mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 18:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #614 from dm0-/glsa

Browse Source 
Fix libxml2 GLSA
This commit is contained in:
David Michael 2017-11-10 17:18:14 -05:00 committed by GitHub
commit 835e76ba6d
30 changed files with 2331 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest vendored
View File

@ -1,16 +1,6 @@
AUX libxml2-2.7.1-catalog_path.patch 2225 SHA256 8ff974c4c3cd04a16741e87247d0a0a63b09bfb0a285c1cc1d7d0aa855142d3c SHA512 bcad080ee84c926c75df8baa47937bdfcfa207235263249f4025e64cbb5ac9be883e1ac4dc1ee55944116da2f84ced27b7cae781aa855579796f3f53a54aacb1 WHIRLPOOL 83e1812e537a7babf1ae694352498628da643db860ebe62021a6b77cc1e3abae35cdbc44d05d889b12adba031b015dfe62c8f19560e45c53a3c3a082cadeabe6
AUX libxml2-2.8.0_rc1-winnt.patch 2392 SHA256 c18b2c15550b3ff4709a85cd18d16368928319b1b7fd8875dc34acd67076b134 SHA512 e78d010c82f18386b4f0ff84497585755b43416563bccd11f8e4dbf0153ca8842934fe05dce6c2373d8360574a2165795a78ea991682aed9610000d2bfcb0164 WHIRLPOOL a87eefa17ad113ae4aed14744715b4e1781e0869a3bb789bdf4f243bdb3687d0d4b6ee2addc85bf5b2f86b9d1cc442d946f0329011f033e3a7855ae0ad79b745
AUX libxml2-2.9.2-disable-tests.patch 2118 SHA256 4558ea3360dab8ce500b8f6438c128b9928959dce18cd5667d5403c317c8b3c1 SHA512 b38aa354b949c64da2a1cbe7dcff47f13eaa6c7a88bb34300995b17481d016192174e6f0613c55a351e21835fc2f2f70f87cc27f1fe8be99e8005a2e092a27ef WHIRLPOOL 7fa224dd404750ddacbfb9cde05c4b18c1bf9d7d794e23bfa11a4de316cca7c5df721e4b8bcf1f5d91d7ae3af58e158a4fb1051770634757f9d1b3358d34c7d3
AUX libxml2-2.9.2-python-ABIFLAG.patch 728 SHA256 088ce998caf80e0861e63c1ae36917797ead8adbadef9d502423ab97a591f70e SHA512 2f801329ad4e13dc70450d41f7659a510fe429b3aa9b66859fed25c4e3d95381d6f253f3a60a54002a16999296d3bd2adaca5e4cca92186492bfc7de3ac84426 WHIRLPOOL 8302c90a647adea89f6baedf726b4af20a9cbd6d0f48bea7d38867f00cdd0dc71fea833419dcaf55b73435d1ba90c552eb49b583652c79dc47c495d61cdc703a
AUX libxml2-2.9.4-CVE-2016-4658.patch 7318 SHA256 7aee52ca24da6c7d36787cded379eaedd34803f8d355e11806b988a25de6a6bb SHA512 7dc42ad219397a6be0b4e50c61d1aa4b44e06b4c0af5f1a63996fa257e6831c624729428ea66ef02118a81ca8360b07f923ad436870364de1081f8a3505d94fc WHIRLPOOL e407d349ee292314de9a63ecaeb8d415362a41df1521ba8533ac1168cd0ed709e38844b72446b6c1b21964fb6c389a499ed545c6c79688f3147e38fb9ec6f6f2
AUX libxml2-2.9.4-CVE-2016-5131.patch 5038 SHA256 4e0248f5a6877b157b9d736c412d4da7a2c015d58a816b859957efddb8d3c8d4 SHA512 c92cda9851fdf8af6cb21aa80f39b474cddef8c749298f5b51f76f871160ac9749fdaac3fa406cc0c75a666f7627983fce0e90fb2919f3a8c778e1148583be33 WHIRLPOOL 810c79240386e3657dd8451583e57ade7d4b638dabc667c798c1c922f46922ec3687ef7627f7c558e34ae204e751830d7f2ab7891e1c75ab91c3f10e58ccd22a
AUX libxml2-2.9.4-nullptrderef.patch 1577 SHA256 797743ea3d5d4a4ff50d0b9a572daf1db47aea02d5f163ff830019fc78ebbe5a SHA512 4882c75fd13807a842b57771242a3dc10ac9db36f10b7f2b3e96f7e4d1a59127779f73a5062305d80719053d94f6044a0ffd51447fb77fca393738fd1635bfc0 WHIRLPOOL 044a59f26ecbf88916c2f255a99869867880353ed7742ec958ec4feb821b3642a1110034d98c52ca36a9ebca775e2eab7f08b84200abe65675e58ab74ef31fc3
AUX libxml2-2.9.4-nullptrderef2.patch 1785 SHA256 160459ea5d5fdbd3d7bd842a24075c3a56aeb75a8d7a17e3409e535d0ac7c706 SHA512 406379a787c1bd45f1b3c128c94182250e4200d5a577ae15dab574ce590857124bda896fd677bce1950658a1ff7b4ea6fc95b52a9ea31daf47ab5c66e03460d5 WHIRLPOOL fd94788d1095bdbfd9d707215865ba52f74287aff6251d74f4fbb74677edb18c730c1038f1ace7720213c3a372d09964fc5cd9f77ffbe1114e7e203593aa721b
DIST libxml2-2.9.4.tar.gz 5374830 SHA256 ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c SHA512 f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9 WHIRLPOOL 268d3364a3d293810dff060b3ab92042c5550e50dbe9038c4d5b54ea6a22ed77f9572575517ae3bacfe518d634047eb9d5345e903b125e56a3d32ad1ba96dabf
DIST libxml2-2.9.5.tar.gz 5466888 SHA256 4031c1ecee9ce7ba4f313e91ef6284164885cdb69937a123f6a83bb6a72dcd38 SHA512 197dbd1722e5f90eea43837323352f48d215e198aa6b95685645ef7511e2beba8aadc0dd67e099c945120c5dbe7f8c9da5f376b22f447059e9ffa941c1bfd175 WHIRLPOOL 14cfeaa1c18af4e64131505010484b2e64d83d617984c6321b77c4263901b16b24c945eb9af17763fe63048c3910111fdc498fe9183c04ecea9182ea8f9214fa
DIST libxml2-2.9.6.tar.gz 5469624 SHA256 8b9038cca7240e881d462ea391882092dfdc6d4f483f72683e817be08df5ebbc SHA512 5ef80f895374bd5dd3bcd5f00c715795f026bf45d998f8f762c0cdb739b8755e01de40cf853d98a3826eacef95c4adebe4777db11020e8d98d0bda921f55a0ed WHIRLPOOL 1fa2b10f8715f3718863957e6a5173400b42c6587c4602f52c0ae9103fafd7a515c28158c9bc928c532139cd73274f070015c64677434a0a6fa83f0a9e8425ff
DIST xmlts20080827.tar.gz 638940 SHA256 96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7 SHA512 7325d0977c4427fc4944b291ccf896a665f654cc24399e5565c12a849c2bc3aef4fa3ee42a09ac115abcb6570c51a8fbd052c38d64d164279ecdecad5a4e884d WHIRLPOOL 50835380c3ea208df0bf9ce032ed2df69c4c6cb5a53ffdd39a08fb4f1d166f311b2ef2fe0d9911ae1ebff92aeb42f6ea55e727dfe0b7a3b95e6c7240315b3eda
DIST xsts-2002-01-16.tar.gz 6894439 SHA256 55e5c08db29946a91ea8e70e8f2418d3fd30d8b6777941dfba7f54726ffd9914 SHA512 43300af6d39c1e2221b0ed7318fe14c7464eeb6eb030ed1e22eb29b4ab17f014e2a4c8887c3a46ae5d243e3072da27f00f4e285498ae6f1288177d38d1108288 WHIRLPOOL 84dd51959460a4f8aa582d57ad39229c546ca7fe155012c57c368b59f5d31400d8b940a343a7320058330ca611303139cacdffed514783f96406ac5366026b11
DIST xsts-2004-01-14.tar.gz 2761085 SHA256 09bdf9f81f381ebf9bc158a9472e498e896f7a02eb7461146e9abe1b9493ca17 SHA512 32854388d7e720ad67156baf50bf2bae7bd878ca3e35fd7e44e57cad3f434f69d56bbbedd61509f8a1faf01c9eae74a078df8fe130780b182c05c05cb1c39ebe WHIRLPOOL c46a3bf7d6dd771757f4304995cc177cf51c6cdd0e9778851fc13d3809c7b984690b4f273b3e075abe018110968eb7fc78f5b83170d3e18bacf00a4ed64b213d
EBUILD libxml2-2.9.4-r1.ebuild 6888 SHA256 811600ce79c09d4a7d11e9e9374c5a4cf3fd47774dbd861553fe0e32d1d85aa4 SHA512 0cc6a794816b98970a130b5298f3f957475444af10747b3c4149ebb0fae0ab07bcd293f29e6013d6e8779c5f25f2b4e0c75eb86b86794befa2d4ca050d612381 WHIRLPOOL 485c3371b59195d6862f18df2cb6332871c7d61e2a043a6bfa85f0b088f4a77d8cf3db95c881e151a28e87f2f042ef26be8c7cceae18dee10b525e86d8a3e92f
MISC ChangeLog 9698 SHA256 1b1fb6fa12f27f404c6a5d2e68e56078877a20539e2150d43ceefaa61c31a251 SHA512 7f51ba012043be6cd6c979ffbf47bbed2d7ab2d4ed25fcde2c3baebb29311178c3d873d7ade799ef167fa8fcfa5cfd29379b6a19f72ba04e1594fa5a4dc3783f WHIRLPOOL 801f2f44fdf6411ec8a8b9df790e04fb8824d9b88623398a3d047c69a690dc9c9f071a2a845329403a1b15fb990f8cc61ebad5e34aeff2d869b932adae4d000b
MISC ChangeLog-2015 65422 SHA256 6e4ee4a306e6b8c480f681f1846d7879ac86df55d74401e26f1b7cfc5e05f94d SHA512 e030bc367ffae1c8530e1ad171da60bf7034095d81060cbe4286bf0840ef86d17447e8549fbf3a09f39db9ced5476b3b29630d5495647cbe2d55e11b423aa379 WHIRLPOOL 279cff12baa7a881967812c7bf76b54297a39144e2fc9291053662f463faff68db5a8b6420267031ee1afb979669e823989063bf0ac2c7cc820927d6bdfe555c
MISC metadata.xml 347 SHA256 f67239ca2e57c9729d3be4e84d03d474e382b53c89371617fd97acd8494a5fe7 SHA512 6a094316da6ea1fb160b539788923a2dc01d7ef6304f924f628a438714663a51c8d1adaa97800516a64055a8adf6999ae2899b5a976db680967dcc298e22444d WHIRLPOOL 24e14b8ca1c048a589aec596a844a7e9b9bbf52964b3dd26bab7c03b7ed762f0ea0abbb0832b1fb6c94b7a4cff92b921e61bce9461db3368ab95003501cd3e50

2
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch vendored
View File

@ -25,7 +25,7 @@ do not build test programs as we don't install them
#testOOM_LDADD= $(LDADDS)
-runtests:
+runtests: check_PROGRAMS
+runtests: $(check_PROGRAMS)
[ -d test ] || $(LN_S) $(srcdir)/test .
[ -d result ] || $(LN_S) $(srcdir)/result .
$(CHECKER) ./runtest$(EXEEXT) && $(CHECKER) ./testrecurse$(EXEEXT) &&$(CHECKER) ./testapi$(EXEEXT) && $(CHECKER) ./testchar$(EXEEXT)&& $(CHECKER) ./testdict$(EXEEXT) && $(CHECKER) ./runxmlconf$(EXEEXT)

202
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch vendored Normal file
View File

@ -0,0 +1,202 @@
From 292be65a52ab9e0eb3a53b4e0be5a57bc6de59d3 Mon Sep 17 00:00:00 2001
From: Doran Moppert <dmoppert@redhat.com>
Date: Fri, 7 Apr 2017 16:45:56 +0200
Subject: [PATCH 6/7] Add an XML_PARSE_NOXXE flag to block all entities loading
even local
For https://bugzilla.gnome.org/show_bug.cgi?id=772726
* include/libxml/parser.h: Add a new parser flag XML_PARSE_NOXXE
* elfgcchack.h, xmlIO.h, xmlIO.c: associated loading routine
* include/libxml/xmlerror.h: new error raised
* xmllint.c: adds --noxxe flag to activate the option
---
elfgcchack.h | 10 ++++++++++
include/libxml/parser.h | 3 ++-
include/libxml/xmlIO.h | 8 ++++++++
include/libxml/xmlerror.h | 1 +
parser.c | 4 ++++
xmlIO.c | 40 +++++++++++++++++++++++++++++++++++-----
xmllint.c | 5 +++++
7 files changed, 65 insertions(+), 6 deletions(-)
diff --git a/elfgcchack.h b/elfgcchack.h
index 8c52884a..1b81dcde 100644
--- a/elfgcchack.h
+++ b/elfgcchack.h
@@ -6547,6 +6547,16 @@ extern __typeof (xmlNoNetExternalEntityLoader) xmlNoNetExternalEntityLoader__int
#endif
#endif
+#ifdef bottom_xmlIO
+#undef xmlNoXxeExternalEntityLoader
+extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader __attribute((alias("xmlNoXxeExternalEntityLoader__internal_alias")));
+#else
+#ifndef xmlNoXxeExternalEntityLoader
+extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader__internal_alias __attribute((visibility("hidden")));
+#define xmlNoXxeExternalEntityLoader xmlNoXxeExternalEntityLoader__internal_alias
+#endif
+#endif
+
#ifdef bottom_tree
#undef xmlNodeAddContent
extern __typeof (xmlNodeAddContent) xmlNodeAddContent __attribute((alias("xmlNodeAddContent__internal_alias")));
diff --git a/include/libxml/parser.h b/include/libxml/parser.h
index 47fbec03..63ca1b97 100644
--- a/include/libxml/parser.h
+++ b/include/libxml/parser.h
@@ -1111,7 +1111,8 @@ typedef enum {
XML_PARSE_HUGE = 1<<19,/* relax any hardcoded limit from the parser */
XML_PARSE_OLDSAX = 1<<20,/* parse using SAX2 interface before 2.7.0 */
XML_PARSE_IGNORE_ENC= 1<<21,/* ignore internal document encoding hint */
- XML_PARSE_BIG_LINES = 1<<22 /* Store big lines numbers in text PSVI field */
+ XML_PARSE_BIG_LINES = 1<<22,/* Store big lines numbers in text PSVI field */
+ XML_PARSE_NOXXE = 1<<23 /* Forbid any external entity loading */
} xmlParserOption;
XMLPUBFUN void XMLCALL
diff --git a/include/libxml/xmlIO.h b/include/libxml/xmlIO.h
index 3e41744d..8d3fdef5 100644
--- a/include/libxml/xmlIO.h
+++ b/include/libxml/xmlIO.h
@@ -299,6 +299,14 @@ XMLPUBFUN xmlParserInputPtr XMLCALL
const char *ID,
xmlParserCtxtPtr ctxt);
+/*
+ * A predefined entity loader external entity expansion
+ */
+XMLPUBFUN xmlParserInputPtr XMLCALL
+ xmlNoXxeExternalEntityLoader (const char *URL,
+ const char *ID,
+ xmlParserCtxtPtr ctxt);
+
/*
* xmlNormalizeWindowsPath is obsolete, don't use it.
* Check xmlCanonicPath in uri.h for a better alternative.
diff --git a/include/libxml/xmlerror.h b/include/libxml/xmlerror.h
index 037c16d5..3036062d 100644
--- a/include/libxml/xmlerror.h
+++ b/include/libxml/xmlerror.h
@@ -470,6 +470,7 @@ typedef enum {
XML_IO_EADDRINUSE, /* 1554 */
XML_IO_EALREADY, /* 1555 */
XML_IO_EAFNOSUPPORT, /* 1556 */
+ XML_IO_ILLEGAL_XXE, /* 1557 */
XML_XINCLUDE_RECURSION=1600,
XML_XINCLUDE_PARSE_VALUE, /* 1601 */
XML_XINCLUDE_ENTITY_DEF_MISMATCH, /* 1602 */
diff --git a/parser.c b/parser.c
index b832406a..8e11c127 100644
--- a/parser.c
+++ b/parser.c
@@ -15352,6 +15352,10 @@ xmlCtxtUseOptionsInternal(xmlParserCtxtPtr ctxt, int options, const char *encodi
ctxt->options |= XML_PARSE_NONET;
options -= XML_PARSE_NONET;
}
+ if (options & XML_PARSE_NOXXE) {
+ ctxt->options |= XML_PARSE_NOXXE;
+ options -= XML_PARSE_NOXXE;
+ }
if (options & XML_PARSE_COMPACT) {
ctxt->options |= XML_PARSE_COMPACT;
options -= XML_PARSE_COMPACT;
diff --git a/xmlIO.c b/xmlIO.c
index 6e61f45a..34881461 100644
--- a/xmlIO.c
+++ b/xmlIO.c
@@ -212,6 +212,7 @@ static const char *IOerr[] = {
"adddress in use", /* EADDRINUSE */
"already in use", /* EALREADY */
"unknown address familly", /* EAFNOSUPPORT */
+ "Attempt to load external entity %s", /* XML_IO_ILLEGAL_XXE */
};
#if defined(_WIN32) || defined (__DJGPP__) && !defined (__CYGWIN__)
@@ -4057,13 +4058,22 @@ xmlDefaultExternalEntityLoader(const char *URL, const char *ID,
xmlGenericError(xmlGenericErrorContext,
"xmlDefaultExternalEntityLoader(%s, xxx)\n", URL);
#endif
- if ((ctxt != NULL) && (ctxt->options & XML_PARSE_NONET)) {
+ if (ctxt != NULL) {
int options = ctxt->options;
- ctxt->options -= XML_PARSE_NONET;
- ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt);
- ctxt->options = options;
- return(ret);
+ if (options & XML_PARSE_NOXXE) {
+ ctxt->options -= XML_PARSE_NOXXE;
+ ret = xmlNoXxeExternalEntityLoader(URL, ID, ctxt);
+ ctxt->options = options;
+ return(ret);
+ }
+
+ if (options & XML_PARSE_NONET) {
+ ctxt->options -= XML_PARSE_NONET;
+ ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt);
+ ctxt->options = options;
+ return(ret);
+ }
}
#ifdef LIBXML_CATALOG_ENABLED
resource = xmlResolveResourceFromCatalog(URL, ID, ctxt);
@@ -4164,6 +4174,13 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID,
xmlParserInputPtr input = NULL;
xmlChar *resource = NULL;
+ if (ctxt == NULL) {
+ return(NULL);
+ }
+ if (ctxt->input_id == 1) {
+ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt);
+ }
+
#ifdef LIBXML_CATALOG_ENABLED
resource = xmlResolveResourceFromCatalog(URL, ID, ctxt);
#endif
@@ -4186,5 +4203,18 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID,
return(input);
}
+xmlParserInputPtr
+xmlNoXxeExternalEntityLoader(const char *URL, const char *ID,
+ xmlParserCtxtPtr ctxt) {
+ if (ctxt == NULL) {
+ return(NULL);
+ }
+ if (ctxt->input_id == 1) {
+ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt);
+ }
+ xmlIOErr(XML_IO_ILLEGAL_XXE, (const char *) URL);
+ return(NULL);
+}
+
#define bottom_xmlIO
#include "elfgcchack.h"
diff --git a/xmllint.c b/xmllint.c
index f8eb7ec4..8f304cda 100644
--- a/xmllint.c
+++ b/xmllint.c
@@ -3019,6 +3019,7 @@ static void usage(const char *name) {
printf("\t--path 'paths': provide a set of paths for resources\n");
printf("\t--load-trace : print trace of all external entities loaded\n");
printf("\t--nonet : refuse to fetch DTDs or entities over network\n");
+ printf("\t--noxxe : forbid any external entity loading\n");
printf("\t--nocompact : do not generate compact text nodes\n");
printf("\t--htmlout : output results as HTML\n");
printf("\t--nowrap : do not put HTML doc wrapper\n");
@@ -3461,6 +3462,10 @@ main(int argc, char **argv) {
(!strcmp(argv[i], "--nonet"))) {
options |= XML_PARSE_NONET;
xmlSetExternalEntityLoader(xmlNoNetExternalEntityLoader);
+ } else if ((!strcmp(argv[i], "-noxxe")) ||
+ (!strcmp(argv[i], "--noxxe"))) {
+ options |= XML_PARSE_NOXXE;
+ xmlSetExternalEntityLoader(xmlNoXxeExternalEntityLoader);
} else if ((!strcmp(argv[i], "-nocompact")) ||
(!strcmp(argv[i], "--nocompact"))) {
options &= ~XML_PARSE_COMPACT;
--
2.14.1

43
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch vendored Normal file
View File

@ -0,0 +1,43 @@
From d815758b6a8c9dee8155268e49b5ef3b80135a14 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Tue, 6 Jun 2017 12:56:28 +0200
Subject: [PATCH 1/3] Fix type confusion in xmlValidateOneNamespace
Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
namespace declarations make no practical sense anyway.
Fixes bug 780228.
Found with libFuzzer and ASan.
---
valid.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/valid.c b/valid.c
index 8075d3a0..c51ea290 100644
--- a/valid.c
+++ b/valid.c
@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
}
}
+ /*
+ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
+ * xmlAddID and xmlAddRef for namespace declarations, but it makes
+ * no practical sense to use ID types anyway.
+ */
+#if 0
/* Validity Constraint: ID uniqueness */
if (attrDecl->atype == XML_ATTRIBUTE_ID) {
if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
ret = 0;
}
+#endif
/* Validity Constraint: Notation Attributes */
if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
--
2.14.1

63
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch vendored Normal file
View File

@ -0,0 +1,63 @@
From 8952ce48a5fa1d3de1f087f10e8b6e47bb59f4e3 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Wed, 7 Jun 2017 16:47:36 +0200
Subject: [PATCH 1/7] Fix NULL pointer deref in xmlDumpElementContent
Can only be triggered in recovery mode.
Fixes bug 758422 (CVE-2017-5969).
---
valid.c | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/valid.c b/valid.c
index 19f84b82..0a8e58ab 100644
--- a/valid.c
+++ b/valid.c
@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, xmlElementContentPtr content, int glob)
xmlBufferWriteCHAR(buf, content->name);
break;
case XML_ELEMENT_CONTENT_SEQ:
- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
- (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
+ if ((content->c1 != NULL) &&
+ ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+ (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
xmlDumpElementContent(buf, content->c1, 1);
else
xmlDumpElementContent(buf, content->c1, 0);
xmlBufferWriteChar(buf, " , ");
- if ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
- ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
+ if ((content->c2 != NULL) &&
+ ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
+ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
+ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
xmlDumpElementContent(buf, content->c2, 1);
else
xmlDumpElementContent(buf, content->c2, 0);
break;
case XML_ELEMENT_CONTENT_OR:
- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
- (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
+ if ((content->c1 != NULL) &&
+ ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+ (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
xmlDumpElementContent(buf, content->c1, 1);
else
xmlDumpElementContent(buf, content->c1, 0);
xmlBufferWriteChar(buf, " | ");
- if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
- ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
+ if ((content->c2 != NULL) &&
+ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
+ ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
+ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
xmlDumpElementContent(buf, content->c2, 1);
else
xmlDumpElementContent(buf, content->c2, 0);
--
2.14.1

35
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch vendored Normal file
View File

@ -0,0 +1,35 @@
From 9ea49a06b9421b6a3a9c243fb1ec23b19bd6b049 Mon Sep 17 00:00:00 2001
From: Neel Mehta <nmehta@google.com>
Date: Fri, 7 Apr 2017 17:43:02 +0200
Subject: [PATCH 7/7] Prevent unwanted external entity reference
For https://bugzilla.gnome.org/show_bug.cgi?id=780691
* parser.c: add a specific check to avoid PE reference
---
parser.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/parser.c b/parser.c
index 8e11c127..e8e962bb 100644
--- a/parser.c
+++ b/parser.c
@@ -8125,6 +8125,15 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
if (xmlPushInput(ctxt, input) < 0)
return;
} else {
+ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
+ ((ctxt->options & XML_PARSE_NOENT) == 0) &&
+ ((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
+ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) &&
+ ((ctxt->options & XML_PARSE_DTDATTR) == 0) &&
+ (ctxt->replaceEntities == 0) &&
+ (ctxt->validate == 0))
+ return;
+
/*
* TODO !!!
* handle the extra spaces added before and after
--
2.14.1

31
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch vendored Normal file
View File

@ -0,0 +1,31 @@
From 43cd3b6222bda2332e963eb1c9ead78f29912b0a Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Fri, 7 Apr 2017 17:13:28 +0200
Subject: [PATCH 2/3] Increase buffer space for port in HTTP redirect support
For https://bugzilla.gnome.org/show_bug.cgi?id=780690
nanohttp.c: the code wrongly assumed a short int port value.
---
nanohttp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nanohttp.c b/nanohttp.c
index 26e4290e..9c17530e 100644
--- a/nanohttp.c
+++ b/nanohttp.c
@@ -1423,9 +1423,9 @@ retry:
if (ctxt->port != 80) {
/* reserve space for ':xxxxx', incl. potential proxy */
if (proxy)
- blen += 12;
+ blen += 17;
else
- blen += 6;
+ blen += 11;
}
bp = (char*)xmlMallocAtomic(blen);
if ( bp == NULL ) {
--
2.14.1

116
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch vendored Normal file
View File

File diff suppressed because one or more lines are too long

316
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch vendored Normal file
View File

@ -0,0 +1,316 @@
From 9c95d1b7f3951efe09df66ec41d7b19d6283084d Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Mon, 5 Jun 2017 15:37:17 +0200
Subject: [PATCH 3/7] Fix handling of parameter-entity references
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
There were two bugs where parameter-entity references could lead to an
unexpected change of the input buffer in xmlParseNameComplex and
xmlDictLookup being called with an invalid pointer.
Percent sign in DTD Names
=========================
The NEXTL macro used to call xmlParserHandlePEReference. When parsing
"complex" names inside the DTD, this could result in entity expansion
which created a new input buffer. The fix is to simply remove the call
to xmlParserHandlePEReference from the NEXTL macro. This is safe because
no users of the macro require expansion of parameter entities.
- xmlParseNameComplex
- xmlParseNCNameComplex
- xmlParseNmtoken
The percent sign is not allowed in names, which are grammatical tokens.
- xmlParseEntityValue
Parameter-entity references in entity values are expanded but this
happens in a separate step in this function.
- xmlParseSystemLiteral
Parameter-entity references are ignored in the system literal.
- xmlParseAttValueComplex
- xmlParseCharDataComplex
- xmlParseCommentComplex
- xmlParsePI
- xmlParseCDSect
Parameter-entity references are ignored outside the DTD.
- xmlLoadEntityContent
This function is only called from xmlStringLenDecodeEntities and
entities are replaced in a separate step immediately after the function
call.
This bug could also be triggered with an internal subset and double
entity expansion.
This fixes bug 766956 initially reported by Wei Lei and independently by
Chromium's ClusterFuzz, Hanno Böck, and Marco Grassi. Thanks to everyone
involved.
xmlParseNameComplex with XML_PARSE_OLD10
========================================
When parsing Names inside an expanded parameter entity with the
XML_PARSE_OLD10 option, xmlParseNameComplex would call xmlGROW via the
GROW macro if the input buffer was exhausted. At the end of the
parameter entity's replacement text, this function would then call
xmlPopInput which invalidated the input buffer.
There should be no need to invoke GROW in this situation because the
buffer is grown periodically every XML_PARSER_CHUNK_SIZE characters and,
at least for UTF-8, in xmlCurrentChar. This also matches the code path
executed when XML_PARSE_OLD10 is not set.
This fixes bugs 781205 (CVE-2017-9049) and 781361 (CVE-2017-9050).
Thanks to Marcel Böhme and Thuan Pham for the report.
Additional hardening
====================
A separate check was added in xmlParseNameComplex to validate the
buffer size.
---
Makefile.am | 18 ++++++++++++++++++
parser.c | 18 ++++++++++--------
result/errors10/781205.xml | 0
result/errors10/781205.xml.err | 21 +++++++++++++++++++++
result/errors10/781361.xml | 0
result/errors10/781361.xml.err | 13 +++++++++++++
result/valid/766956.xml | 0
result/valid/766956.xml.err | 9 +++++++++
result/valid/766956.xml.err.rdr | 10 ++++++++++
runtest.c | 3 +++
test/errors10/781205.xml | 3 +++
test/errors10/781361.xml | 3 +++
test/valid/766956.xml | 2 ++
test/valid/dtds/766956.dtd | 2 ++
14 files changed, 94 insertions(+), 8 deletions(-)
create mode 100644 result/errors10/781205.xml
create mode 100644 result/errors10/781205.xml.err
create mode 100644 result/errors10/781361.xml
create mode 100644 result/errors10/781361.xml.err
create mode 100644 result/valid/766956.xml
create mode 100644 result/valid/766956.xml.err
create mode 100644 result/valid/766956.xml.err.rdr
create mode 100644 test/errors10/781205.xml
create mode 100644 test/errors10/781361.xml
create mode 100644 test/valid/766956.xml
create mode 100644 test/valid/dtds/766956.dtd
diff --git a/Makefile.am b/Makefile.am
index 3b52bae7..bf20124e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -422,6 +422,24 @@ Errtests : xmllint$(EXEEXT)
if [ -n "$$log" ] ; then echo $$name result ; echo $$log ; fi ; \
rm result.$$name error.$$name ; \
fi ; fi ; done)
+ @echo "## Error cases regression tests (old 1.0)"
+ -@(for i in $(srcdir)/test/errors10/*.xml ; do \
+ name=`basename $$i`; \
+ if [ ! -d $$i ] ; then \
+ if [ ! -f $(srcdir)/result/errors10/$$name ] ; then \
+ echo New test file $$name ; \
+ $(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i \
+ 2> $(srcdir)/result/errors10/$$name.err \
+ > $(srcdir)/result/errors10/$$name ; \
+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \
+ else \
+ log=`$(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i 2> error.$$name > result.$$name ; \
+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \
+ diff $(srcdir)/result/errors10/$$name result.$$name ; \
+ diff $(srcdir)/result/errors10/$$name.err error.$$name` ; \
+ if [ -n "$$log" ] ; then echo $$name result ; echo "$$log" ; fi ; \
+ rm result.$$name error.$$name ; \
+ fi ; fi ; done)
@echo "## Error cases stream regression tests"
-@(for i in $(srcdir)/test/errors/*.xml ; do \
name=`basename $$i`; \
diff --git a/parser.c b/parser.c
index 53a6b7f0..b832406a 100644
--- a/parser.c
+++ b/parser.c
@@ -2115,7 +2115,6 @@ static void xmlGROW (xmlParserCtxtPtr ctxt) {
ctxt->input->line++; ctxt->input->col = 1; \
} else ctxt->input->col++; \
ctxt->input->cur += l; \
- if (*ctxt->input->cur == '%') xmlParserHandlePEReference(ctxt); \
} while (0)
#define CUR_CHAR(l) xmlCurrentChar(ctxt, &l)
@@ -3406,13 +3405,6 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
len += l;
NEXTL(l);
c = CUR_CHAR(l);
- if (c == 0) {
- count = 0;
- GROW;
- if (ctxt->instate == XML_PARSER_EOF)
- return(NULL);
- c = CUR_CHAR(l);
- }
}
}
if ((len > XML_MAX_NAME_LENGTH) &&
@@ -3420,6 +3412,16 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "Name");
return(NULL);
}
+ if (ctxt->input->cur - ctxt->input->base < len) {
+ /*
+ * There were a couple of bugs where PERefs lead to to a change
+ * of the buffer. Check the buffer size to avoid passing an invalid
+ * pointer to xmlDictLookup.
+ */
+ xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR,
+ "unexpected change of input buffer");
+ return (NULL);
+ }
if ((*ctxt->input->cur == '\n') && (ctxt->input->cur[-1] == '\r'))
return(xmlDictLookup(ctxt->dict, ctxt->input->cur - (len + 1), len));
return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len));
diff --git a/result/errors10/781205.xml b/result/errors10/781205.xml
new file mode 100644
index 00000000..e69de29b
diff --git a/result/errors10/781205.xml.err b/result/errors10/781205.xml.err
new file mode 100644
index 00000000..da15c3f7
--- /dev/null
+++ b/result/errors10/781205.xml.err
@@ -0,0 +1,21 @@
+Entity: line 1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration
+
+ %a;
+ ^
+Entity: line 1:
+<:0000
+^
+Entity: line 1: parser error : DOCTYPE improperly terminated
+ %a;
+ ^
+Entity: line 1:
+<:0000
+^
+namespace error : Failed to parse QName ':0000'
+ %a;
+ ^
+<:0000
+ ^
+./test/errors10/781205.xml:4: parser error : Couldn't find end of Start Tag :0000 line 1
+
+^
diff --git a/result/errors10/781361.xml b/result/errors10/781361.xml
new file mode 100644
index 00000000..e69de29b
diff --git a/result/errors10/781361.xml.err b/result/errors10/781361.xml.err
new file mode 100644
index 00000000..655f41a2
--- /dev/null
+++ b/result/errors10/781361.xml.err
@@ -0,0 +1,13 @@
+./test/errors10/781361.xml:4: parser error : xmlParseElementDecl: 'EMPTY', 'ANY' or '(' expected
+
+^
+./test/errors10/781361.xml:4: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration
+
+
+^
+./test/errors10/781361.xml:4: parser error : DOCTYPE improperly terminated
+
+^
+./test/errors10/781361.xml:4: parser error : Start tag expected, '<' not found
+
+^
diff --git a/result/valid/766956.xml b/result/valid/766956.xml
new file mode 100644
index 00000000..e69de29b
diff --git a/result/valid/766956.xml.err b/result/valid/766956.xml.err
new file mode 100644
index 00000000..34b1dae6
--- /dev/null
+++ b/result/valid/766956.xml.err
@@ -0,0 +1,9 @@
+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';'
+%ä%ent;
+ ^
+Entity: line 1: parser error : Content error in the external subset
+ %ent;
+ ^
+Entity: line 1:
+value
+^
diff --git a/result/valid/766956.xml.err.rdr b/result/valid/766956.xml.err.rdr
new file mode 100644
index 00000000..77603462
--- /dev/null
+++ b/result/valid/766956.xml.err.rdr
@@ -0,0 +1,10 @@
+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';'
+%ä%ent;
+ ^
+Entity: line 1: parser error : Content error in the external subset
+ %ent;
+ ^
+Entity: line 1:
+value
+^
+./test/valid/766956.xml : failed to parse
diff --git a/runtest.c b/runtest.c
index 7d030bdc..cd233da9 100644
--- a/runtest.c
+++ b/runtest.c
@@ -4202,6 +4202,9 @@ testDesc testDescriptions[] = {
{ "Error cases regression tests",
errParseTest, "./test/errors/*.xml", "result/errors/", "", ".err",
0 },
+ { "Error cases regression tests (old 1.0)",
+ errParseTest, "./test/errors10/*.xml", "result/errors10/", "", ".err",
+ XML_PARSE_OLD10 },
#ifdef LIBXML_READER_ENABLED
{ "Error cases stream regression tests",
streamParseTest, "./test/errors/*.xml", "result/errors/", NULL, ".str",
diff --git a/test/errors10/781205.xml b/test/errors10/781205.xml
new file mode 100644
index 00000000..d9e9e839
--- /dev/null
+++ b/test/errors10/781205.xml
@@ -0,0 +1,3 @@
+<!DOCTYPE D [
+ <!ENTITY % a "<:0000">
+ %a;
diff --git a/test/errors10/781361.xml b/test/errors10/781361.xml
new file mode 100644
index 00000000..67476bcb
--- /dev/null
+++ b/test/errors10/781361.xml
@@ -0,0 +1,3 @@
+<!DOCTYPE doc [
+ <!ENTITY % elem "<!ELEMENT e0000000000">
+ %elem;
diff --git a/test/valid/766956.xml b/test/valid/766956.xml
new file mode 100644
index 00000000..19a95a0e
--- /dev/null
+++ b/test/valid/766956.xml
@@ -0,0 +1,2 @@
+<!DOCTYPE test SYSTEM "dtds/766956.dtd">
+<test/>
diff --git a/test/valid/dtds/766956.dtd b/test/valid/dtds/766956.dtd
new file mode 100644
index 00000000..dddde68b
--- /dev/null
+++ b/test/valid/dtds/766956.dtd
@@ -0,0 +1,2 @@
+<!ENTITY % ent "value">
+%ä%ent;
--
2.14.1

34
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch vendored Normal file
View File

@ -0,0 +1,34 @@
From a1fb9a4f511d89f0738b62cabd6d92bfd9eb94a9 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Tue, 28 Jun 2016 14:19:58 +0200
Subject: [PATCH 3/3] Fix comparison with root node in xmlXPathCmpNodes
This change has already been made in xmlXPathCmpNodesExt but not in
xmlXPathCmpNodes.
---
xpath.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/xpath.c b/xpath.c
index 67afbca5..5a01b1b3 100644
--- a/xpath.c
+++ b/xpath.c
@@ -3342,13 +3342,13 @@ xmlXPathCmpNodes(xmlNodePtr node1, xmlNodePtr node2) {
* compute depth to root
*/
for (depth2 = 0, cur = node2;cur->parent != NULL;cur = cur->parent) {
- if (cur == node1)
+ if (cur->parent == node1)
return(1);
depth2++;
}
root = cur;
for (depth1 = 0, cur = node1;cur->parent != NULL;cur = cur->parent) {
- if (cur == node2)
+ if (cur->parent == node2)
return(-1);
depth1++;
}
--
2.14.1

32
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch vendored Normal file
View File

@ -0,0 +1,32 @@
From df4f9bdc7a37908ded8bd1fec4f75509eaa156de Mon Sep 17 00:00:00 2001
From: David Kilzer <ddkilzer@apple.com>
Date: Tue, 4 Jul 2017 18:38:03 +0200
Subject: [PATCH 5/7] Heap-buffer-overflow read of size 1 in
xmlFAParsePosCharGroup
Credit to OSS-Fuzz.
Add a check to xmlFAParseCharRange() for the end of the buffer
to prevent reading past the end of it.
This fixes Bug 784017.
---
xmlregexp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xmlregexp.c b/xmlregexp.c
index ca3b4f46..6676c2a8 100644
--- a/xmlregexp.c
+++ b/xmlregexp.c
@@ -5051,7 +5051,7 @@ xmlFAParseCharRange(xmlRegParserCtxtPtr ctxt) {
return;
}
len = 1;
- } else if ((cur != 0x5B) && (cur != 0x5D)) {
+ } else if ((cur != '\0') && (cur != 0x5B) && (cur != 0x5D)) {
end = CUR_SCHAR(ctxt->cur, len);
} else {
ERROR("Expecting the end of a char range");
--
2.14.1

66
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch vendored Normal file
View File

@ -0,0 +1,66 @@
From 8bc6baccc7da291c2338b8d95953ea487b0b3ca1 Mon Sep 17 00:00:00 2001
From: Alex Henrie <alexhenrie24@gmail.com>
Date: Thu, 26 May 2016 17:38:35 -0600
Subject: [PATCH 2/7] Fix attribute decoding during XML schema validation
For https://bugzilla.gnome.org/show_bug.cgi?id=766834
vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs,
so this function can't call xmlStringLenDecodeEntities to decode the
entities.
---
xmlschemas.c | 30 +++++++++++++++++++++++++-----
1 file changed, 25 insertions(+), 5 deletions(-)
diff --git a/xmlschemas.c b/xmlschemas.c
index e1b3a4f0..59535e5c 100644
--- a/xmlschemas.c
+++ b/xmlschemas.c
@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
* attributes yet.
*/
if (nb_attributes != 0) {
+ int valueLen, k, l;
xmlChar *value;
for (j = 0, i = 0; i < nb_attributes; i++, j += 5) {
@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
* libxml2 differs from normal SAX here in that it escapes all ampersands
* as &#38; instead of delivering the raw converted string. Changing the
* behavior at this point would break applications that use this API, so
- * we are forced to work around it. There is no danger of accidentally
- * decoding some entity other than &#38; in this step because without
- * unescaped ampersands there can be no other entities in the string.
+ * we are forced to work around it.
*/
- value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3],
- attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0);
+ valueLen = attributes[j+4] - attributes[j+3];
+ value = xmlMallocAtomic(valueLen + 1);
+ if (value == NULL) {
+ xmlSchemaVErrMemory(vctxt,
+ "allocating string for decoded attribute",
+ NULL);
+ goto internal_error;
+ }
+ for (k = 0, l = 0; k < valueLen; l++) {
+ if (k < valueLen - 4 &&
+ attributes[j+3][k+0] == '&' &&
+ attributes[j+3][k+1] == '#' &&
+ attributes[j+3][k+2] == '3' &&
+ attributes[j+3][k+3] == '8' &&
+ attributes[j+3][k+4] == ';') {
+ value[l] = '&';
+ k += 5;
+ } else {
+ value[l] = attributes[j+3][k];
+ k++;
+ }
+ }
+ value[l] = '\0';
/*
* TODO: Set the node line.
*/
--
2.14.1

2
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r1.ebuild vendored
View File

@ -36,7 +36,7 @@ RDEPEND="
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline:= )
"
DEPEND="${EDEPEND}
DEPEND="${RDEPEND}
dev-util/gtk-doc-am
virtual/pkgconfig
hppa? ( >=sys-devel/binutils-2.15.92.0.2 )

231
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r2.ebuild vendored Normal file
View File

@ -0,0 +1,231 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
PYTHON_REQ_USE="xml"
inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal
DESCRIPTION="Version 2 of the library to manipulate XML files"
HOMEPAGE="http://www.xmlsoft.org/"
LICENSE="MIT"
SLOT="2"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
IUSE="debug examples icu ipv6 lzma python readline static-libs test"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite"
XSTS_NAME_1="xmlschema2002-01-16"
XSTS_NAME_2="xmlschema2004-01-14"
XSTS_TARBALL_1="xsts-2002-01-16.tar.gz"
XSTS_TARBALL_2="xsts-2004-01-14.tar.gz"
XMLCONF_TARBALL="xmlts20080827.tar.gz"
SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz
test? (
${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1}
${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2}
http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )"
RDEPEND="
>=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}]
icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] )
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline:= )
"
DEPEND="${RDEPEND}
dev-util/gtk-doc-am
virtual/pkgconfig
hppa? ( >=sys-devel/binutils-2.15.92.0.2 )
"
S="${WORKDIR}/${PN}-${PV%_rc*}"
MULTILIB_CHOST_TOOLS=(
/usr/bin/xml2-config
)
src_unpack() {
# ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR,
# as they are needed as tarballs in ${S}/xstc instead and not unpacked
unpack ${P/_rc/-rc}.tar.gz
cd "${S}" || die
if use test; then
cp "${DISTDIR}/${XSTS_TARBALL_1}" \
"${DISTDIR}/${XSTS_TARBALL_2}" \
"${S}"/xstc/ \
|| die "Failed to install test tarballs"
unpack ${XMLCONF_TARBALL}
fi
}
src_prepare() {
default
DOCS=( AUTHORS ChangeLog NEWS README* TODO* )
# Patches needed for prefix support
eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch
eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c
# Fix build for Windows platform
# https://bugzilla.gnome.org/show_bug.cgi?id=760456
eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch
# Disable programs that we don't actually install.
# https://bugzilla.gnome.org/show_bug.cgi?id=760457
eapply "${FILESDIR}"/${PN}-2.9.2-disable-tests.patch
# Fix python detection, bug #567066
# https://bugzilla.gnome.org/show_bug.cgi?id=760458
eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch
# Apply round of security patches wrt bugs
# 589816, 597112, 597114, 597116. This will be included
# in the next upstream release
eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-4658.patch
eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-5131.patch
eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef.patch
eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef2.patch
# Apply round of security patches wrt bugs:
# 599192, 586886, 618604, 622914, 605208, 623206
# This will be included in the next upstream release
eapply "${FILESDIR}"/${P}-CVE-2017-5969.patch
eapply "${FILESDIR}"/${P}-osd-validation.patch
eapply "${FILESDIR}"/${P}-CVE-2017-9049-9050.patch
eapply "${FILESDIR}"/${P}-CVE-2017-9047-9048.patch
eapply "${FILESDIR}"/${P}-heap-buffer-overflow.patch
eapply "${FILESDIR}"/${P}-CVE-2016-9318.patch
eapply "${FILESDIR}"/${P}-CVE-2017-7375.patch
# Avoid final linking arguments for python modules
if [[ ${CHOST} == *-darwin* ]] ; then
sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die
fi
# Please do not remove, as else we get references to PORTAGE_TMPDIR
# in /usr/lib/python?.?/site-packages/libxml2mod.la among things.
# We now need to run eautoreconf at the end to prevent maintainer mode.
# elibtoolize
# epunt_cxx # if we don't eautoreconf
eautoreconf
}
multilib_src_configure() {
# filter seemingly problematic CFLAGS (#26320)
filter-flags -fprefetch-loop-arrays -funroll-loops
# USE zlib support breaks gnome2
# (libgnomeprint for instance fails to compile with
# fresh install, and existing) - <azarah@gentoo.org> (22 Dec 2002).
# The meaning of the 'debug' USE flag does not apply to the --with-debug
# switch (enabling the libxml2 debug module). See bug #100898.
# --with-mem-debug causes unusual segmentation faults (bug #105120).
libxml2_configure() {
ECONF_SOURCE="${S}" econf \
--with-html-subdir=${PF}/html \
$(use_with debug run-debug) \
$(use_with icu) \
$(use_with lzma) \
$(use_enable ipv6) \
$(use_enable static-libs static) \
$(multilib_native_use_with readline) \
$(multilib_native_use_with readline history) \
"$@"
}
libxml2_py_configure() {
mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist
run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130
}
libxml2_configure --without-python # build python bindings separately
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_configure
fi
}
multilib_src_compile() {
default
if multilib_is_native_abi && use python; then
local native_builddir=${BUILD_DIR}
python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all
fi
}
multilib_src_test() {
default
multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test
}
multilib_src_install() {
emake DESTDIR="${D}" \
EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_emake \
DESTDIR="${D}" \
docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \
exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \
install
python_foreach_impl python_optimize
fi
}
multilib_src_install_all() {
# on windows, xmllint is installed by interix libxml2 in parent prefix.
# this is the version to use. the native winnt version does not support
# symlinks, which makes repoman fail if the portage tree is linked in
# from another location (which is my default). -- mduft
if [[ ${CHOST} == *-winnt* ]]; then
rm -rf "${ED}"/usr/bin/xmllint
rm -rf "${ED}"/usr/bin/xmlcatalog
fi
rm -rf "${ED}"/usr/share/doc/${P}
einstalldocs
if ! use examples; then
rm -rf "${ED}"/usr/share/doc/${PF}/examples
rm -rf "${ED}"/usr/share/doc/${PF}/python/examples
fi
prune_libtool_files --modules
}
pkg_postinst() {
# We don't want to do the xmlcatalog during stage1, as xmlcatalog will not
# be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887.
if [[ "${ROOT}" != "/" ]]; then
elog "Skipping XML catalog creation for stage building (bug #208887)."
else
# need an XML catalog, so no-one writes to a non-existent one
CATALOG="${EROOT}etc/xml/catalog"
# we dont want to clobber an existing catalog though,
# only ensure that one is there
# <obz@gentoo.org>
if [[ ! -e ${CATALOG} ]]; then
[[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml"
"${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}"
einfo "Created XML catalog in ${CATALOG}"
fi
fi
}
libxml2_py_emake() {
pushd "${BUILD_DIR}/python" > /dev/null || die
emake "$@"
popd > /dev/null
}

239
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r3.ebuild vendored Normal file
View File

@ -0,0 +1,239 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
PYTHON_REQ_USE="xml"
inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal
DESCRIPTION="Version 2 of the library to manipulate XML files"
HOMEPAGE="http://www.xmlsoft.org/"
LICENSE="MIT"
SLOT="2"
KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
IUSE="debug examples icu ipv6 lzma python readline static-libs test"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite"
XSTS_NAME_1="xmlschema2002-01-16"
XSTS_NAME_2="xmlschema2004-01-14"
XSTS_TARBALL_1="xsts-2002-01-16.tar.gz"
XSTS_TARBALL_2="xsts-2004-01-14.tar.gz"
XMLCONF_TARBALL="xmlts20080827.tar.gz"
SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz
test? (
${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1}
${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2}
http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )"
RDEPEND="
>=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}]
icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] )
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline:= )
"
DEPEND="${RDEPEND}
dev-util/gtk-doc-am
virtual/pkgconfig
hppa? ( >=sys-devel/binutils-2.15.92.0.2 )
"
S="${WORKDIR}/${PN}-${PV%_rc*}"
MULTILIB_CHOST_TOOLS=(
/usr/bin/xml2-config
)
src_unpack() {
# ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR,
# as they are needed as tarballs in ${S}/xstc instead and not unpacked
unpack ${P/_rc/-rc}.tar.gz
cd "${S}" || die
if use test; then
cp "${DISTDIR}/${XSTS_TARBALL_1}" \
"${DISTDIR}/${XSTS_TARBALL_2}" \
"${S}"/xstc/ \
|| die "Failed to install test tarballs"
unpack ${XMLCONF_TARBALL}
fi
}
src_prepare() {
default
DOCS=( AUTHORS ChangeLog NEWS README* TODO* )
# Patches needed for prefix support
eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch
eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c
# Fix build for Windows platform
# https://bugzilla.gnome.org/show_bug.cgi?id=760456
eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch
# Disable programs that we don't actually install.
# https://bugzilla.gnome.org/show_bug.cgi?id=760457
eapply "${FILESDIR}"/${PN}-2.9.2-disable-tests.patch
# Fix python detection, bug #567066
# https://bugzilla.gnome.org/show_bug.cgi?id=760458
eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch
# Apply round of security patches wrt bugs
# 589816, 597112, 597114, 597116. This will be included
# in the next upstream release
eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-4658.patch
eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-5131.patch
eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef.patch
eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef2.patch
# Apply round of security patches wrt bugs:
# 599192, 586886, 618604, 622914, 605208, 623206
# This will be included in the next upstream release
eapply "${FILESDIR}"/${P}-CVE-2017-5969.patch
eapply "${FILESDIR}"/${P}-osd-validation.patch
eapply "${FILESDIR}"/${P}-CVE-2017-9049-9050.patch
eapply "${FILESDIR}"/${P}-CVE-2017-9047-9048.patch
eapply "${FILESDIR}"/${P}-heap-buffer-overflow.patch
eapply "${FILESDIR}"/${P}-CVE-2016-9318.patch
eapply "${FILESDIR}"/${P}-CVE-2017-7375.patch
eapply "${FILESDIR}"/${P}-CVE-2017-0663.patch
# More patche stolen from Debian patch stack
eapply "${FILESDIR}"/${P}-CVE-2017-7376.patch
eapply "${FILESDIR}"/${P}-fix-root-node-cmp.patch
# After all the patching this test still fails:
rm "${S}"/test/errors10/781205.xml || die
# Avoid final linking arguments for python modules
if [[ ${CHOST} == *-darwin* ]] ; then
sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die
fi
# Please do not remove, as else we get references to PORTAGE_TMPDIR
# in /usr/lib/python?.?/site-packages/libxml2mod.la among things.
# We now need to run eautoreconf at the end to prevent maintainer mode.
# elibtoolize
# epunt_cxx # if we don't eautoreconf
eautoreconf
}
multilib_src_configure() {
# filter seemingly problematic CFLAGS (#26320)
filter-flags -fprefetch-loop-arrays -funroll-loops
# USE zlib support breaks gnome2
# (libgnomeprint for instance fails to compile with
# fresh install, and existing) - <azarah@gentoo.org> (22 Dec 2002).
# The meaning of the 'debug' USE flag does not apply to the --with-debug
# switch (enabling the libxml2 debug module). See bug #100898.
# --with-mem-debug causes unusual segmentation faults (bug #105120).
libxml2_configure() {
ECONF_SOURCE="${S}" econf \
--with-html-subdir=${PF}/html \
$(use_with debug run-debug) \
$(use_with icu) \
$(use_with lzma) \
$(use_enable ipv6) \
$(use_enable static-libs static) \
$(multilib_native_use_with readline) \
$(multilib_native_use_with readline history) \
"$@"
}
libxml2_py_configure() {
mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist
run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130
}
libxml2_configure --without-python # build python bindings separately
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_configure
fi
}
multilib_src_compile() {
default
if multilib_is_native_abi && use python; then
local native_builddir=${BUILD_DIR}
python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all
fi
}
multilib_src_test() {
emake check
multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test
}
multilib_src_install() {
emake DESTDIR="${D}" \
EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_emake \
DESTDIR="${D}" \
docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \
exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \
install
python_foreach_impl python_optimize
fi
}
multilib_src_install_all() {
# on windows, xmllint is installed by interix libxml2 in parent prefix.
# this is the version to use. the native winnt version does not support
# symlinks, which makes repoman fail if the portage tree is linked in
# from another location (which is my default). -- mduft
if [[ ${CHOST} == *-winnt* ]]; then
rm -rf "${ED}"/usr/bin/xmllint
rm -rf "${ED}"/usr/bin/xmlcatalog
fi
rm -rf "${ED}"/usr/share/doc/${P}
einstalldocs
if ! use examples; then
rm -rf "${ED}"/usr/share/doc/${PF}/examples
rm -rf "${ED}"/usr/share/doc/${PF}/python/examples
fi
prune_libtool_files --modules
}
pkg_postinst() {
# We don't want to do the xmlcatalog during stage1, as xmlcatalog will not
# be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887.
if [[ "${ROOT}" != "/" ]]; then
elog "Skipping XML catalog creation for stage building (bug #208887)."
else
# need an XML catalog, so no-one writes to a non-existent one
CATALOG="${EROOT}etc/xml/catalog"
# we dont want to clobber an existing catalog though,
# only ensure that one is there
# <obz@gentoo.org>
if [[ ! -e ${CATALOG} ]]; then
[[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml"
"${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}"
einfo "Created XML catalog in ${CATALOG}"
fi
fi
}
libxml2_py_emake() {
pushd "${BUILD_DIR}/python" > /dev/null || die
emake "$@"
popd > /dev/null
}

208
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.5.ebuild vendored Normal file
View File

@ -0,0 +1,208 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
PYTHON_REQ_USE="xml"
inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal
DESCRIPTION="Version 2 of the library to manipulate XML files"
HOMEPAGE="http://www.xmlsoft.org/"
LICENSE="MIT"
SLOT="2"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
IUSE="debug examples icu ipv6 lzma python readline static-libs test"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite"
XSTS_NAME_1="xmlschema2002-01-16"
XSTS_NAME_2="xmlschema2004-01-14"
XSTS_TARBALL_1="xsts-2002-01-16.tar.gz"
XSTS_TARBALL_2="xsts-2004-01-14.tar.gz"
XMLCONF_TARBALL="xmlts20080827.tar.gz"
SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz
test? (
${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1}
${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2}
http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )"
RDEPEND="
>=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}]
icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] )
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline:= )
"
DEPEND="${RDEPEND}
dev-util/gtk-doc-am
virtual/pkgconfig
hppa? ( >=sys-devel/binutils-2.15.92.0.2 )
"
S="${WORKDIR}/${PN}-${PV%_rc*}"
MULTILIB_CHOST_TOOLS=(
/usr/bin/xml2-config
)
src_unpack() {
# ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR,
# as they are needed as tarballs in ${S}/xstc instead and not unpacked
unpack ${P/_rc/-rc}.tar.gz
cd "${S}" || die
if use test; then
cp "${DISTDIR}/${XSTS_TARBALL_1}" \
"${DISTDIR}/${XSTS_TARBALL_2}" \
"${S}"/xstc/ \
|| die "Failed to install test tarballs"
unpack ${XMLCONF_TARBALL}
fi
}
src_prepare() {
default
DOCS=( AUTHORS ChangeLog NEWS README* TODO* )
# Patches needed for prefix support
eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch
eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c
# Fix build for Windows platform
# https://bugzilla.gnome.org/show_bug.cgi?id=760456
eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch
# Fix python detection, bug #567066
# https://bugzilla.gnome.org/show_bug.cgi?id=760458
eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch
# Avoid final linking arguments for python modules
if [[ ${CHOST} == *-darwin* ]] ; then
sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die
fi
# Please do not remove, as else we get references to PORTAGE_TMPDIR
# in /usr/lib/python?.?/site-packages/libxml2mod.la among things.
# We now need to run eautoreconf at the end to prevent maintainer mode.
# elibtoolize
# epunt_cxx # if we don't eautoreconf
eautoreconf
}
multilib_src_configure() {
# filter seemingly problematic CFLAGS (#26320)
filter-flags -fprefetch-loop-arrays -funroll-loops
# USE zlib support breaks gnome2
# (libgnomeprint for instance fails to compile with
# fresh install, and existing) - <azarah@gentoo.org> (22 Dec 2002).
# The meaning of the 'debug' USE flag does not apply to the --with-debug
# switch (enabling the libxml2 debug module). See bug #100898.
# --with-mem-debug causes unusual segmentation faults (bug #105120).
libxml2_configure() {
ECONF_SOURCE="${S}" econf \
--with-html-subdir=${PF}/html \
$(use_with debug run-debug) \
$(use_with icu) \
$(use_with lzma) \
$(use_enable ipv6) \
$(use_enable static-libs static) \
$(multilib_native_use_with readline) \
$(multilib_native_use_with readline history) \
"$@"
}
libxml2_py_configure() {
mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist
run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130
}
libxml2_configure --without-python # build python bindings separately
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_configure
fi
}
multilib_src_compile() {
default
if multilib_is_native_abi && use python; then
local native_builddir=${BUILD_DIR}
python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all
fi
}
multilib_src_test() {
emake check
multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test
}
multilib_src_install() {
emake DESTDIR="${D}" \
EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_emake \
DESTDIR="${D}" \
docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \
exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \
install
python_foreach_impl python_optimize
fi
}
multilib_src_install_all() {
# on windows, xmllint is installed by interix libxml2 in parent prefix.
# this is the version to use. the native winnt version does not support
# symlinks, which makes repoman fail if the portage tree is linked in
# from another location (which is my default). -- mduft
if [[ ${CHOST} == *-winnt* ]]; then
rm -rf "${ED}"/usr/bin/xmllint
rm -rf "${ED}"/usr/bin/xmlcatalog
fi
rm -rf "${ED}"/usr/share/doc/${P}
einstalldocs
if ! use examples; then
rm -rf "${ED}"/usr/share/doc/${PF}/examples
rm -rf "${ED}"/usr/share/doc/${PF}/python/examples
fi
prune_libtool_files --modules
}
pkg_postinst() {
# We don't want to do the xmlcatalog during stage1, as xmlcatalog will not
# be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887.
if [[ "${ROOT}" != "/" ]]; then
elog "Skipping XML catalog creation for stage building (bug #208887)."
else
# need an XML catalog, so no-one writes to a non-existent one
CATALOG="${EROOT}etc/xml/catalog"
# we dont want to clobber an existing catalog though,
# only ensure that one is there
# <obz@gentoo.org>
if [[ ! -e ${CATALOG} ]]; then
[[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml"
"${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}"
einfo "Created XML catalog in ${CATALOG}"
fi
fi
}
libxml2_py_emake() {
pushd "${BUILD_DIR}/python" > /dev/null || die
emake "$@"
popd > /dev/null
}

208
sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.6.ebuild vendored Normal file
View File

@ -0,0 +1,208 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
PYTHON_REQ_USE="xml"
inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal
DESCRIPTION="Version 2 of the library to manipulate XML files"
HOMEPAGE="http://www.xmlsoft.org/"
LICENSE="MIT"
SLOT="2"
KEYWORDS="alpha ~amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt"
IUSE="debug examples icu ipv6 lzma python readline static-libs test"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite"
XSTS_NAME_1="xmlschema2002-01-16"
XSTS_NAME_2="xmlschema2004-01-14"
XSTS_TARBALL_1="xsts-2002-01-16.tar.gz"
XSTS_TARBALL_2="xsts-2004-01-14.tar.gz"
XMLCONF_TARBALL="xmlts20080827.tar.gz"
SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz
test? (
${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1}
${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2}
http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )"
RDEPEND="
>=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}]
icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] )
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline:= )
"
DEPEND="${RDEPEND}
dev-util/gtk-doc-am
virtual/pkgconfig
hppa? ( >=sys-devel/binutils-2.15.92.0.2 )
"
S="${WORKDIR}/${PN}-${PV%_rc*}"
MULTILIB_CHOST_TOOLS=(
/usr/bin/xml2-config
)
src_unpack() {
# ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR,
# as they are needed as tarballs in ${S}/xstc instead and not unpacked
unpack ${P/_rc/-rc}.tar.gz
cd "${S}" || die
if use test; then
cp "${DISTDIR}/${XSTS_TARBALL_1}" \
"${DISTDIR}/${XSTS_TARBALL_2}" \
"${S}"/xstc/ \
|| die "Failed to install test tarballs"
unpack ${XMLCONF_TARBALL}
fi
}
src_prepare() {
default
DOCS=( AUTHORS ChangeLog NEWS README* TODO* )
# Patches needed for prefix support
eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch
eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c
# Fix build for Windows platform
# https://bugzilla.gnome.org/show_bug.cgi?id=760456
eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch
# Fix python detection, bug #567066
# https://bugzilla.gnome.org/show_bug.cgi?id=760458
eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch
# Avoid final linking arguments for python modules
if [[ ${CHOST} == *-darwin* ]] ; then
sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die
fi
# Please do not remove, as else we get references to PORTAGE_TMPDIR
# in /usr/lib/python?.?/site-packages/libxml2mod.la among things.
# We now need to run eautoreconf at the end to prevent maintainer mode.
# elibtoolize
# epunt_cxx # if we don't eautoreconf
eautoreconf
}
multilib_src_configure() {
# filter seemingly problematic CFLAGS (#26320)
filter-flags -fprefetch-loop-arrays -funroll-loops
# USE zlib support breaks gnome2
# (libgnomeprint for instance fails to compile with
# fresh install, and existing) - <azarah@gentoo.org> (22 Dec 2002).
# The meaning of the 'debug' USE flag does not apply to the --with-debug
# switch (enabling the libxml2 debug module). See bug #100898.
# --with-mem-debug causes unusual segmentation faults (bug #105120).
libxml2_configure() {
ECONF_SOURCE="${S}" econf \
--with-html-subdir=${PF}/html \
$(use_with debug run-debug) \
$(use_with icu) \
$(use_with lzma) \
$(use_enable ipv6) \
$(use_enable static-libs static) \
$(multilib_native_use_with readline) \
$(multilib_native_use_with readline history) \
"$@"
}
libxml2_py_configure() {
mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist
run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130
}
libxml2_configure --without-python # build python bindings separately
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_configure
fi
}
multilib_src_compile() {
default
if multilib_is_native_abi && use python; then
local native_builddir=${BUILD_DIR}
python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all
fi
}
multilib_src_test() {
emake check
multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test
}
multilib_src_install() {
emake DESTDIR="${D}" \
EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install
if multilib_is_native_abi && use python; then
python_foreach_impl libxml2_py_emake \
DESTDIR="${D}" \
docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \
exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \
install
python_foreach_impl python_optimize
fi
}
multilib_src_install_all() {
# on windows, xmllint is installed by interix libxml2 in parent prefix.
# this is the version to use. the native winnt version does not support
# symlinks, which makes repoman fail if the portage tree is linked in
# from another location (which is my default). -- mduft
if [[ ${CHOST} == *-winnt* ]]; then
rm -rf "${ED}"/usr/bin/xmllint
rm -rf "${ED}"/usr/bin/xmlcatalog
fi
rm -rf "${ED}"/usr/share/doc/${P}
einstalldocs
if ! use examples; then
rm -rf "${ED}"/usr/share/doc/${PF}/examples
rm -rf "${ED}"/usr/share/doc/${PF}/python/examples
fi
prune_libtool_files --modules
}
pkg_postinst() {
# We don't want to do the xmlcatalog during stage1, as xmlcatalog will not
# be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887.
if [[ "${ROOT}" != "/" ]]; then
elog "Skipping XML catalog creation for stage building (bug #208887)."
else
# need an XML catalog, so no-one writes to a non-existent one
CATALOG="${EROOT}etc/xml/catalog"
# we dont want to clobber an existing catalog though,
# only ensure that one is there
# <obz@gentoo.org>
if [[ ! -e ${CATALOG} ]]; then
[[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml"
"${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}"
einfo "Created XML catalog in ${CATALOG}"
fi
fi
}
libxml2_py_emake() {
pushd "${BUILD_DIR}/python" > /dev/null || die
emake "$@"
popd > /dev/null
}

49
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-28.xml vendored Normal file
View File

@ -0,0 +1,49 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201710-28">
<title>Jython: Arbitrary code execution</title>
<synopsis>A vulnerability in Jython may lead to arbitrary code execution.
</synopsis>
<product type="ebuild">Jython</product>
<announced>2017-10-29</announced>
<revised>2017-10-29: 1</revised>
<bug>621876</bug>
<access>remote</access>
<affected>
<package name="dev-java/jython" auto="yes" arch="*">
<unaffected range="ge">2.7.0-r2</unaffected>
<vulnerable range="lt">2.7.0-r2</vulnerable>
</package>
</affected>
<background>
<p>An implementation of Python written in Java.</p>
</background>
<description>
<p>It was found that Jython is vulnerable to arbitrary code execution by
sending a serialized function to the deserializer.
</p>
</description>
<impact type="normal">
<p>Remote execution of arbitrary code by enticing a user to execute
malicious code.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Jython users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=dev-java/jython-2.7.0-r2"
</code>
</resolution>
<references>
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000">
CVE-2016-4000
</uri>
</references>
<metadata tag="requester" timestamp="2017-10-26T13:31:13Z">jmbailey</metadata>
<metadata tag="submitter" timestamp="2017-10-29T17:17:48Z">jmbailey</metadata>
</glsa>

58
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-29.xml vendored Normal file
View File

@ -0,0 +1,58 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201710-29">
<title>Asterisk: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in Asterisk, the worst of
which allows remote execution of arbitrary shell commands.
</synopsis>
<product type="ebuild">asterisk</product>
<announced>2017-10-29</announced>
<revised>2017-10-29: 1</revised>
<bug>629682</bug>
<bug>629692</bug>
<bug>633856</bug>
<access>remote</access>
<affected>
<package name="net-misc/asterisk" auto="yes" arch="*">
<unaffected range="ge">11.25.3</unaffected>
<vulnerable range="lt">11.25.3</vulnerable>
</package>
</affected>
<background>
<p>A Modular Open Source PBX System.</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in Asterisk. Please review
the referenced CVE identifiers for details.
</p>
</description>
<impact type="normal">
<p>A remote attacker could execute arbitrary code, cause a denial of
service condition, or cause an unauthorized data disclosure by enticing a
user to run malicious code.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Asterisk users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=net-misc/asterisk-13.17.2"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14098">CVE-2017-14098</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14099">
CVE-2017-14099
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14100">
CVE-2017-14100
</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14603">CVE-2017-14603</uri>
</references>
<metadata tag="requester" timestamp="2017-10-26T14:19:30Z">jmbailey</metadata>
<metadata tag="submitter" timestamp="2017-10-29T19:14:13Z">jmbailey</metadata>
</glsa>

63
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-30.xml vendored Normal file
View File

@ -0,0 +1,63 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201710-30">
<title>X.Org Server: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in X.Org Server the worst
of which could allow a local attacker to replace shared memory segments.
</synopsis>
<product type="ebuild">X.Org Server</product>
<announced>2017-10-29</announced>
<revised>2017-10-29: 1</revised>
<bug>493294</bug>
<bug>611350</bug>
<bug>633910</bug>
<access>local</access>
<affected>
<package name="x11-base/xorg-server" auto="yes" arch="*">
<unaffected range="ge">1.19.4</unaffected>
<vulnerable range="lt">1.19.4</vulnerable>
</package>
</affected>
<background>
<p>The X.Org project provides an open source implementation of the X Window
System.
</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in X.Org Server. Please
review the referenced CVE identifiers for details.
</p>
</description>
<impact type="normal">
<p>A local attacker could cause a global buffer overflow or a Denial of
Service condition.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time</p>
</workaround>
<resolution>
<p>All X.Org Server users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=x11-base/xorg-server-1.19.4"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6424">
CVE-2013-6424
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13721">
CVE-2017-13721
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13723">
CVE-2017-13723
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2624">
CVE-2017-2624
</uri>
</references>
<metadata tag="requester" timestamp="2017-10-25T07:28:16Z">jmbailey</metadata>
<metadata tag="submitter" timestamp="2017-10-29T19:44:06Z">jmbailey</metadata>
</glsa>

114
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-31.xml vendored Normal file
View File

@ -0,0 +1,114 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201710-31">
<title>Oracle JDK/JRE: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in Oracle's JDK and JRE
software suites, the worst of which can be remotely exploited without
authentication.
</synopsis>
<product type="ebuild">oracle,jdk,jre</product>
<announced>2017-10-29</announced>
<revised>2017-10-29: 1</revised>
<bug>635030</bug>
<access>remote</access>
<affected>
<package name="dev-java/oracle-jdk-bin" auto="yes" arch="*">
<unaffected range="ge">1.8.0.152-r1</unaffected>
<vulnerable range="lt">1.8.0.152-r1</vulnerable>
</package>
<package name="dev-java/oracle-jre-bin" auto="yes" arch="*">
<unaffected range="ge">1.8.0.152-r1</unaffected>
<vulnerable range="lt">1.8.0.152-r1</vulnerable>
</package>
</affected>
<background>
<p>Java Platform, Standard Edition (Java SE) lets you develop and deploy
Java applications on desktops and servers, as well as in todays
demanding embedded environments. Java offers the rich user interface,
performance, versatility, portability, and security that todays
applications require.
</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in Oracles Java SE.
Please review the referenced CVE identifiers for details.
</p>
</description>
<impact type="normal">
<p>A remote attacker could cause a Denial of Service condition, modify
arbitrary data, or have numerous other impacts.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Oracle JDK users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose
"&gt;=dev-java/oracle-jdk-bin-1.8.0.152-r1"
</code>
<p>All Oracle JRE users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose
"&gt;=dev-java/oracle-jre-bin-1.8.0.152-r1"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10274">
CVE-2017-10274
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10281">
CVE-2017-10281
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10285">
CVE-2017-10285
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10293">
CVE-2017-10293
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10295">
CVE-2017-10295
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10309">
CVE-2017-10309
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10345">
CVE-2017-10345
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10346">
CVE-2017-10346
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10347">
CVE-2017-10347
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10348">
CVE-2017-10348
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10349">
CVE-2017-10349
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10350">
CVE-2017-10350
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10355">
CVE-2017-10355
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10356">
CVE-2017-10356
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10357">
CVE-2017-10357
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10388">
CVE-2017-10388
</uri>
</references>
<metadata tag="requester" timestamp="2017-10-24T17:32:20Z">jmbailey</metadata>
<metadata tag="submitter" timestamp="2017-10-29T22:47:00Z">jmbailey</metadata>
</glsa>

77
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-32.xml vendored Normal file
View File

@ -0,0 +1,77 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201710-32">
<title>Apache: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in Apache, the worst of
which may result in the loss of secrets.
</synopsis>
<product type="ebuild">Apache</product>
<announced>2017-10-29</announced>
<revised>2017-10-29: 1</revised>
<bug>622240</bug>
<bug>624868</bug>
<bug>631308</bug>
<access>remote</access>
<affected>
<package name="www-servers/apache" auto="yes" arch="*">
<unaffected range="ge">2.4.27-r1</unaffected>
<vulnerable range="lt">2.4.27-r1</vulnerable>
</package>
</affected>
<background>
<p>The Apache HTTP server is one of the most popular web servers on the
Internet.
</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in Apache. Please review
the referenced CVE identifiers for details.
</p>
</description>
<impact type="normal">
<p>The Optionsbleed vulnerability can leak arbitrary memory from the server
process that may contain secrets. Additionally attackers may cause a
Denial of Service condition, bypass authentication, or cause information
loss.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Apache users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=www-servers/apache-2.4.27-r1"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3167">
CVE-2017-3167
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3169">
CVE-2017-3169
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7659">
CVE-2017-7659
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7668">
CVE-2017-7668
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7679">
CVE-2017-7679
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9788">
CVE-2017-9788
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9789">
CVE-2017-9789
</uri>
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798">
CVE-2017-9798
</uri>
</references>
<metadata tag="requester" timestamp="2017-10-23T01:26:58Z">jmbailey</metadata>
<metadata tag="submitter" timestamp="2017-10-29T23:04:17Z">jmbailey</metadata>
</glsa>

82
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201711-01.xml vendored Normal file
View File

@ -0,0 +1,82 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201711-01">
<title>libxml2: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in libxml2, the worst of
which could result in the execution of arbitrary code.
</synopsis>
<product type="ebuild">libxml2</product>
<announced>2017-11-10</announced>
<revised>2017-11-10: 2</revised>
<bug>599192</bug>
<bug>605208</bug>
<bug>618604</bug>
<bug>622914</bug>
<bug>623206</bug>
<access>remote</access>
<affected>
<package name="dev-libs/libxml2" auto="yes" arch="*">
<unaffected range="ge">2.9.4-r3</unaffected>
<vulnerable range="lt">2.9.4-r3</vulnerable>
</package>
</affected>
<background>
<p>libxml2 is the XML (eXtended Markup Language) C parser and toolkit
initially developed for the Gnome project.
</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in libxml2. Please review
the CVE identifiers referenced below for details.
</p>
</description>
<impact type="normal">
<p>A remote attacker, by enticing a user to process a specially crafted XML
document, could remotely execute arbitrary code, conduct XML External
Entity (XXE) attacks, or cause a Denial of Service condition.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All libxml2 users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=dev-libs/libxml2-2.9.4-r3"
</code>
<p>Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these packages.
</p>
</resolution>
<references>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9318">
CVE-2016-9318
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0663">
CVE-2017-0663
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5969">
CVE-2017-5969
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7375">
CVE-2017-7375
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9047">
CVE-2017-9047
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9048">
CVE-2017-9048
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9049">
CVE-2017-9049
</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9050">
CVE-2017-9050
</uri>
</references>
<metadata tag="requester" timestamp="2017-10-15T04:17:50Z">chrisadr</metadata>
<metadata tag="submitter" timestamp="2017-11-10T02:24:16Z">b-man</metadata>
</glsa>

2
sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk vendored
View File

@ -1 +1 @@
Mon, 23 Oct 2017 17:39:28 +0000
Fri, 10 Nov 2017 14:38:58 +0000

2
sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit vendored
View File

@ -1 +1 @@
3c64211d24fa5a633310d841c0bd5cddc991cc02 1508723227 2017-10-23T01:47:07+00:00
4ad72e046fa706e5fe66f5299894eb730f6b5bba 1510281582 2017-11-10T02:39:42+00:00

4
sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 vendored
View File

@ -1,5 +1,5 @@
DEFINED_PHASES=compile configure install postinst prepare test unpack
DEPEND=dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DESCRIPTION=Version 2 of the library to manipulate XML files
EAPI=6
HOMEPAGE=http://www.xmlsoft.org/
@ -11,4 +11,4 @@ REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 py
SLOT=2
SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz )
_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af
_md5_=6b4de4049bd7195f4260eab983a878fe
_md5_=2a5a1a0cd641a38ef62a2249076fb157

14
sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r2 vendored Normal file
View File

@ -0,0 +1,14 @@
DEFINED_PHASES=compile configure install postinst prepare test unpack
DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DESCRIPTION=Version 2 of the library to manipulate XML files
EAPI=6
HOMEPAGE=http://www.xmlsoft.org/
IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64
KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt
LICENSE=MIT
RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= )
REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) )
SLOT=2
SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz )
_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af
_md5_=7e332363ad0884f56252a97f3ecb1dbd

14
sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r3 vendored Normal file
View File

@ -0,0 +1,14 @@
DEFINED_PHASES=compile configure install postinst prepare test unpack
DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DESCRIPTION=Version 2 of the library to manipulate XML files
EAPI=6
HOMEPAGE=http://www.xmlsoft.org/
IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64
KEYWORDS=alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt
LICENSE=MIT
RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= )
REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) )
SLOT=2
SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz )
_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af
_md5_=34dff334b06fc41d041d809bcc50b03a

14
sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.5 vendored Normal file
View File

@ -0,0 +1,14 @@
DEFINED_PHASES=compile configure install postinst prepare test unpack
DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DESCRIPTION=Version 2 of the library to manipulate XML files
EAPI=6
HOMEPAGE=http://www.xmlsoft.org/
IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64
KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt
LICENSE=MIT
RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= )
REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) )
SLOT=2
SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.5.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz )
_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af
_md5_=e6b60ac57b7cb77be70a02f10a0c162f

14
sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.6 vendored Normal file
View File

@ -0,0 +1,14 @@
DEFINED_PHASES=compile configure install postinst prepare test unpack
DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
DESCRIPTION=Version 2 of the library to manipulate XML files
EAPI=6
HOMEPAGE=http://www.xmlsoft.org/
IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64
KEYWORDS=alpha ~amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt
LICENSE=MIT
RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= )
REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) )
SLOT=2
SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.6.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz )
_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af
_md5_=b23a32eb7b3c7e9025a9a7c72d048e33