dacda3b36940224ae0d95d5dbeb06be8dd3e4df363cbe76f92e854294200db17be93c80b3542bf7a8f8cb WHIRLPOOL f30524faae0469a37377fdc3b053c5fb5040e9fb627a1ba7d2e7079ab0ee5347bb2bcfdf3ff6f27dee9045250edb159fac9bf6235c66cf5bc414a99c6d93a8b0 -AUX libxml2-2.9.2-unclosed-comments.patch 1757 SHA256 05a22f7fbc8800a2a16459838cd9f1217baf426cfe854b47f9a02738cdd044c0 SHA512 c287d1d54a5bdaba8029a981653d21924ec540ed06c593789db8670efeeccbdaefbc05f1017bacc7ed203dfb4549fcfca9186dbc51c23cdd4d2d2f345d501f74 WHIRLPOOL 82f542e3d85dcd3762f37c1543a84e8be3dfa9ba786350c0b6e861ded687f3741440dedf6b06072127c3a330b2be6b61d3b7c30030b1fc04b597d254c782bcfd -DIST libxml2-2.9.2.tar.gz 5444991 SHA256 5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc SHA512 a4e3b20e2efceed39c20379b32b746d4a1cf65c0cf7719d26c9bf7483c1f04a4e5a442ae2f36dc4ae8a4d011b67cfb58d9f6d0be034fa3e897a49059c9289565 WHIRLPOOL d7a77cb6ad49533cf62f6a759668e297a60dd7f70c9e13b29f682c64dfb25ae46eb9db552500130f40e3f969897bda996001d18236a4630e3713f6dd5acbe686 +AUX libxml2-2.9.2-python-ABIFLAG.patch 728 SHA256 088ce998caf80e0861e63c1ae36917797ead8adbadef9d502423ab97a591f70e SHA512 2f801329ad4e13dc70450d41f7659a510fe429b3aa9b66859fed25c4e3d95381d6f253f3a60a54002a16999296d3bd2adaca5e4cca92186492bfc7de3ac84426 WHIRLPOOL 8302c90a647adea89f6baedf726b4af20a9cbd6d0f48bea7d38867f00cdd0dc71fea833419dcaf55b73435d1ba90c552eb49b583652c79dc47c495d61cdc703a +AUX libxml2-2.9.4-CVE-2016-4658.patch 7318 SHA256 7aee52ca24da6c7d36787cded379eaedd34803f8d355e11806b988a25de6a6bb SHA512 7dc42ad219397a6be0b4e50c61d1aa4b44e06b4c0af5f1a63996fa257e6831c624729428ea66ef02118a81ca8360b07f923ad436870364de1081f8a3505d94fc WHIRLPOOL e407d349ee292314de9a63ecaeb8d415362a41df1521ba8533ac1168cd0ed709e38844b72446b6c1b21964fb6c389a499ed545c6c79688f3147e38fb9ec6f6f2 +AUX libxml2-2.9.4-CVE-2016-5131.patch 5038 SHA256 4e0248f5a6877b157b9d736c412d4da7a2c015d58a816b859957efddb8d3c8d4 SHA512 c92cda9851fdf8af6cb21aa80f39b474cddef8c749298f5b51f76f871160ac9749fdaac3fa406cc0c75a666f7627983fce0e90fb2919f3a8c778e1148583be33 WHIRLPOOL 810c79240386e3657dd8451583e57ade7d4b638dabc667c798c1c922f46922ec3687ef7627f7c558e34ae204e751830d7f2ab7891e1c75ab91c3f10e58ccd22a +AUX libxml2-2.9.4-nullptrderef.patch 1577 SHA256 797743ea3d5d4a4ff50d0b9a572daf1db47aea02d5f163ff830019fc78ebbe5a SHA512 4882c75fd13807a842b57771242a3dc10ac9db36f10b7f2b3e96f7e4d1a59127779f73a5062305d80719053d94f6044a0ffd51447fb77fca393738fd1635bfc0 WHIRLPOOL 044a59f26ecbf88916c2f255a99869867880353ed7742ec958ec4feb821b3642a1110034d98c52ca36a9ebca775e2eab7f08b84200abe65675e58ab74ef31fc3 +AUX libxml2-2.9.4-nullptrderef2.patch 1785 SHA256 160459ea5d5fdbd3d7bd842a24075c3a56aeb75a8d7a17e3409e535d0ac7c706 SHA512 406379a787c1bd45f1b3c128c94182250e4200d5a577ae15dab574ce590857124bda896fd677bce1950658a1ff7b4ea6fc95b52a9ea31daf47ab5c66e03460d5 WHIRLPOOL fd94788d1095bdbfd9d707215865ba52f74287aff6251d74f4fbb74677edb18c730c1038f1ace7720213c3a372d09964fc5cd9f77ffbe1114e7e203593aa721b +DIST libxml2-2.9.4.tar.gz 5374830 SHA256 ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c SHA512 f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9 WHIRLPOOL 268d3364a3d293810dff060b3ab92042c5550e50dbe9038c4d5b54ea6a22ed77f9572575517ae3bacfe518d634047eb9d5345e903b125e56a3d32ad1ba96dabf DIST xmlts20080827.tar.gz 638940 SHA256 96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7 SHA512 7325d0977c4427fc4944b291ccf896a665f654cc24399e5565c12a849c2bc3aef4fa3ee42a09ac115abcb6570c51a8fbd052c38d64d164279ecdecad5a4e884d WHIRLPOOL 50835380c3ea208df0bf9ce032ed2df69c4c6cb5a53ffdd39a08fb4f1d166f311b2ef2fe0d9911ae1ebff92aeb42f6ea55e727dfe0b7a3b95e6c7240315b3eda DIST xsts-2002-01-16.tar.gz 6894439 SHA256 55e5c08db29946a91ea8e70e8f2418d3fd30d8b6777941dfba7f54726ffd9914 SHA512 43300af6d39c1e2221b0ed7318fe14c7464eeb6eb030ed1e22eb29b4ab17f014e2a4c8887c3a46ae5d243e3072da27f00f4e285498ae6f1288177d38d1108288 WHIRLPOOL 84dd51959460a4f8aa582d57ad39229c546ca7fe155012c57c368b59f5d31400d8b940a343a7320058330ca611303139cacdffed514783f96406ac5366026b11 DIST xsts-2004-01-14.tar.gz 2761085 SHA256 09bdf9f81f381ebf9bc158a9472e498e896f7a02eb7461146e9abe1b9493ca17 SHA512 32854388d7e720ad67156baf50bf2bae7bd878ca3e35fd7e44e57cad3f434f69d56bbbedd61509f8a1faf01c9eae74a078df8fe130780b182c05c05cb1c39ebe WHIRLPOOL c46a3bf7d6dd771757f4304995cc177cf51c6cdd0e9778851fc13d3809c7b984690b4f273b3e075abe018110968eb7fc78f5b83170d3e18bacf00a4ed64b213d -EBUILD libxml2-2.9.2-r1.ebuild 6767 SHA256 b6020cd02b0d251d66abc655fac952400768144fb2116470710aa8ba67bcdb77 SHA512 1dd5abddeb54690b87711e545fc1e1e825d679b8bc0289647bafc0ff75609f5dbc6fbb72372261fdab89455f6b14283ab83d367ec966e6d9d020e8ec2545e311 WHIRLPOOL 4b8b7273cb2c1bf79bfbccc297912152a19da4054c2735fd555225ef0346eee8d1d8d8bb0df2598859f41ad5d84ec22f234a97ead491b2cddf53bc1331226faa -EBUILD libxml2-2.9.2-r4.ebuild 7339 SHA256 cebaa28bdd5b9eefddba67d6492f2c7a153b73f9e810f10c70a104925bfdf7ee SHA512 2be652f8a49a88abf95525c7905a2a2738fdf3109cb17ed8d2149e3e70e48b47305a0c8de6337263a6014478d6781726a2d48da2aed30ca553a0612478830896 WHIRLPOOL f9c19d25d555bd57f2e2bf620c88be0dec391c74c24f73cec3ee5d5dc2fe8e5190c892409d6ef1856dcdea430221a6d7665e31eb32172e319d5b5f980d1167dd -MISC ChangeLog 5221 SHA256 7da5f474e45c96cf3b42df1bf424e9cd5c62e0bcfe40894a4e39539e44e28793 SHA512 610ca138db2d2e12d34e6490fa68958b72c94451d32a1b2345e72ebe194a1687252a275acee13e2e6ab23889e20777eeb3d76bd7ace6d7c2a98143c581df9770 WHIRLPOOL 273bdee336d9a7ef6ec4738b8fa6a9231720ecce29d50b2adeeb86b9a81c3383dd851090f30a45c1bed2f1cb3a07ab796c63f6eac228dd89d9ed8d5cf29fcaea +EBUILD libxml2-2.9.4-r1.ebuild 6900 SHA256 54b5073939e1ae0f58527ae8c999602aefdef44db25ee797620827a9bd2a367f SHA512 2686bec6c27ec6ec9bd9b5f60ffd15c8ffa861336e50d39a0c525df1a379d48e2594b31baf19f529c7639c1ac81b80d2276abfff87128e51896befa86a7046f1 WHIRLPOOL 6aac55f06b325c1c30be897eb133b94dd4438462e1d68effa0fd118b3bc1684b3923a2c19c290ed0a63de989a78c1f77aa9a7aaf28841c7be3b9bb5ac857fecd +EBUILD libxml2-2.9.4.ebuild 6222 SHA256 1090bf9474555f3175e492c98aeb4cb77225a22d8b22b3b7be99c21287cc421a SHA512 c23e6e9e0adb07e62a6cde26c09f932c57a81f4ab41f5253178e9eabb31ab2c98fac74a33d5632b889fb3e311375b1b41669d6f1e07d64235ab8d5658cf7e5cb WHIRLPOOL ad940ab5ca7577453cf50e089acdb5a66eea74becb42ad60771a82bd3c5846f7d82cd7bd0e306b7215fd53204efc1a88ec4aa966b5cf4dc809a698b5c449dec3 +MISC ChangeLog 9698 SHA256 1b1fb6fa12f27f404c6a5d2e68e56078877a20539e2150d43ceefaa61c31a251 SHA512 7f51ba012043be6cd6c979ffbf47bbed2d7ab2d4ed25fcde2c3baebb29311178c3d873d7ade799ef167fa8fcfa5cfd29379b6a19f72ba04e1594fa5a4dc3783f WHIRLPOOL 801f2f44fdf6411ec8a8b9df790e04fb8824d9b88623398a3d047c69a690dc9c9f071a2a845329403a1b15fb990f8cc61ebad5e34aeff2d869b932adae4d000b MISC ChangeLog-2015 65422 SHA256 6e4ee4a306e6b8c480f681f1846d7879ac86df55d74401e26f1b7cfc5e05f94d SHA512 e030bc367ffae1c8530e1ad171da60bf7034095d81060cbe4286bf0840ef86d17447e8549fbf3a09f39db9ced5476b3b29630d5495647cbe2d55e11b423aa379 WHIRLPOOL 279cff12baa7a881967812c7bf76b54297a39144e2fc9291053662f463faff68db5a8b6420267031ee1afb979669e823989063bf0ac2c7cc820927d6bdfe555c -MISC metadata.xml 248 SHA256 b0fd2ca4dd32b2b409664977e78376bb9647d9cf562abf456b3116d72af41af8 SHA512 2d64c784e9caea3763bf417c779c97e6551d6579898dfd57718b655c200981c61a83fba2d5e67b5ce9c9db906c9acc8df7ef42acd19d1923c2f9a3481efd5c95 WHIRLPOOL 10d45bf2e04ee6e18988151364bedffa21e8a0c36372c3f89502631bb07cab03f370fd7196303e3b303a0765d05d3d15ab59a1fa3a0b62066e175a0754f1aa5d +MISC metadata.xml 347 SHA256 f67239ca2e57c9729d3be4e84d03d474e382b53c89371617fd97acd8494a5fe7 SHA512 6a094316da6ea1fb160b539788923a2dc01d7ef6304f924f628a438714663a51c8d1adaa97800516a64055a8adf6999ae2899b5a976db680967dcc298e22444d WHIRLPOOL 24e14b8ca1c048a589aec596a844a7e9b9bbf52964b3dd26bab7c03b7ed762f0ea0abbb0832b1fb6c94b7a4cff92b921e61bce9461db3368ab95003501cd3e50 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.7.1-catalog_path.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.7.1-catalog_path.patch index 25ea47832b..3f69ec2a4d 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.7.1-catalog_path.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.7.1-catalog_path.patch @@ -1,5 +1,5 @@ ---- catalog.c -+++ catalog.c +--- a/catalog.c ++++ b/catalog.c @@ -68,10 +68,10 @@ #define XML_URN_PUBID "urn:publicid:" #define XML_CATAL_BREAK ((xmlChar *) -1) @@ -22,8 +22,8 @@ #if defined(_WIN32_WCE) /* Windows CE don't have a A variant */ #define GetModuleHandleA GetModuleHandle ---- xmlcatalog.c -+++ xmlcatalog.c +--- a/xmlcatalog.c ++++ b/xmlcatalog.c @@ -43,7 +43,7 @@ @@ -33,8 +33,8 @@ #endif /************************************************************************ ---- runtest.c -+++ runtest.c +--- a/runtest.c ++++ b/runtest.c @@ -2747,7 +2747,7 @@ */ static int @@ -53,8 +53,8 @@ return(NULL); /* Verify we received the escaped URL */ if (strcmp(urip_rcvsURLs[urip_current], URI)) ---- xmllint.c -+++ xmllint.c +--- a/xmllint.c ++++ b/xmllint.c @@ -103,7 +103,7 @@ #endif diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch deleted file mode 100644 index dc944b6353..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-constant-memory.patch +++ /dev/null @@ -1,176 +0,0 @@ -From 213f1fe0d76d30eaed6e5853057defc43e6df2c9 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 14 Apr 2015 17:41:48 +0800 -Subject: [PATCH] CVE-2015-1819 Enforce the reader to run in constant memory - -One of the operation on the reader could resolve entities -leading to the classic expansion issue. Make sure the -buffer used for xmlreader operation is bounded. -Introduce a new allocation type for the buffers for this effect. ---- - buf.c | 43 ++++++++++++++++++++++++++++++++++++++++++- - include/libxml/tree.h | 3 ++- - xmlreader.c | 20 +++++++++++++++++++- - 3 files changed, 63 insertions(+), 3 deletions(-) - -diff --git a/buf.c b/buf.c -index 6efc7b6..07922ff 100644 ---- a/buf.c -+++ b/buf.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include /* for XML_MAX_TEXT_LENGTH */ - #include "buf.h" - - #define WITH_BUFFER_COMPAT -@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf, - if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) || - (scheme == XML_BUFFER_ALLOC_EXACT) || - (scheme == XML_BUFFER_ALLOC_HYBRID) || -- (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) { -+ (scheme == XML_BUFFER_ALLOC_IMMUTABLE) || -+ (scheme == XML_BUFFER_ALLOC_BOUNDED)) { - buf->alloc = scheme; - if (buf->buffer) - buf->buffer->alloc = scheme; -@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) { - size = buf->use + len + 100; - #endif - -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if ((buf->use + len >= XML_MAX_TEXT_LENGTH) || -+ (buf->size >= XML_MAX_TEXT_LENGTH)) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(0); -+ } -+ if (size >= XML_MAX_TEXT_LENGTH) -+ size = XML_MAX_TEXT_LENGTH; -+ } - if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) { - size_t start_buf = buf->content - buf->contentIO; - -@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size) - CHECK_COMPAT(buf) - - if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0); -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (size >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(0); -+ } -+ } - - /* Don't resize if we don't have to */ - if (size < buf->size) -@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) { - - needSize = buf->use + len + 2; - if (needSize > buf->size){ -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (needSize >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(-1); -+ } -+ } - if (!xmlBufResize(buf, needSize)){ - xmlBufMemoryError(buf, "growing buffer"); - return XML_ERR_NO_MEMORY; -@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) { - } - needSize = buf->use + len + 2; - if (needSize > buf->size){ -+ if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { -+ /* -+ * Used to provide parsing limits -+ */ -+ if (needSize >= XML_MAX_TEXT_LENGTH) { -+ xmlBufMemoryError(buf, "buffer error: text too long\n"); -+ return(-1); -+ } -+ } - if (!xmlBufResize(buf, needSize)){ - xmlBufMemoryError(buf, "growing buffer"); - return XML_ERR_NO_MEMORY; -diff --git a/include/libxml/tree.h b/include/libxml/tree.h -index 2f90717..4a9b3bc 100644 ---- a/include/libxml/tree.h -+++ b/include/libxml/tree.h -@@ -76,7 +76,8 @@ typedef enum { - XML_BUFFER_ALLOC_EXACT, /* grow only to the minimal size */ - XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */ - XML_BUFFER_ALLOC_IO, /* special allocation scheme used for I/O */ -- XML_BUFFER_ALLOC_HYBRID /* exact up to a threshold, and doubleit thereafter */ -+ XML_BUFFER_ALLOC_HYBRID, /* exact up to a threshold, and doubleit thereafter */ -+ XML_BUFFER_ALLOC_BOUNDED /* limit the upper size of the buffer */ - } xmlBufferAllocationScheme; - - /** -diff --git a/xmlreader.c b/xmlreader.c -index f19e123..471e7e2 100644 ---- a/xmlreader.c -+++ b/xmlreader.c -@@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) { - "xmlNewTextReader : malloc failed\n"); - return(NULL); - } -+ /* no operation on a reader should require a huge buffer */ -+ xmlBufSetAllocationScheme(ret->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler)); - if (ret->sax == NULL) { - xmlBufFree(ret->buffer); -@@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) { - return(((xmlNsPtr) node)->href); - case XML_ATTRIBUTE_NODE:{ - xmlAttrPtr attr = (xmlAttrPtr) node; -+ const xmlChar *ret; - - if ((attr->children != NULL) && - (attr->children->type == XML_TEXT_NODE) && -@@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) { - "xmlTextReaderSetup : malloc failed\n"); - return (NULL); - } -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - } else - xmlBufEmpty(reader->buffer); - xmlBufGetNodeContent(reader->buffer, node); -- return(xmlBufContent(reader->buffer)); -+ ret = xmlBufContent(reader->buffer); -+ if (ret == NULL) { -+ /* error on the buffer best to reallocate */ -+ xmlBufFree(reader->buffer); -+ reader->buffer = xmlBufCreateSize(100); -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); -+ ret = BAD_CAST ""; -+ } -+ return(ret); - } - break; - } -@@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader, - "xmlTextReaderSetup : malloc failed\n"); - return (-1); - } -+ /* no operation on a reader should require a huge buffer */ -+ xmlBufSetAllocationScheme(reader->buffer, -+ XML_BUFFER_ALLOC_BOUNDED); - if (reader->sax == NULL) - reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler)); - if (reader->sax == NULL) { --- -2.3.5 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch deleted file mode 100644 index 447222eeef..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cross-compile.patch +++ /dev/null @@ -1,17 +0,0 @@ -https://bugzilla.gnome.org/show_bug.cgi?id=749416 - -do not use -L$Z_DIR/lib when Z_DIR isn't actually set - ---- a/configure.ac -+++ b/configure.ac -@@ -392,7 +392,9 @@ if test "$with_zlib" = "no"; then - else - AC_CHECK_HEADERS(zlib.h, - [SAVE_LDFLAGS="${LDFLAGS}" -- LDFLAGS="-L${Z_DIR}/lib" -+ if test "x${Z_DIR}" != "x"; then -+ LDFLAGS="${LDFLAGS} -L${Z_DIR}/lib" -+ fi - AC_CHECK_LIB(z, gzread,[ - AC_DEFINE([HAVE_LIBZ], [1], [Have compression library]) - WITH_ZLIB=1 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch deleted file mode 100644 index 8a6c98cc42..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-1.patch +++ /dev/null @@ -1,32 +0,0 @@ -From a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Mon, 23 Feb 2015 11:17:35 +0800 -Subject: [PATCH] Stop parsing on entities boundaries errors - -For https://bugzilla.gnome.org/show_bug.cgi?id=744980 - -There are times, like on unterminated entities that it's preferable to -stop parsing, even if that means less error reporting. Entities are -feeding the parser on further processing, and if they are ill defined -then it's possible to get the parser to bug. Also do the same on -Conditional Sections if the input is broken, as the structure of -the document can't be guessed. ---- - parser.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/parser.c b/parser.c -index a8d1b67..bbe97eb 100644 ---- a/parser.c -+++ b/parser.c -@@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) { - if (RAW != '>') { - xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED, - "xmlParseEntityDecl: entity %s not terminated\n", name); -+ xmlStopParser(ctxt); - } else { - if (input != ctxt->input) { - xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY, --- -2.4.10 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch deleted file mode 100644 index df30c89269..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-7941-2.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 9b8512337d14c8ddf662fcb98b0135f225a1c489 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Mon, 23 Feb 2015 11:29:20 +0800 -Subject: [PATCH] Cleanup conditional section error handling - -For https://bugzilla.gnome.org/show_bug.cgi?id=744980 - -The error handling of Conditional Section also need to be -straightened as the structure of the document can't be -guessed on a failure there and it's better to stop parsing -as further errors are likely to be irrelevant. ---- - parser.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/parser.c b/parser.c -index bbe97eb..fe603ac 100644 ---- a/parser.c -+++ b/parser.c -@@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - SKIP_BLANKS; - if (RAW != '[') { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL); -+ xmlStopParser(ctxt); -+ return; - } else { - if (ctxt->input->id != id) { - xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY, -@@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - SKIP_BLANKS; - if (RAW != '[') { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL); -+ xmlStopParser(ctxt); -+ return; - } else { - if (ctxt->input->id != id) { - xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY, -@@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - - } else { - xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL); -+ xmlStopParser(ctxt); -+ return; - } - - if (RAW == 0) --- -2.4.10 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch deleted file mode 100644 index f51863e816..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-cve-2015-8035.patch +++ /dev/null @@ -1,31 +0,0 @@ -From f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 3 Nov 2015 15:31:25 +0800 -Subject: [PATCH] CVE-2015-8035 Fix XZ compression support loop - -For https://bugzilla.gnome.org/show_bug.cgi?id=757466 -DoS when parsing specially crafted XML document if XZ support -is compiled in (which wasn't the case for 2.9.2 and master since -Nov 2013, fixed in next commit !) ---- - xzlib.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/xzlib.c b/xzlib.c -index 0dcb9f4..1fab546 100644 ---- a/xzlib.c -+++ b/xzlib.c -@@ -581,6 +581,10 @@ xz_decomp(xz_statep state) - xz_error(state, LZMA_DATA_ERROR, "compressed data error"); - return -1; - } -+ if (ret == LZMA_PROG_ERROR) { -+ xz_error(state, LZMA_PROG_ERROR, "compression error"); -+ return -1; -+ } - } while (strm->avail_out && ret != LZMA_STREAM_END); - - /* update available output and crc check value */ --- -2.4.10 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch deleted file mode 100644 index e9b6da6fe7..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-fix-lzma.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 18b8988511b0954272cac4d6c3e6724f9dbf6e0a Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 3 Nov 2015 15:46:29 +0800 -Subject: [PATCH] Reenable xz support by default - -For https://bugzilla.gnome.org/show_bug.cgi?id=757466 - -problem was introduced by commit f3f86ff465c92c79f834d7b981f3c7274a8bb5c8 -for https://bugzilla.gnome.org/show_bug.cgi?id=711026 ---- - configure.ac | 3 +++ - xmlIO.c | 12 ++++++------ - xzlib.c | 6 ++++-- - 3 files changed, 13 insertions(+), 8 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 14ac0a8..48e0577 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -445,6 +445,9 @@ else - fi], - [have_liblzma=no]) - LDFLAGS="${SAVE_LDFLAGS}"]) -+ else -+ # we still need to check for lzma,h header -+ AC_CHECK_HEADERS([lzma.h]) - fi - - # Found the library via either method? -diff --git a/xmlIO.c b/xmlIO.c -index e628ab0..8b13184 100644 ---- a/xmlIO.c -+++ b/xmlIO.c -@@ -1334,7 +1334,7 @@ xmlGzfileClose (void * context) { - } - #endif /* HAVE_ZLIB_H */ - --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - /************************************************************************ - * * - * I/O for compressed file accesses * -@@ -1451,7 +1451,7 @@ xmlXzfileClose (void * context) { - if (ret < 0) xmlIOErr(0, "xzclose()"); - return(ret); - } --#endif /* HAVE_LZMA_H */ -+#endif /* LIBXML_LZMA_ENABLED */ - - #ifdef LIBXML_HTTP_ENABLED - /************************************************************************ -@@ -2328,10 +2328,10 @@ xmlRegisterDefaultInputCallbacks(void) { - xmlRegisterInputCallbacks(xmlGzfileMatch, xmlGzfileOpen, - xmlGzfileRead, xmlGzfileClose); - #endif /* HAVE_ZLIB_H */ --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - xmlRegisterInputCallbacks(xmlXzfileMatch, xmlXzfileOpen, - xmlXzfileRead, xmlXzfileClose); --#endif /* HAVE_ZLIB_H */ -+#endif /* LIBXML_LZMA_ENABLED */ - - #ifdef LIBXML_HTTP_ENABLED - xmlRegisterInputCallbacks(xmlIOHTTPMatch, xmlIOHTTPOpen, -@@ -2683,7 +2683,7 @@ __xmlParserInputBufferCreateFilename(const char *URI, xmlCharEncoding enc) { - #endif - } - #endif --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - if ((xmlInputCallbackTable[i].opencallback == xmlXzfileOpen) && - (strcmp(URI, "-") != 0)) { - ret->compressed = __libxml2_xzcompressed(context); -@@ -3350,7 +3350,7 @@ xmlParserInputBufferGrow(xmlParserInputBufferPtr in, int len) { - * try to establish compressed status of input if not done already - */ - if (in->compressed == -1) { --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - if (in->readcallback == xmlXzfileRead) - in->compressed = __libxml2_xzcompressed(in->context); - #endif -diff --git a/xzlib.c b/xzlib.c -index 1fab546..782957f 100644 ---- a/xzlib.c -+++ b/xzlib.c -@@ -8,7 +8,7 @@ - */ - #define IN_LIBXML - #include "libxml.h" --#ifdef HAVE_LZMA_H -+#ifdef LIBXML_LZMA_ENABLED - - #include - #ifdef HAVE_ERRNO_H -@@ -34,7 +34,9 @@ - #ifdef HAVE_ZLIB_H - #include - #endif -+#ifdef HAVE_LZMA_H - #include -+#endif - - #include "xzlib.h" - #include -@@ -799,4 +801,4 @@ __libxml2_xzclose(xzFile file) - xmlFree(state); - return ret ? ret : LZMA_OK; - } --#endif /* HAVE_LZMA_H */ -+#endif /* LIBXML_LZMA_ENABLED */ --- -2.4.10 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch deleted file mode 100644 index 7a84fac53e..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-icu-pkgconfig.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/configure.in b/configure.in -index 7374564..13c8d4e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1444,19 +1444,11 @@ XML_LIBTOOLLIBS="libxml2.la" - AC_SUBST(WITH_ICONV) - - WITH_ICU=0 --ICU_LIBS="" - if test "$with_icu" != "yes" ; then - echo Disabling ICU support - else -- ICU_CONFIG=icu-config -- if ${ICU_CONFIG} --cflags >/dev/null 2>&1 -- then -- ICU_LIBS=`${ICU_CONFIG} --ldflags` -- WITH_ICU=1 -- echo Enabling ICU support -- else -- AC_MSG_ERROR([libicu config program icu-config not found]) -- fi -+ PKG_CHECK_MODULES(ICU, icu-i18n) -+ WITH_ICU=1 - fi - AC_SUBST(WITH_ICU) - AC_SUBST(ICU_LIBS) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch deleted file mode 100644 index 7a10e206ad..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-missing-entities.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Thu, 23 Oct 2014 11:35:36 +0800 -Subject: [PATCH] Fix missing entities after CVE-2014-3660 fix - -For https://bugzilla.gnome.org/show_bug.cgi?id=738805 - -The fix for CVE-2014-3660 introduced a regression in some case -where entity substitution is required and the entity is used -first in anotther entity referenced from an attribute value ---- - parser.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index 67c9dfd..a8d1b67 100644 ---- a/parser.c -+++ b/parser.c -@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - * far more secure as the parser will only process data coming from - * the document entity by default. - */ -- if ((ent->checked == 0) && -+ if (((ent->checked == 0) || -+ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) && - ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) || - (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) { - unsigned long oldnbent = ctxt->nbentities; --- -2.3.5 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch deleted file mode 100644 index bb0766a559..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-1.patch +++ /dev/null @@ -1,32 +0,0 @@ -From bd0526e66a56e75a18da8c15c4750db8f801c52d Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 23 Oct 2015 19:02:28 +0800 -Subject: Another variation of overflow in Conditional sections - -Which happen after the previous fix to -https://bugzilla.gnome.org/show_bug.cgi?id=756456 - -But stopping the parser and exiting we didn't pop the intermediary entities -and doing the SKIP there applies on an input which may be too small ---- - parser.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index a65e4cc..b9217ff 100644 ---- a/parser.c -+++ b/parser.c -@@ -6915,7 +6915,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - "All markup of the conditional section is not in the same entity\n", - NULL, NULL); - } -- SKIP(3); -+ if ((ctxt-> instate != XML_PARSER_EOF) && -+ ((ctxt->input->cur + 3) < ctxt->input->end)) -+ SKIP(3); - } - } - --- -cgit v0.11.2 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch deleted file mode 100644 index 1a059fe40b..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-overflow-conditional-sections-2.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 41ac9049a27f52e7a1f3b341f8714149fc88d450 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 27 Oct 2015 10:53:44 +0800 -Subject: Fix an error in previous Conditional section patch - -an off by one mistake in the change, led to error on correct -document where the end of the included entity was exactly -the end of the conditional section, leading to regtest failure ---- - parser.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index b9217ff..d67b300 100644 ---- a/parser.c -+++ b/parser.c -@@ -6916,7 +6916,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) { - NULL, NULL); - } - if ((ctxt-> instate != XML_PARSER_EOF) && -- ((ctxt->input->cur + 3) < ctxt->input->end)) -+ ((ctxt->input->cur + 3) <= ctxt->input->end)) - SKIP(3); - } - } --- -cgit v0.11.2 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-python-ABIFLAG.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-python-ABIFLAG.patch new file mode 100644 index 0000000000..14dd5bc734 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-python-ABIFLAG.patch @@ -0,0 +1,16 @@ + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 14ac0a8..f787b12 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -844,7 +844,7 @@ if test "$with_python" != "no" ; then + fi + if test "$PYTHON" != "" + then +- PYTHON_VERSION=`$PYTHON -c "from distutils import sysconfig; print(sysconfig.get_python_version())"` ++ PYTHON_VERSION=`$PYTHON -c "import sysconfig; print(sysconfig.get_config_var('LDVERSION') or sysconfig.get_config_var('py_version_short'))"` + PYTHON_INCLUDES=`$PYTHON -c "from distutils import sysconfig; print(sysconfig.get_python_inc())"` + # does not work as it produce a /usr/lib/python path instead of/usr/lib64/python + # diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch deleted file mode 100644 index d98b382116..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-revert-missing-initialization.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 17 Oct 2014 17:13:41 +0800 -Subject: Revert "Missing initialization for the catalog module" - -This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. -As this break xmlcatalog command -https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - -diff --git a/parser.c b/parser.c -index 1d93967..67c9dfd 100644 ---- a/parser.c -+++ b/parser.c -@@ -14830,9 +14830,6 @@ xmlInitParser(void) { - #ifdef LIBXML_XPATH_ENABLED - xmlXPathInit(); - #endif --#ifdef LIBXML_CATALOG_ENABLED -- xmlInitializeCatalog(); --#endif - xmlParserInitialized = 1; - #ifdef LIBXML_THREAD_ENABLED - } --- -cgit v0.10.1 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch deleted file mode 100644 index 1236f622d6..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-threads-declarations.patch +++ /dev/null @@ -1,48 +0,0 @@ -From fff8a6b87e05200a0ad0af6f86c2e859c7de9172 Mon Sep 17 00:00:00 2001 -From: Michael Heimpold -Date: Mon, 22 Dec 2014 11:12:12 +0800 -Subject: [PATCH] threads: use forward declarations only for glibc - -Fixes bug #704908 - -The declarations of pthread functions, used to generate weak references -to them, fail to suppress macros. Thus, if any pthread function has -been provided as a macro, compiling threads.c will fail. -This breaks on musl libc, which defines pthread_equal as a macro (in -addition to providing the function, as required). - -Prevent the declarations for e.g. musl libc by refining the condition. - -The idea for this solution was borrowed from the alpine linux guys, see -http://git.alpinelinux.org/cgit/aports/tree/main/libxml2/libxml2-pthread.patch - -Signed-off-by: Michael Heimpold ---- - threads.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/threads.c b/threads.c -index 8921204..78006a2 100644 ---- a/threads.c -+++ b/threads.c -@@ -47,7 +47,7 @@ - #ifdef HAVE_PTHREAD_H - - static int libxml_is_threaded = -1; --#ifdef __GNUC__ -+#if defined(__GNUC__) && defined(__GLIBC__) - #ifdef linux - #if (__GNUC__ == 3 && __GNUC_MINOR__ >= 3) || (__GNUC__ > 3) - extern int pthread_once (pthread_once_t *__once_control, -@@ -89,7 +89,7 @@ extern int pthread_cond_signal () - __attribute((weak)); - #endif - #endif /* linux */ --#endif /* __GNUC__ */ -+#endif /* defined(__GNUC__) && defined(__GLIBC__) */ - #endif /* HAVE_PTHREAD_H */ - - /* --- -2.3.5 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch deleted file mode 100644 index c179d47ef2..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-timsort.patch +++ /dev/null @@ -1,128 +0,0 @@ -From 9b987f8c98763ee569bde90b5268b43474ca106c Mon Sep 17 00:00:00 2001 -From: Christopher Swenson -Date: Fri, 27 Feb 2015 14:55:49 +0800 -Subject: [PATCH] Fix timsort invariant loop re: Envisage article - -See http://envisage-project.eu/proving-android-java-and-python-sorting-algorithm-is-broken-and-how-to-fix-it/ - -We use a "runLen" array of size 128, so it should be nearly impossible -to have our implementation overflow. - -But in any case, the fix is relatively simple -- checking two extra -conditions in the invariant calculation. - -I also took this opportunity to remove some redundancy in the -left/right merge logic in the invariant loop. ---- - timsort.h | 74 +++++++++++++++++++++++++++++++++------------------------------ - 1 file changed, 39 insertions(+), 35 deletions(-) - -diff --git a/timsort.h b/timsort.h -index efa3aab..795f272 100644 ---- a/timsort.h -+++ b/timsort.h -@@ -392,62 +392,66 @@ static void TIM_SORT_MERGE(SORT_TYPE *dst, const TIM_SORT_RUN_T *stack, const in - - static int TIM_SORT_COLLAPSE(SORT_TYPE *dst, TIM_SORT_RUN_T *stack, int stack_curr, TEMP_STORAGE_T *store, const size_t size) - { -- while (1) -- { -- int64_t A, B, C; -+ while (1) { -+ int64_t A, B, C, D; -+ int ABC, BCD, BD, CD; -+ - /* if the stack only has one thing on it, we are done with the collapse */ -- if (stack_curr <= 1) break; -+ if (stack_curr <= 1) { -+ break; -+ } -+ - /* if this is the last merge, just do it */ -- if ((stack_curr == 2) && -- (stack[0].length + stack[1].length == (int64_t) size)) -- { -+ if ((stack_curr == 2) && (stack[0].length + stack[1].length == size)) { - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[0].length += stack[1].length; - stack_curr--; - break; - } - /* check if the invariant is off for a stack of 2 elements */ -- else if ((stack_curr == 2) && (stack[0].length <= stack[1].length)) -- { -+ else if ((stack_curr == 2) && (stack[0].length <= stack[1].length)) { - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[0].length += stack[1].length; - stack_curr--; - break; -- } -- else if (stack_curr == 2) -+ } else if (stack_curr == 2) { - break; -+ } - -- A = stack[stack_curr - 3].length; -- B = stack[stack_curr - 2].length; -- C = stack[stack_curr - 1].length; -+ B = stack[stack_curr - 3].length; -+ C = stack[stack_curr - 2].length; -+ D = stack[stack_curr - 1].length; - -- /* check first invariant */ -- if (A <= B + C) -- { -- if (A < C) -- { -- TIM_SORT_MERGE(dst, stack, stack_curr - 1, store); -- stack[stack_curr - 3].length += stack[stack_curr - 2].length; -- stack[stack_curr - 2] = stack[stack_curr - 1]; -- stack_curr--; -- } -- else -- { -- TIM_SORT_MERGE(dst, stack, stack_curr, store); -- stack[stack_curr - 2].length += stack[stack_curr - 1].length; -- stack_curr--; -- } -+ if (stack_curr >= 4) { -+ A = stack[stack_curr - 4].length; -+ ABC = (A <= B + C); -+ } else { -+ ABC = 0; - } -- /* check second invariant */ -- else if (B <= C) -- { -+ -+ BCD = (B <= C + D) || ABC; -+ CD = (C <= D); -+ BD = (B < D); -+ -+ /* Both invariants are good */ -+ if (!BCD && !CD) { -+ break; -+ } -+ -+ /* left merge */ -+ if (BCD && !CD) { -+ TIM_SORT_MERGE(dst, stack, stack_curr - 1, store); -+ stack[stack_curr - 3].length += stack[stack_curr - 2].length; -+ stack[stack_curr - 2] = stack[stack_curr - 1]; -+ stack_curr--; -+ } else { -+ /* right merge */ - TIM_SORT_MERGE(dst, stack, stack_curr, store); - stack[stack_curr - 2].length += stack[stack_curr - 1].length; - stack_curr--; - } -- else -- break; - } -+ - return stack_curr; - } - --- -2.3.5 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch deleted file mode 100644 index bd4e482c34..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-unclosed-comments.patch +++ /dev/null @@ -1,65 +0,0 @@ -From e724879d964d774df9b7969fc846605aa1bac54c Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 30 Oct 2015 21:14:55 +0800 -Subject: Fix parsing short unclosed comment uninitialized access - -For https://bugzilla.gnome.org/show_bug.cgi?id=746048 -The HTML parser was too optimistic when processing comments and -didn't check for the end of the stream on the first 2 characters ---- - HTMLparser.c | 21 ++++++++++++++------- - 1 file changed, 14 insertions(+), 7 deletions(-) - -diff --git a/HTMLparser.c b/HTMLparser.c -index 19c10c3..bdf7807 100644 ---- a/HTMLparser.c -+++ b/HTMLparser.c -@@ -3264,12 +3264,17 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { - ctxt->instate = state; - return; - } -+ len = 0; -+ buf[len] = 0; - q = CUR_CHAR(ql); -+ if (!IS_CHAR(q)) -+ goto unfinished; - NEXTL(ql); - r = CUR_CHAR(rl); -+ if (!IS_CHAR(r)) -+ goto unfinished; - NEXTL(rl); - cur = CUR_CHAR(l); -- len = 0; - while (IS_CHAR(cur) && - ((cur != '>') || - (r != '-') || (q != '-'))) { -@@ -3300,18 +3305,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { - } - } - buf[len] = 0; -- if (!IS_CHAR(cur)) { -- htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, -- "Comment not terminated \n