diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest index 64d2d2b090..e95b736e00 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest @@ -1,16 +1,6 @@ -AUX libxml2-2.7.1-catalog_path.patch 2225 SHA256 8ff974c4c3cd04a16741e87247d0a0a63b09bfb0a285c1cc1d7d0aa855142d3c SHA512 bcad080ee84c926c75df8baa47937bdfcfa207235263249f4025e64cbb5ac9be883e1ac4dc1ee55944116da2f84ced27b7cae781aa855579796f3f53a54aacb1 WHIRLPOOL 83e1812e537a7babf1ae694352498628da643db860ebe62021a6b77cc1e3abae35cdbc44d05d889b12adba031b015dfe62c8f19560e45c53a3c3a082cadeabe6 -AUX libxml2-2.8.0_rc1-winnt.patch 2392 SHA256 c18b2c15550b3ff4709a85cd18d16368928319b1b7fd8875dc34acd67076b134 SHA512 e78d010c82f18386b4f0ff84497585755b43416563bccd11f8e4dbf0153ca8842934fe05dce6c2373d8360574a2165795a78ea991682aed9610000d2bfcb0164 WHIRLPOOL a87eefa17ad113ae4aed14744715b4e1781e0869a3bb789bdf4f243bdb3687d0d4b6ee2addc85bf5b2f86b9d1cc442d946f0329011f033e3a7855ae0ad79b745 -AUX libxml2-2.9.2-disable-tests.patch 2118 SHA256 4558ea3360dab8ce500b8f6438c128b9928959dce18cd5667d5403c317c8b3c1 SHA512 b38aa354b949c64da2a1cbe7dcff47f13eaa6c7a88bb34300995b17481d016192174e6f0613c55a351e21835fc2f2f70f87cc27f1fe8be99e8005a2e092a27ef WHIRLPOOL 7fa224dd404750ddacbfb9cde05c4b18c1bf9d7d794e23bfa11a4de316cca7c5df721e4b8bcf1f5d91d7ae3af58e158a4fb1051770634757f9d1b3358d34c7d3 -AUX libxml2-2.9.2-python-ABIFLAG.patch 728 SHA256 088ce998caf80e0861e63c1ae36917797ead8adbadef9d502423ab97a591f70e SHA512 2f801329ad4e13dc70450d41f7659a510fe429b3aa9b66859fed25c4e3d95381d6f253f3a60a54002a16999296d3bd2adaca5e4cca92186492bfc7de3ac84426 WHIRLPOOL 8302c90a647adea89f6baedf726b4af20a9cbd6d0f48bea7d38867f00cdd0dc71fea833419dcaf55b73435d1ba90c552eb49b583652c79dc47c495d61cdc703a -AUX libxml2-2.9.4-CVE-2016-4658.patch 7318 SHA256 7aee52ca24da6c7d36787cded379eaedd34803f8d355e11806b988a25de6a6bb SHA512 7dc42ad219397a6be0b4e50c61d1aa4b44e06b4c0af5f1a63996fa257e6831c624729428ea66ef02118a81ca8360b07f923ad436870364de1081f8a3505d94fc WHIRLPOOL e407d349ee292314de9a63ecaeb8d415362a41df1521ba8533ac1168cd0ed709e38844b72446b6c1b21964fb6c389a499ed545c6c79688f3147e38fb9ec6f6f2 -AUX libxml2-2.9.4-CVE-2016-5131.patch 5038 SHA256 4e0248f5a6877b157b9d736c412d4da7a2c015d58a816b859957efddb8d3c8d4 SHA512 c92cda9851fdf8af6cb21aa80f39b474cddef8c749298f5b51f76f871160ac9749fdaac3fa406cc0c75a666f7627983fce0e90fb2919f3a8c778e1148583be33 WHIRLPOOL 810c79240386e3657dd8451583e57ade7d4b638dabc667c798c1c922f46922ec3687ef7627f7c558e34ae204e751830d7f2ab7891e1c75ab91c3f10e58ccd22a -AUX libxml2-2.9.4-nullptrderef.patch 1577 SHA256 797743ea3d5d4a4ff50d0b9a572daf1db47aea02d5f163ff830019fc78ebbe5a SHA512 4882c75fd13807a842b57771242a3dc10ac9db36f10b7f2b3e96f7e4d1a59127779f73a5062305d80719053d94f6044a0ffd51447fb77fca393738fd1635bfc0 WHIRLPOOL 044a59f26ecbf88916c2f255a99869867880353ed7742ec958ec4feb821b3642a1110034d98c52ca36a9ebca775e2eab7f08b84200abe65675e58ab74ef31fc3 -AUX libxml2-2.9.4-nullptrderef2.patch 1785 SHA256 160459ea5d5fdbd3d7bd842a24075c3a56aeb75a8d7a17e3409e535d0ac7c706 SHA512 406379a787c1bd45f1b3c128c94182250e4200d5a577ae15dab574ce590857124bda896fd677bce1950658a1ff7b4ea6fc95b52a9ea31daf47ab5c66e03460d5 WHIRLPOOL fd94788d1095bdbfd9d707215865ba52f74287aff6251d74f4fbb74677edb18c730c1038f1ace7720213c3a372d09964fc5cd9f77ffbe1114e7e203593aa721b DIST libxml2-2.9.4.tar.gz 5374830 SHA256 ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c SHA512 f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9 WHIRLPOOL 268d3364a3d293810dff060b3ab92042c5550e50dbe9038c4d5b54ea6a22ed77f9572575517ae3bacfe518d634047eb9d5345e903b125e56a3d32ad1ba96dabf +DIST libxml2-2.9.5.tar.gz 5466888 SHA256 4031c1ecee9ce7ba4f313e91ef6284164885cdb69937a123f6a83bb6a72dcd38 SHA512 197dbd1722e5f90eea43837323352f48d215e198aa6b95685645ef7511e2beba8aadc0dd67e099c945120c5dbe7f8c9da5f376b22f447059e9ffa941c1bfd175 WHIRLPOOL 14cfeaa1c18af4e64131505010484b2e64d83d617984c6321b77c4263901b16b24c945eb9af17763fe63048c3910111fdc498fe9183c04ecea9182ea8f9214fa +DIST libxml2-2.9.6.tar.gz 5469624 SHA256 8b9038cca7240e881d462ea391882092dfdc6d4f483f72683e817be08df5ebbc SHA512 5ef80f895374bd5dd3bcd5f00c715795f026bf45d998f8f762c0cdb739b8755e01de40cf853d98a3826eacef95c4adebe4777db11020e8d98d0bda921f55a0ed WHIRLPOOL 1fa2b10f8715f3718863957e6a5173400b42c6587c4602f52c0ae9103fafd7a515c28158c9bc928c532139cd73274f070015c64677434a0a6fa83f0a9e8425ff DIST xmlts20080827.tar.gz 638940 SHA256 96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7 SHA512 7325d0977c4427fc4944b291ccf896a665f654cc24399e5565c12a849c2bc3aef4fa3ee42a09ac115abcb6570c51a8fbd052c38d64d164279ecdecad5a4e884d WHIRLPOOL 50835380c3ea208df0bf9ce032ed2df69c4c6cb5a53ffdd39a08fb4f1d166f311b2ef2fe0d9911ae1ebff92aeb42f6ea55e727dfe0b7a3b95e6c7240315b3eda DIST xsts-2002-01-16.tar.gz 6894439 SHA256 55e5c08db29946a91ea8e70e8f2418d3fd30d8b6777941dfba7f54726ffd9914 SHA512 43300af6d39c1e2221b0ed7318fe14c7464eeb6eb030ed1e22eb29b4ab17f014e2a4c8887c3a46ae5d243e3072da27f00f4e285498ae6f1288177d38d1108288 WHIRLPOOL 84dd51959460a4f8aa582d57ad39229c546ca7fe155012c57c368b59f5d31400d8b940a343a7320058330ca611303139cacdffed514783f96406ac5366026b11 DIST xsts-2004-01-14.tar.gz 2761085 SHA256 09bdf9f81f381ebf9bc158a9472e498e896f7a02eb7461146e9abe1b9493ca17 SHA512 32854388d7e720ad67156baf50bf2bae7bd878ca3e35fd7e44e57cad3f434f69d56bbbedd61509f8a1faf01c9eae74a078df8fe130780b182c05c05cb1c39ebe WHIRLPOOL c46a3bf7d6dd771757f4304995cc177cf51c6cdd0e9778851fc13d3809c7b984690b4f273b3e075abe018110968eb7fc78f5b83170d3e18bacf00a4ed64b213d -EBUILD libxml2-2.9.4-r1.ebuild 6888 SHA256 811600ce79c09d4a7d11e9e9374c5a4cf3fd47774dbd861553fe0e32d1d85aa4 SHA512 0cc6a794816b98970a130b5298f3f957475444af10747b3c4149ebb0fae0ab07bcd293f29e6013d6e8779c5f25f2b4e0c75eb86b86794befa2d4ca050d612381 WHIRLPOOL 485c3371b59195d6862f18df2cb6332871c7d61e2a043a6bfa85f0b088f4a77d8cf3db95c881e151a28e87f2f042ef26be8c7cceae18dee10b525e86d8a3e92f -MISC ChangeLog 9698 SHA256 1b1fb6fa12f27f404c6a5d2e68e56078877a20539e2150d43ceefaa61c31a251 SHA512 7f51ba012043be6cd6c979ffbf47bbed2d7ab2d4ed25fcde2c3baebb29311178c3d873d7ade799ef167fa8fcfa5cfd29379b6a19f72ba04e1594fa5a4dc3783f WHIRLPOOL 801f2f44fdf6411ec8a8b9df790e04fb8824d9b88623398a3d047c69a690dc9c9f071a2a845329403a1b15fb990f8cc61ebad5e34aeff2d869b932adae4d000b -MISC ChangeLog-2015 65422 SHA256 6e4ee4a306e6b8c480f681f1846d7879ac86df55d74401e26f1b7cfc5e05f94d SHA512 e030bc367ffae1c8530e1ad171da60bf7034095d81060cbe4286bf0840ef86d17447e8549fbf3a09f39db9ced5476b3b29630d5495647cbe2d55e11b423aa379 WHIRLPOOL 279cff12baa7a881967812c7bf76b54297a39144e2fc9291053662f463faff68db5a8b6420267031ee1afb979669e823989063bf0ac2c7cc820927d6bdfe555c -MISC metadata.xml 347 SHA256 f67239ca2e57c9729d3be4e84d03d474e382b53c89371617fd97acd8494a5fe7 SHA512 6a094316da6ea1fb160b539788923a2dc01d7ef6304f924f628a438714663a51c8d1adaa97800516a64055a8adf6999ae2899b5a976db680967dcc298e22444d WHIRLPOOL 24e14b8ca1c048a589aec596a844a7e9b9bbf52964b3dd26bab7c03b7ed762f0ea0abbb0832b1fb6c94b7a4cff92b921e61bce9461db3368ab95003501cd3e50 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch index a996bf64a1..a231269b4b 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.2-disable-tests.patch @@ -25,7 +25,7 @@ do not build test programs as we don't install them #testOOM_LDADD= $(LDADDS) -runtests: -+runtests: check_PROGRAMS ++runtests: $(check_PROGRAMS) [ -d test ] || $(LN_S) $(srcdir)/test . [ -d result ] || $(LN_S) $(srcdir)/result . $(CHECKER) ./runtest$(EXEEXT) && $(CHECKER) ./testrecurse$(EXEEXT) &&$(CHECKER) ./testapi$(EXEEXT) && $(CHECKER) ./testchar$(EXEEXT)&& $(CHECKER) ./testdict$(EXEEXT) && $(CHECKER) ./runxmlconf$(EXEEXT) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch new file mode 100644 index 0000000000..5d1adb014a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch @@ -0,0 +1,202 @@ +From 292be65a52ab9e0eb3a53b4e0be5a57bc6de59d3 Mon Sep 17 00:00:00 2001 +From: Doran Moppert +Date: Fri, 7 Apr 2017 16:45:56 +0200 +Subject: [PATCH 6/7] Add an XML_PARSE_NOXXE flag to block all entities loading + even local + +For https://bugzilla.gnome.org/show_bug.cgi?id=772726 + +* include/libxml/parser.h: Add a new parser flag XML_PARSE_NOXXE +* elfgcchack.h, xmlIO.h, xmlIO.c: associated loading routine +* include/libxml/xmlerror.h: new error raised +* xmllint.c: adds --noxxe flag to activate the option +--- + elfgcchack.h | 10 ++++++++++ + include/libxml/parser.h | 3 ++- + include/libxml/xmlIO.h | 8 ++++++++ + include/libxml/xmlerror.h | 1 + + parser.c | 4 ++++ + xmlIO.c | 40 +++++++++++++++++++++++++++++++++++----- + xmllint.c | 5 +++++ + 7 files changed, 65 insertions(+), 6 deletions(-) + +diff --git a/elfgcchack.h b/elfgcchack.h +index 8c52884a..1b81dcde 100644 +--- a/elfgcchack.h ++++ b/elfgcchack.h +@@ -6547,6 +6547,16 @@ extern __typeof (xmlNoNetExternalEntityLoader) xmlNoNetExternalEntityLoader__int + #endif + #endif + ++#ifdef bottom_xmlIO ++#undef xmlNoXxeExternalEntityLoader ++extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader __attribute((alias("xmlNoXxeExternalEntityLoader__internal_alias"))); ++#else ++#ifndef xmlNoXxeExternalEntityLoader ++extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader__internal_alias __attribute((visibility("hidden"))); ++#define xmlNoXxeExternalEntityLoader xmlNoXxeExternalEntityLoader__internal_alias ++#endif ++#endif ++ + #ifdef bottom_tree + #undef xmlNodeAddContent + extern __typeof (xmlNodeAddContent) xmlNodeAddContent __attribute((alias("xmlNodeAddContent__internal_alias"))); +diff --git a/include/libxml/parser.h b/include/libxml/parser.h +index 47fbec03..63ca1b97 100644 +--- a/include/libxml/parser.h ++++ b/include/libxml/parser.h +@@ -1111,7 +1111,8 @@ typedef enum { + XML_PARSE_HUGE = 1<<19,/* relax any hardcoded limit from the parser */ + XML_PARSE_OLDSAX = 1<<20,/* parse using SAX2 interface before 2.7.0 */ + XML_PARSE_IGNORE_ENC= 1<<21,/* ignore internal document encoding hint */ +- XML_PARSE_BIG_LINES = 1<<22 /* Store big lines numbers in text PSVI field */ ++ XML_PARSE_BIG_LINES = 1<<22,/* Store big lines numbers in text PSVI field */ ++ XML_PARSE_NOXXE = 1<<23 /* Forbid any external entity loading */ + } xmlParserOption; + + XMLPUBFUN void XMLCALL +diff --git a/include/libxml/xmlIO.h b/include/libxml/xmlIO.h +index 3e41744d..8d3fdef5 100644 +--- a/include/libxml/xmlIO.h ++++ b/include/libxml/xmlIO.h +@@ -299,6 +299,14 @@ XMLPUBFUN xmlParserInputPtr XMLCALL + const char *ID, + xmlParserCtxtPtr ctxt); + ++/* ++ * A predefined entity loader external entity expansion ++ */ ++XMLPUBFUN xmlParserInputPtr XMLCALL ++ xmlNoXxeExternalEntityLoader (const char *URL, ++ const char *ID, ++ xmlParserCtxtPtr ctxt); ++ + /* + * xmlNormalizeWindowsPath is obsolete, don't use it. + * Check xmlCanonicPath in uri.h for a better alternative. +diff --git a/include/libxml/xmlerror.h b/include/libxml/xmlerror.h +index 037c16d5..3036062d 100644 +--- a/include/libxml/xmlerror.h ++++ b/include/libxml/xmlerror.h +@@ -470,6 +470,7 @@ typedef enum { + XML_IO_EADDRINUSE, /* 1554 */ + XML_IO_EALREADY, /* 1555 */ + XML_IO_EAFNOSUPPORT, /* 1556 */ ++ XML_IO_ILLEGAL_XXE, /* 1557 */ + XML_XINCLUDE_RECURSION=1600, + XML_XINCLUDE_PARSE_VALUE, /* 1601 */ + XML_XINCLUDE_ENTITY_DEF_MISMATCH, /* 1602 */ +diff --git a/parser.c b/parser.c +index b832406a..8e11c127 100644 +--- a/parser.c ++++ b/parser.c +@@ -15352,6 +15352,10 @@ xmlCtxtUseOptionsInternal(xmlParserCtxtPtr ctxt, int options, const char *encodi + ctxt->options |= XML_PARSE_NONET; + options -= XML_PARSE_NONET; + } ++ if (options & XML_PARSE_NOXXE) { ++ ctxt->options |= XML_PARSE_NOXXE; ++ options -= XML_PARSE_NOXXE; ++ } + if (options & XML_PARSE_COMPACT) { + ctxt->options |= XML_PARSE_COMPACT; + options -= XML_PARSE_COMPACT; +diff --git a/xmlIO.c b/xmlIO.c +index 6e61f45a..34881461 100644 +--- a/xmlIO.c ++++ b/xmlIO.c +@@ -212,6 +212,7 @@ static const char *IOerr[] = { + "adddress in use", /* EADDRINUSE */ + "already in use", /* EALREADY */ + "unknown address familly", /* EAFNOSUPPORT */ ++ "Attempt to load external entity %s", /* XML_IO_ILLEGAL_XXE */ + }; + + #if defined(_WIN32) || defined (__DJGPP__) && !defined (__CYGWIN__) +@@ -4057,13 +4058,22 @@ xmlDefaultExternalEntityLoader(const char *URL, const char *ID, + xmlGenericError(xmlGenericErrorContext, + "xmlDefaultExternalEntityLoader(%s, xxx)\n", URL); + #endif +- if ((ctxt != NULL) && (ctxt->options & XML_PARSE_NONET)) { ++ if (ctxt != NULL) { + int options = ctxt->options; + +- ctxt->options -= XML_PARSE_NONET; +- ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt); +- ctxt->options = options; +- return(ret); ++ if (options & XML_PARSE_NOXXE) { ++ ctxt->options -= XML_PARSE_NOXXE; ++ ret = xmlNoXxeExternalEntityLoader(URL, ID, ctxt); ++ ctxt->options = options; ++ return(ret); ++ } ++ ++ if (options & XML_PARSE_NONET) { ++ ctxt->options -= XML_PARSE_NONET; ++ ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt); ++ ctxt->options = options; ++ return(ret); ++ } + } + #ifdef LIBXML_CATALOG_ENABLED + resource = xmlResolveResourceFromCatalog(URL, ID, ctxt); +@@ -4164,6 +4174,13 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID, + xmlParserInputPtr input = NULL; + xmlChar *resource = NULL; + ++ if (ctxt == NULL) { ++ return(NULL); ++ } ++ if (ctxt->input_id == 1) { ++ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt); ++ } ++ + #ifdef LIBXML_CATALOG_ENABLED + resource = xmlResolveResourceFromCatalog(URL, ID, ctxt); + #endif +@@ -4186,5 +4203,18 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID, + return(input); + } + ++xmlParserInputPtr ++xmlNoXxeExternalEntityLoader(const char *URL, const char *ID, ++ xmlParserCtxtPtr ctxt) { ++ if (ctxt == NULL) { ++ return(NULL); ++ } ++ if (ctxt->input_id == 1) { ++ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt); ++ } ++ xmlIOErr(XML_IO_ILLEGAL_XXE, (const char *) URL); ++ return(NULL); ++} ++ + #define bottom_xmlIO + #include "elfgcchack.h" +diff --git a/xmllint.c b/xmllint.c +index f8eb7ec4..8f304cda 100644 +--- a/xmllint.c ++++ b/xmllint.c +@@ -3019,6 +3019,7 @@ static void usage(const char *name) { + printf("\t--path 'paths': provide a set of paths for resources\n"); + printf("\t--load-trace : print trace of all external entities loaded\n"); + printf("\t--nonet : refuse to fetch DTDs or entities over network\n"); ++ printf("\t--noxxe : forbid any external entity loading\n"); + printf("\t--nocompact : do not generate compact text nodes\n"); + printf("\t--htmlout : output results as HTML\n"); + printf("\t--nowrap : do not put HTML doc wrapper\n"); +@@ -3461,6 +3462,10 @@ main(int argc, char **argv) { + (!strcmp(argv[i], "--nonet"))) { + options |= XML_PARSE_NONET; + xmlSetExternalEntityLoader(xmlNoNetExternalEntityLoader); ++ } else if ((!strcmp(argv[i], "-noxxe")) || ++ (!strcmp(argv[i], "--noxxe"))) { ++ options |= XML_PARSE_NOXXE; ++ xmlSetExternalEntityLoader(xmlNoXxeExternalEntityLoader); + } else if ((!strcmp(argv[i], "-nocompact")) || + (!strcmp(argv[i], "--nocompact"))) { + options &= ~XML_PARSE_COMPACT; +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch new file mode 100644 index 0000000000..517e178a53 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch @@ -0,0 +1,43 @@ +From d815758b6a8c9dee8155268e49b5ef3b80135a14 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 6 Jun 2017 12:56:28 +0200 +Subject: [PATCH 1/3] Fix type confusion in xmlValidateOneNamespace + +Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on +namespace declarations make no practical sense anyway. + +Fixes bug 780228. + +Found with libFuzzer and ASan. +--- + valid.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/valid.c b/valid.c +index 8075d3a0..c51ea290 100644 +--- a/valid.c ++++ b/valid.c +@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { + } + } + ++ /* ++ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions ++ * xmlAddID and xmlAddRef for namespace declarations, but it makes ++ * no practical sense to use ID types anyway. ++ */ ++#if 0 + /* Validity Constraint: ID uniqueness */ + if (attrDecl->atype == XML_ATTRIBUTE_ID) { + if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) +@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { + if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) + ret = 0; + } ++#endif + + /* Validity Constraint: Notation Attributes */ + if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) { +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch new file mode 100644 index 0000000000..4d1362f2f9 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch @@ -0,0 +1,63 @@ +From 8952ce48a5fa1d3de1f087f10e8b6e47bb59f4e3 Mon Sep 17 00:00:00 2001 +From: Daniel Veillard +Date: Wed, 7 Jun 2017 16:47:36 +0200 +Subject: [PATCH 1/7] Fix NULL pointer deref in xmlDumpElementContent + +Can only be triggered in recovery mode. + +Fixes bug 758422 (CVE-2017-5969). +--- + valid.c | 24 ++++++++++++++---------- + 1 file changed, 14 insertions(+), 10 deletions(-) + +diff --git a/valid.c b/valid.c +index 19f84b82..0a8e58ab 100644 +--- a/valid.c ++++ b/valid.c +@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, xmlElementContentPtr content, int glob) + xmlBufferWriteCHAR(buf, content->name); + break; + case XML_ELEMENT_CONTENT_SEQ: +- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || +- (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) ++ if ((content->c1 != NULL) && ++ ((content->c1->type == XML_ELEMENT_CONTENT_OR) || ++ (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) + xmlDumpElementContent(buf, content->c1, 1); + else + xmlDumpElementContent(buf, content->c1, 0); + xmlBufferWriteChar(buf, " , "); +- if ((content->c2->type == XML_ELEMENT_CONTENT_OR) || +- ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && +- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) ++ if ((content->c2 != NULL) && ++ ((content->c2->type == XML_ELEMENT_CONTENT_OR) || ++ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && ++ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) + xmlDumpElementContent(buf, content->c2, 1); + else + xmlDumpElementContent(buf, content->c2, 0); + break; + case XML_ELEMENT_CONTENT_OR: +- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || +- (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) ++ if ((content->c1 != NULL) && ++ ((content->c1->type == XML_ELEMENT_CONTENT_OR) || ++ (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) + xmlDumpElementContent(buf, content->c1, 1); + else + xmlDumpElementContent(buf, content->c1, 0); + xmlBufferWriteChar(buf, " | "); +- if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || +- ((content->c2->type == XML_ELEMENT_CONTENT_OR) && +- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) ++ if ((content->c2 != NULL) && ++ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || ++ ((content->c2->type == XML_ELEMENT_CONTENT_OR) && ++ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) + xmlDumpElementContent(buf, content->c2, 1); + else + xmlDumpElementContent(buf, content->c2, 0); +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch new file mode 100644 index 0000000000..db9d597ad7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch @@ -0,0 +1,35 @@ +From 9ea49a06b9421b6a3a9c243fb1ec23b19bd6b049 Mon Sep 17 00:00:00 2001 +From: Neel Mehta +Date: Fri, 7 Apr 2017 17:43:02 +0200 +Subject: [PATCH 7/7] Prevent unwanted external entity reference + +For https://bugzilla.gnome.org/show_bug.cgi?id=780691 + +* parser.c: add a specific check to avoid PE reference +--- + parser.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/parser.c b/parser.c +index 8e11c127..e8e962bb 100644 +--- a/parser.c ++++ b/parser.c +@@ -8125,6 +8125,15 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt) + if (xmlPushInput(ctxt, input) < 0) + return; + } else { ++ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && ++ ((ctxt->options & XML_PARSE_NOENT) == 0) && ++ ((ctxt->options & XML_PARSE_DTDVALID) == 0) && ++ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) && ++ ((ctxt->options & XML_PARSE_DTDATTR) == 0) && ++ (ctxt->replaceEntities == 0) && ++ (ctxt->validate == 0)) ++ return; ++ + /* + * TODO !!! + * handle the extra spaces added before and after +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch new file mode 100644 index 0000000000..14ec773608 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch @@ -0,0 +1,31 @@ +From 43cd3b6222bda2332e963eb1c9ead78f29912b0a Mon Sep 17 00:00:00 2001 +From: Daniel Veillard +Date: Fri, 7 Apr 2017 17:13:28 +0200 +Subject: [PATCH 2/3] Increase buffer space for port in HTTP redirect support + +For https://bugzilla.gnome.org/show_bug.cgi?id=780690 + +nanohttp.c: the code wrongly assumed a short int port value. +--- + nanohttp.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nanohttp.c b/nanohttp.c +index 26e4290e..9c17530e 100644 +--- a/nanohttp.c ++++ b/nanohttp.c +@@ -1423,9 +1423,9 @@ retry: + if (ctxt->port != 80) { + /* reserve space for ':xxxxx', incl. potential proxy */ + if (proxy) +- blen += 12; ++ blen += 17; + else +- blen += 6; ++ blen += 11; + } + bp = (char*)xmlMallocAtomic(blen); + if ( bp == NULL ) { +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch new file mode 100644 index 0000000000..f7c48cd877 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch @@ -0,0 +1,116 @@ +From 839b89e678b5265a0e6b0477410e64fac669d578 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sat, 3 Jun 2017 02:01:29 +0200 +Subject: [PATCH 4/7] Fix buffer size checks in xmlSnprintfElementContent +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +xmlSnprintfElementContent failed to correctly check the available +buffer space in two locations. + +Fixes bug 781333 (CVE-2017-9047) and bug 781701 (CVE-2017-9048). + +Thanks to Marcel Böhme and Thuan Pham for the report. +--- + result/valid/781333.xml | 5 +++++ + result/valid/781333.xml.err | 3 +++ + result/valid/781333.xml.err.rdr | 6 ++++++ + test/valid/781333.xml | 4 ++++ + valid.c | 20 +++++++++++--------- + 5 files changed, 29 insertions(+), 9 deletions(-) + create mode 100644 result/valid/781333.xml + create mode 100644 result/valid/781333.xml.err + create mode 100644 result/valid/781333.xml.err.rdr + create mode 100644 test/valid/781333.xml + +diff --git a/result/valid/781333.xml b/result/valid/781333.xml +new file mode 100644 +index 00000000..45dc451d +--- /dev/null ++++ b/result/valid/781333.xml +@@ -0,0 +1,5 @@ ++ ++ ++]> ++ +diff --git a/result/valid/781333.xml.err b/result/valid/781333.xml.err +new file mode 100644 +index 00000000..b401b49a +--- /dev/null ++++ b/result/valid/781333.xml.err +@@ -0,0 +1,3 @@ ++./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got ++ ++ ^ +diff --git a/result/valid/781333.xml.err.rdr b/result/valid/781333.xml.err.rdr +new file mode 100644 +index 00000000..5ff56992 +--- /dev/null ++++ b/result/valid/781333.xml.err.rdr +@@ -0,0 +1,6 @@ ++./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got ++ ++ ^ ++./test/valid/781333.xml:5: element a: validity error : Element a content does not follow the DTD, Expecting more child ++ ++^ +diff --git a/test/valid/781333.xml b/test/valid/781333.xml +new file mode 100644 +index 00000000..b29e5a68 +--- /dev/null ++++ b/test/valid/781333.xml +@@ -0,0 +1,4 @@ ++ ++]> ++ +diff --git a/valid.c b/valid.c +index 0a8e58ab..8075d3a0 100644 +--- a/valid.c ++++ b/valid.c +@@ -1266,22 +1266,23 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int + case XML_ELEMENT_CONTENT_PCDATA: + strcat(buf, "#PCDATA"); + break; +- case XML_ELEMENT_CONTENT_ELEMENT: ++ case XML_ELEMENT_CONTENT_ELEMENT: { ++ int qnameLen = xmlStrlen(content->name); ++ ++ if (content->prefix != NULL) ++ qnameLen += xmlStrlen(content->prefix) + 1; ++ if (size - len < qnameLen + 10) { ++ strcat(buf, " ..."); ++ return; ++ } + if (content->prefix != NULL) { +- if (size - len < xmlStrlen(content->prefix) + 10) { +- strcat(buf, " ..."); +- return; +- } + strcat(buf, (char *) content->prefix); + strcat(buf, ":"); + } +- if (size - len < xmlStrlen(content->name) + 10) { +- strcat(buf, " ..."); +- return; +- } + if (content->name != NULL) + strcat(buf, (char *) content->name); + break; ++ } + case XML_ELEMENT_CONTENT_SEQ: + if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || + (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) +@@ -1323,6 +1324,7 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int + xmlSnprintfElementContent(buf, size, content->c2, 0); + break; + } ++ if (size - strlen(buf) <= 2) return; + if (englob) + strcat(buf, ")"); + switch (content->ocur) { +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch new file mode 100644 index 0000000000..abf43ef981 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch @@ -0,0 +1,316 @@ +From 9c95d1b7f3951efe09df66ec41d7b19d6283084d Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Mon, 5 Jun 2017 15:37:17 +0200 +Subject: [PATCH 3/7] Fix handling of parameter-entity references +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There were two bugs where parameter-entity references could lead to an +unexpected change of the input buffer in xmlParseNameComplex and +xmlDictLookup being called with an invalid pointer. + +Percent sign in DTD Names +========================= + +The NEXTL macro used to call xmlParserHandlePEReference. When parsing +"complex" names inside the DTD, this could result in entity expansion +which created a new input buffer. The fix is to simply remove the call +to xmlParserHandlePEReference from the NEXTL macro. This is safe because +no users of the macro require expansion of parameter entities. + +- xmlParseNameComplex +- xmlParseNCNameComplex +- xmlParseNmtoken + +The percent sign is not allowed in names, which are grammatical tokens. + +- xmlParseEntityValue + +Parameter-entity references in entity values are expanded but this +happens in a separate step in this function. + +- xmlParseSystemLiteral + +Parameter-entity references are ignored in the system literal. + +- xmlParseAttValueComplex +- xmlParseCharDataComplex +- xmlParseCommentComplex +- xmlParsePI +- xmlParseCDSect + +Parameter-entity references are ignored outside the DTD. + +- xmlLoadEntityContent + +This function is only called from xmlStringLenDecodeEntities and +entities are replaced in a separate step immediately after the function +call. + +This bug could also be triggered with an internal subset and double +entity expansion. + +This fixes bug 766956 initially reported by Wei Lei and independently by +Chromium's ClusterFuzz, Hanno Böck, and Marco Grassi. Thanks to everyone +involved. + +xmlParseNameComplex with XML_PARSE_OLD10 +======================================== + +When parsing Names inside an expanded parameter entity with the +XML_PARSE_OLD10 option, xmlParseNameComplex would call xmlGROW via the +GROW macro if the input buffer was exhausted. At the end of the +parameter entity's replacement text, this function would then call +xmlPopInput which invalidated the input buffer. + +There should be no need to invoke GROW in this situation because the +buffer is grown periodically every XML_PARSER_CHUNK_SIZE characters and, +at least for UTF-8, in xmlCurrentChar. This also matches the code path +executed when XML_PARSE_OLD10 is not set. + +This fixes bugs 781205 (CVE-2017-9049) and 781361 (CVE-2017-9050). +Thanks to Marcel Böhme and Thuan Pham for the report. + +Additional hardening +==================== + +A separate check was added in xmlParseNameComplex to validate the +buffer size. +--- + Makefile.am | 18 ++++++++++++++++++ + parser.c | 18 ++++++++++-------- + result/errors10/781205.xml | 0 + result/errors10/781205.xml.err | 21 +++++++++++++++++++++ + result/errors10/781361.xml | 0 + result/errors10/781361.xml.err | 13 +++++++++++++ + result/valid/766956.xml | 0 + result/valid/766956.xml.err | 9 +++++++++ + result/valid/766956.xml.err.rdr | 10 ++++++++++ + runtest.c | 3 +++ + test/errors10/781205.xml | 3 +++ + test/errors10/781361.xml | 3 +++ + test/valid/766956.xml | 2 ++ + test/valid/dtds/766956.dtd | 2 ++ + 14 files changed, 94 insertions(+), 8 deletions(-) + create mode 100644 result/errors10/781205.xml + create mode 100644 result/errors10/781205.xml.err + create mode 100644 result/errors10/781361.xml + create mode 100644 result/errors10/781361.xml.err + create mode 100644 result/valid/766956.xml + create mode 100644 result/valid/766956.xml.err + create mode 100644 result/valid/766956.xml.err.rdr + create mode 100644 test/errors10/781205.xml + create mode 100644 test/errors10/781361.xml + create mode 100644 test/valid/766956.xml + create mode 100644 test/valid/dtds/766956.dtd + +diff --git a/Makefile.am b/Makefile.am +index 3b52bae7..bf20124e 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -422,6 +422,24 @@ Errtests : xmllint$(EXEEXT) + if [ -n "$$log" ] ; then echo $$name result ; echo $$log ; fi ; \ + rm result.$$name error.$$name ; \ + fi ; fi ; done) ++ @echo "## Error cases regression tests (old 1.0)" ++ -@(for i in $(srcdir)/test/errors10/*.xml ; do \ ++ name=`basename $$i`; \ ++ if [ ! -d $$i ] ; then \ ++ if [ ! -f $(srcdir)/result/errors10/$$name ] ; then \ ++ echo New test file $$name ; \ ++ $(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i \ ++ 2> $(srcdir)/result/errors10/$$name.err \ ++ > $(srcdir)/result/errors10/$$name ; \ ++ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \ ++ else \ ++ log=`$(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i 2> error.$$name > result.$$name ; \ ++ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \ ++ diff $(srcdir)/result/errors10/$$name result.$$name ; \ ++ diff $(srcdir)/result/errors10/$$name.err error.$$name` ; \ ++ if [ -n "$$log" ] ; then echo $$name result ; echo "$$log" ; fi ; \ ++ rm result.$$name error.$$name ; \ ++ fi ; fi ; done) + @echo "## Error cases stream regression tests" + -@(for i in $(srcdir)/test/errors/*.xml ; do \ + name=`basename $$i`; \ +diff --git a/parser.c b/parser.c +index 53a6b7f0..b832406a 100644 +--- a/parser.c ++++ b/parser.c +@@ -2115,7 +2115,6 @@ static void xmlGROW (xmlParserCtxtPtr ctxt) { + ctxt->input->line++; ctxt->input->col = 1; \ + } else ctxt->input->col++; \ + ctxt->input->cur += l; \ +- if (*ctxt->input->cur == '%') xmlParserHandlePEReference(ctxt); \ + } while (0) + + #define CUR_CHAR(l) xmlCurrentChar(ctxt, &l) +@@ -3406,13 +3405,6 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) { + len += l; + NEXTL(l); + c = CUR_CHAR(l); +- if (c == 0) { +- count = 0; +- GROW; +- if (ctxt->instate == XML_PARSER_EOF) +- return(NULL); +- c = CUR_CHAR(l); +- } + } + } + if ((len > XML_MAX_NAME_LENGTH) && +@@ -3420,6 +3412,16 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) { + xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "Name"); + return(NULL); + } ++ if (ctxt->input->cur - ctxt->input->base < len) { ++ /* ++ * There were a couple of bugs where PERefs lead to to a change ++ * of the buffer. Check the buffer size to avoid passing an invalid ++ * pointer to xmlDictLookup. ++ */ ++ xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR, ++ "unexpected change of input buffer"); ++ return (NULL); ++ } + if ((*ctxt->input->cur == '\n') && (ctxt->input->cur[-1] == '\r')) + return(xmlDictLookup(ctxt->dict, ctxt->input->cur - (len + 1), len)); + return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len)); +diff --git a/result/errors10/781205.xml b/result/errors10/781205.xml +new file mode 100644 +index 00000000..e69de29b +diff --git a/result/errors10/781205.xml.err b/result/errors10/781205.xml.err +new file mode 100644 +index 00000000..da15c3f7 +--- /dev/null ++++ b/result/errors10/781205.xml.err +@@ -0,0 +1,21 @@ ++Entity: line 1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration ++ ++ %a; ++ ^ ++Entity: line 1: ++<:0000 ++^ ++Entity: line 1: parser error : DOCTYPE improperly terminated ++ %a; ++ ^ ++Entity: line 1: ++<:0000 ++^ ++namespace error : Failed to parse QName ':0000' ++ %a; ++ ^ ++<:0000 ++ ^ ++./test/errors10/781205.xml:4: parser error : Couldn't find end of Start Tag :0000 line 1 ++ ++^ +diff --git a/result/errors10/781361.xml b/result/errors10/781361.xml +new file mode 100644 +index 00000000..e69de29b +diff --git a/result/errors10/781361.xml.err b/result/errors10/781361.xml.err +new file mode 100644 +index 00000000..655f41a2 +--- /dev/null ++++ b/result/errors10/781361.xml.err +@@ -0,0 +1,13 @@ ++./test/errors10/781361.xml:4: parser error : xmlParseElementDecl: 'EMPTY', 'ANY' or '(' expected ++ ++^ ++./test/errors10/781361.xml:4: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration ++ ++ ++^ ++./test/errors10/781361.xml:4: parser error : DOCTYPE improperly terminated ++ ++^ ++./test/errors10/781361.xml:4: parser error : Start tag expected, '<' not found ++ ++^ +diff --git a/result/valid/766956.xml b/result/valid/766956.xml +new file mode 100644 +index 00000000..e69de29b +diff --git a/result/valid/766956.xml.err b/result/valid/766956.xml.err +new file mode 100644 +index 00000000..34b1dae6 +--- /dev/null ++++ b/result/valid/766956.xml.err +@@ -0,0 +1,9 @@ ++test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';' ++%ä%ent; ++ ^ ++Entity: line 1: parser error : Content error in the external subset ++ %ent; ++ ^ ++Entity: line 1: ++value ++^ +diff --git a/result/valid/766956.xml.err.rdr b/result/valid/766956.xml.err.rdr +new file mode 100644 +index 00000000..77603462 +--- /dev/null ++++ b/result/valid/766956.xml.err.rdr +@@ -0,0 +1,10 @@ ++test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';' ++%ä%ent; ++ ^ ++Entity: line 1: parser error : Content error in the external subset ++ %ent; ++ ^ ++Entity: line 1: ++value ++^ ++./test/valid/766956.xml : failed to parse +diff --git a/runtest.c b/runtest.c +index 7d030bdc..cd233da9 100644 +--- a/runtest.c ++++ b/runtest.c +@@ -4202,6 +4202,9 @@ testDesc testDescriptions[] = { + { "Error cases regression tests", + errParseTest, "./test/errors/*.xml", "result/errors/", "", ".err", + 0 }, ++ { "Error cases regression tests (old 1.0)", ++ errParseTest, "./test/errors10/*.xml", "result/errors10/", "", ".err", ++ XML_PARSE_OLD10 }, + #ifdef LIBXML_READER_ENABLED + { "Error cases stream regression tests", + streamParseTest, "./test/errors/*.xml", "result/errors/", NULL, ".str", +diff --git a/test/errors10/781205.xml b/test/errors10/781205.xml +new file mode 100644 +index 00000000..d9e9e839 +--- /dev/null ++++ b/test/errors10/781205.xml +@@ -0,0 +1,3 @@ ++ ++ %a; +diff --git a/test/errors10/781361.xml b/test/errors10/781361.xml +new file mode 100644 +index 00000000..67476bcb +--- /dev/null ++++ b/test/errors10/781361.xml +@@ -0,0 +1,3 @@ ++ ++ %elem; +diff --git a/test/valid/766956.xml b/test/valid/766956.xml +new file mode 100644 +index 00000000..19a95a0e +--- /dev/null ++++ b/test/valid/766956.xml +@@ -0,0 +1,2 @@ ++ ++ +diff --git a/test/valid/dtds/766956.dtd b/test/valid/dtds/766956.dtd +new file mode 100644 +index 00000000..dddde68b +--- /dev/null ++++ b/test/valid/dtds/766956.dtd +@@ -0,0 +1,2 @@ ++ ++%ä%ent; +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch new file mode 100644 index 0000000000..224d60ff05 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch @@ -0,0 +1,34 @@ +From a1fb9a4f511d89f0738b62cabd6d92bfd9eb94a9 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 28 Jun 2016 14:19:58 +0200 +Subject: [PATCH 3/3] Fix comparison with root node in xmlXPathCmpNodes + +This change has already been made in xmlXPathCmpNodesExt but not in +xmlXPathCmpNodes. +--- + xpath.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/xpath.c b/xpath.c +index 67afbca5..5a01b1b3 100644 +--- a/xpath.c ++++ b/xpath.c +@@ -3342,13 +3342,13 @@ xmlXPathCmpNodes(xmlNodePtr node1, xmlNodePtr node2) { + * compute depth to root + */ + for (depth2 = 0, cur = node2;cur->parent != NULL;cur = cur->parent) { +- if (cur == node1) ++ if (cur->parent == node1) + return(1); + depth2++; + } + root = cur; + for (depth1 = 0, cur = node1;cur->parent != NULL;cur = cur->parent) { +- if (cur == node2) ++ if (cur->parent == node2) + return(-1); + depth1++; + } +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch new file mode 100644 index 0000000000..770a1832b1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch @@ -0,0 +1,32 @@ +From df4f9bdc7a37908ded8bd1fec4f75509eaa156de Mon Sep 17 00:00:00 2001 +From: David Kilzer +Date: Tue, 4 Jul 2017 18:38:03 +0200 +Subject: [PATCH 5/7] Heap-buffer-overflow read of size 1 in + xmlFAParsePosCharGroup + +Credit to OSS-Fuzz. + +Add a check to xmlFAParseCharRange() for the end of the buffer +to prevent reading past the end of it. + +This fixes Bug 784017. +--- + xmlregexp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/xmlregexp.c b/xmlregexp.c +index ca3b4f46..6676c2a8 100644 +--- a/xmlregexp.c ++++ b/xmlregexp.c +@@ -5051,7 +5051,7 @@ xmlFAParseCharRange(xmlRegParserCtxtPtr ctxt) { + return; + } + len = 1; +- } else if ((cur != 0x5B) && (cur != 0x5D)) { ++ } else if ((cur != '\0') && (cur != 0x5B) && (cur != 0x5D)) { + end = CUR_SCHAR(ctxt->cur, len); + } else { + ERROR("Expecting the end of a char range"); +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch new file mode 100644 index 0000000000..9d1a03346f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch @@ -0,0 +1,66 @@ +From 8bc6baccc7da291c2338b8d95953ea487b0b3ca1 Mon Sep 17 00:00:00 2001 +From: Alex Henrie +Date: Thu, 26 May 2016 17:38:35 -0600 +Subject: [PATCH 2/7] Fix attribute decoding during XML schema validation + +For https://bugzilla.gnome.org/show_bug.cgi?id=766834 + +vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs, +so this function can't call xmlStringLenDecodeEntities to decode the +entities. +--- + xmlschemas.c | 30 +++++++++++++++++++++++++----- + 1 file changed, 25 insertions(+), 5 deletions(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index e1b3a4f0..59535e5c 100644 +--- a/xmlschemas.c ++++ b/xmlschemas.c +@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, + * attributes yet. + */ + if (nb_attributes != 0) { ++ int valueLen, k, l; + xmlChar *value; + + for (j = 0, i = 0; i < nb_attributes; i++, j += 5) { +@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, + * libxml2 differs from normal SAX here in that it escapes all ampersands + * as & instead of delivering the raw converted string. Changing the + * behavior at this point would break applications that use this API, so +- * we are forced to work around it. There is no danger of accidentally +- * decoding some entity other than & in this step because without +- * unescaped ampersands there can be no other entities in the string. ++ * we are forced to work around it. + */ +- value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3], +- attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0); ++ valueLen = attributes[j+4] - attributes[j+3]; ++ value = xmlMallocAtomic(valueLen + 1); ++ if (value == NULL) { ++ xmlSchemaVErrMemory(vctxt, ++ "allocating string for decoded attribute", ++ NULL); ++ goto internal_error; ++ } ++ for (k = 0, l = 0; k < valueLen; l++) { ++ if (k < valueLen - 4 && ++ attributes[j+3][k+0] == '&' && ++ attributes[j+3][k+1] == '#' && ++ attributes[j+3][k+2] == '3' && ++ attributes[j+3][k+3] == '8' && ++ attributes[j+3][k+4] == ';') { ++ value[l] = '&'; ++ k += 5; ++ } else { ++ value[l] = attributes[j+3][k]; ++ k++; ++ } ++ } ++ value[l] = '\0'; + /* + * TODO: Set the node line. + */ +-- +2.14.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r1.ebuild index a8f85bad94..4a0945630c 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r1.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r1.ebuild @@ -36,7 +36,7 @@ RDEPEND=" python? ( ${PYTHON_DEPS} ) readline? ( sys-libs/readline:= ) " -DEPEND="${EDEPEND} +DEPEND="${RDEPEND} dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r2.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r2.ebuild new file mode 100644 index 0000000000..465cae6a0a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r2.ebuild @@ -0,0 +1,231 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) +PYTHON_REQ_USE="xml" + +inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal + +DESCRIPTION="Version 2 of the library to manipulate XML files" +HOMEPAGE="http://www.xmlsoft.org/" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="debug examples icu ipv6 lzma python readline static-libs test" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20080827.tar.gz" + +SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )" + +RDEPEND=" + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND} + dev-util/gtk-doc-am + virtual/pkgconfig + hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) +" + +S="${WORKDIR}/${PN}-${PV%_rc*}" + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +src_unpack() { + # ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${P/_rc/-rc}.tar.gz + cd "${S}" || die + + if use test; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + DOCS=( AUTHORS ChangeLog NEWS README* TODO* ) + + # Patches needed for prefix support + eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch + + eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c + + # Fix build for Windows platform + # https://bugzilla.gnome.org/show_bug.cgi?id=760456 + eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch + + # Disable programs that we don't actually install. + # https://bugzilla.gnome.org/show_bug.cgi?id=760457 + eapply "${FILESDIR}"/${PN}-2.9.2-disable-tests.patch + + # Fix python detection, bug #567066 + # https://bugzilla.gnome.org/show_bug.cgi?id=760458 + eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch + + # Apply round of security patches wrt bugs + # 589816, 597112, 597114, 597116. This will be included + # in the next upstream release + eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-4658.patch + eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-5131.patch + eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef.patch + eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef2.patch + + # Apply round of security patches wrt bugs: + # 599192, 586886, 618604, 622914, 605208, 623206 + # This will be included in the next upstream release + eapply "${FILESDIR}"/${P}-CVE-2017-5969.patch + eapply "${FILESDIR}"/${P}-osd-validation.patch + eapply "${FILESDIR}"/${P}-CVE-2017-9049-9050.patch + eapply "${FILESDIR}"/${P}-CVE-2017-9047-9048.patch + eapply "${FILESDIR}"/${P}-heap-buffer-overflow.patch + eapply "${FILESDIR}"/${P}-CVE-2016-9318.patch + eapply "${FILESDIR}"/${P}-CVE-2017-7375.patch + + # Avoid final linking arguments for python modules + if [[ ${CHOST} == *-darwin* ]] ; then + sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die + fi + + # Please do not remove, as else we get references to PORTAGE_TMPDIR + # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. + # We now need to run eautoreconf at the end to prevent maintainer mode. +# elibtoolize +# epunt_cxx # if we don't eautoreconf + + eautoreconf +} + +multilib_src_configure() { + # filter seemingly problematic CFLAGS (#26320) + filter-flags -fprefetch-loop-arrays -funroll-loops + + # USE zlib support breaks gnome2 + # (libgnomeprint for instance fails to compile with + # fresh install, and existing) - (22 Dec 2002). + + # The meaning of the 'debug' USE flag does not apply to the --with-debug + # switch (enabling the libxml2 debug module). See bug #100898. + + # --with-mem-debug causes unusual segmentation faults (bug #105120). + + libxml2_configure() { + ECONF_SOURCE="${S}" econf \ + --with-html-subdir=${PF}/html \ + $(use_with debug run-debug) \ + $(use_with icu) \ + $(use_with lzma) \ + $(use_enable ipv6) \ + $(use_enable static-libs static) \ + $(multilib_native_use_with readline) \ + $(multilib_native_use_with readline history) \ + "$@" + } + + libxml2_py_configure() { + mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist + run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130 + } + + libxml2_configure --without-python # build python bindings separately + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_configure + fi +} + +multilib_src_compile() { + default + if multilib_is_native_abi && use python; then + local native_builddir=${BUILD_DIR} + python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all + fi +} + +multilib_src_test() { + default + multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test +} + +multilib_src_install() { + emake DESTDIR="${D}" \ + EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_emake \ + DESTDIR="${D}" \ + docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \ + exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \ + install + python_foreach_impl python_optimize + fi +} + +multilib_src_install_all() { + # on windows, xmllint is installed by interix libxml2 in parent prefix. + # this is the version to use. the native winnt version does not support + # symlinks, which makes repoman fail if the portage tree is linked in + # from another location (which is my default). -- mduft + if [[ ${CHOST} == *-winnt* ]]; then + rm -rf "${ED}"/usr/bin/xmllint + rm -rf "${ED}"/usr/bin/xmlcatalog + fi + + rm -rf "${ED}"/usr/share/doc/${P} + einstalldocs + + if ! use examples; then + rm -rf "${ED}"/usr/share/doc/${PF}/examples + rm -rf "${ED}"/usr/share/doc/${PF}/python/examples + fi + + prune_libtool_files --modules +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ "${ROOT}" != "/" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}etc/xml/catalog" + + # we dont want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e ${CATALOG} ]]; then + [[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} + +libxml2_py_emake() { + pushd "${BUILD_DIR}/python" > /dev/null || die + emake "$@" + popd > /dev/null +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r3.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r3.ebuild new file mode 100644 index 0000000000..16bd262479 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.4-r3.ebuild @@ -0,0 +1,239 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) +PYTHON_REQ_USE="xml" + +inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal + +DESCRIPTION="Version 2 of the library to manipulate XML files" +HOMEPAGE="http://www.xmlsoft.org/" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="debug examples icu ipv6 lzma python readline static-libs test" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20080827.tar.gz" + +SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )" + +RDEPEND=" + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND} + dev-util/gtk-doc-am + virtual/pkgconfig + hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) +" + +S="${WORKDIR}/${PN}-${PV%_rc*}" + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +src_unpack() { + # ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${P/_rc/-rc}.tar.gz + cd "${S}" || die + + if use test; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + DOCS=( AUTHORS ChangeLog NEWS README* TODO* ) + + # Patches needed for prefix support + eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch + + eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c + + # Fix build for Windows platform + # https://bugzilla.gnome.org/show_bug.cgi?id=760456 + eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch + + # Disable programs that we don't actually install. + # https://bugzilla.gnome.org/show_bug.cgi?id=760457 + eapply "${FILESDIR}"/${PN}-2.9.2-disable-tests.patch + + # Fix python detection, bug #567066 + # https://bugzilla.gnome.org/show_bug.cgi?id=760458 + eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch + + # Apply round of security patches wrt bugs + # 589816, 597112, 597114, 597116. This will be included + # in the next upstream release + eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-4658.patch + eapply "${FILESDIR}"/${PN}-2.9.4-CVE-2016-5131.patch + eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef.patch + eapply "${FILESDIR}"/${PN}-2.9.4-nullptrderef2.patch + + # Apply round of security patches wrt bugs: + # 599192, 586886, 618604, 622914, 605208, 623206 + # This will be included in the next upstream release + eapply "${FILESDIR}"/${P}-CVE-2017-5969.patch + eapply "${FILESDIR}"/${P}-osd-validation.patch + eapply "${FILESDIR}"/${P}-CVE-2017-9049-9050.patch + eapply "${FILESDIR}"/${P}-CVE-2017-9047-9048.patch + eapply "${FILESDIR}"/${P}-heap-buffer-overflow.patch + eapply "${FILESDIR}"/${P}-CVE-2016-9318.patch + eapply "${FILESDIR}"/${P}-CVE-2017-7375.patch + eapply "${FILESDIR}"/${P}-CVE-2017-0663.patch + + # More patche stolen from Debian patch stack + eapply "${FILESDIR}"/${P}-CVE-2017-7376.patch + eapply "${FILESDIR}"/${P}-fix-root-node-cmp.patch + + # After all the patching this test still fails: + rm "${S}"/test/errors10/781205.xml || die + + # Avoid final linking arguments for python modules + if [[ ${CHOST} == *-darwin* ]] ; then + sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die + fi + + # Please do not remove, as else we get references to PORTAGE_TMPDIR + # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. + # We now need to run eautoreconf at the end to prevent maintainer mode. +# elibtoolize +# epunt_cxx # if we don't eautoreconf + + eautoreconf +} + +multilib_src_configure() { + # filter seemingly problematic CFLAGS (#26320) + filter-flags -fprefetch-loop-arrays -funroll-loops + + # USE zlib support breaks gnome2 + # (libgnomeprint for instance fails to compile with + # fresh install, and existing) - (22 Dec 2002). + + # The meaning of the 'debug' USE flag does not apply to the --with-debug + # switch (enabling the libxml2 debug module). See bug #100898. + + # --with-mem-debug causes unusual segmentation faults (bug #105120). + + libxml2_configure() { + ECONF_SOURCE="${S}" econf \ + --with-html-subdir=${PF}/html \ + $(use_with debug run-debug) \ + $(use_with icu) \ + $(use_with lzma) \ + $(use_enable ipv6) \ + $(use_enable static-libs static) \ + $(multilib_native_use_with readline) \ + $(multilib_native_use_with readline history) \ + "$@" + } + + libxml2_py_configure() { + mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist + run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130 + } + + libxml2_configure --without-python # build python bindings separately + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_configure + fi +} + +multilib_src_compile() { + default + if multilib_is_native_abi && use python; then + local native_builddir=${BUILD_DIR} + python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all + fi +} + +multilib_src_test() { + emake check + multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test +} + +multilib_src_install() { + emake DESTDIR="${D}" \ + EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_emake \ + DESTDIR="${D}" \ + docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \ + exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \ + install + python_foreach_impl python_optimize + fi +} + +multilib_src_install_all() { + # on windows, xmllint is installed by interix libxml2 in parent prefix. + # this is the version to use. the native winnt version does not support + # symlinks, which makes repoman fail if the portage tree is linked in + # from another location (which is my default). -- mduft + if [[ ${CHOST} == *-winnt* ]]; then + rm -rf "${ED}"/usr/bin/xmllint + rm -rf "${ED}"/usr/bin/xmlcatalog + fi + + rm -rf "${ED}"/usr/share/doc/${P} + einstalldocs + + if ! use examples; then + rm -rf "${ED}"/usr/share/doc/${PF}/examples + rm -rf "${ED}"/usr/share/doc/${PF}/python/examples + fi + + prune_libtool_files --modules +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ "${ROOT}" != "/" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}etc/xml/catalog" + + # we dont want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e ${CATALOG} ]]; then + [[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} + +libxml2_py_emake() { + pushd "${BUILD_DIR}/python" > /dev/null || die + emake "$@" + popd > /dev/null +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.5.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.5.ebuild new file mode 100644 index 0000000000..dc7fa4d365 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.5.ebuild @@ -0,0 +1,208 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) +PYTHON_REQ_USE="xml" + +inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal + +DESCRIPTION="Version 2 of the library to manipulate XML files" +HOMEPAGE="http://www.xmlsoft.org/" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="debug examples icu ipv6 lzma python readline static-libs test" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20080827.tar.gz" + +SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )" + +RDEPEND=" + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND} + dev-util/gtk-doc-am + virtual/pkgconfig + hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) +" + +S="${WORKDIR}/${PN}-${PV%_rc*}" + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +src_unpack() { + # ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${P/_rc/-rc}.tar.gz + cd "${S}" || die + + if use test; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + DOCS=( AUTHORS ChangeLog NEWS README* TODO* ) + + # Patches needed for prefix support + eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch + + eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c + + # Fix build for Windows platform + # https://bugzilla.gnome.org/show_bug.cgi?id=760456 + eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch + + # Fix python detection, bug #567066 + # https://bugzilla.gnome.org/show_bug.cgi?id=760458 + eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch + + # Avoid final linking arguments for python modules + if [[ ${CHOST} == *-darwin* ]] ; then + sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die + fi + + # Please do not remove, as else we get references to PORTAGE_TMPDIR + # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. + # We now need to run eautoreconf at the end to prevent maintainer mode. +# elibtoolize +# epunt_cxx # if we don't eautoreconf + + eautoreconf +} + +multilib_src_configure() { + # filter seemingly problematic CFLAGS (#26320) + filter-flags -fprefetch-loop-arrays -funroll-loops + + # USE zlib support breaks gnome2 + # (libgnomeprint for instance fails to compile with + # fresh install, and existing) - (22 Dec 2002). + + # The meaning of the 'debug' USE flag does not apply to the --with-debug + # switch (enabling the libxml2 debug module). See bug #100898. + + # --with-mem-debug causes unusual segmentation faults (bug #105120). + + libxml2_configure() { + ECONF_SOURCE="${S}" econf \ + --with-html-subdir=${PF}/html \ + $(use_with debug run-debug) \ + $(use_with icu) \ + $(use_with lzma) \ + $(use_enable ipv6) \ + $(use_enable static-libs static) \ + $(multilib_native_use_with readline) \ + $(multilib_native_use_with readline history) \ + "$@" + } + + libxml2_py_configure() { + mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist + run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130 + } + + libxml2_configure --without-python # build python bindings separately + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_configure + fi +} + +multilib_src_compile() { + default + if multilib_is_native_abi && use python; then + local native_builddir=${BUILD_DIR} + python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all + fi +} + +multilib_src_test() { + emake check + multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test +} + +multilib_src_install() { + emake DESTDIR="${D}" \ + EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_emake \ + DESTDIR="${D}" \ + docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \ + exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \ + install + python_foreach_impl python_optimize + fi +} + +multilib_src_install_all() { + # on windows, xmllint is installed by interix libxml2 in parent prefix. + # this is the version to use. the native winnt version does not support + # symlinks, which makes repoman fail if the portage tree is linked in + # from another location (which is my default). -- mduft + if [[ ${CHOST} == *-winnt* ]]; then + rm -rf "${ED}"/usr/bin/xmllint + rm -rf "${ED}"/usr/bin/xmlcatalog + fi + + rm -rf "${ED}"/usr/share/doc/${P} + einstalldocs + + if ! use examples; then + rm -rf "${ED}"/usr/share/doc/${PF}/examples + rm -rf "${ED}"/usr/share/doc/${PF}/python/examples + fi + + prune_libtool_files --modules +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ "${ROOT}" != "/" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}etc/xml/catalog" + + # we dont want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e ${CATALOG} ]]; then + [[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} + +libxml2_py_emake() { + pushd "${BUILD_DIR}/python" > /dev/null || die + emake "$@" + popd > /dev/null +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.6.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.6.ebuild new file mode 100644 index 0000000000..a2ffa16582 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.9.6.ebuild @@ -0,0 +1,208 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) +PYTHON_REQ_USE="xml" + +inherit libtool flag-o-matic ltprune python-r1 autotools prefix multilib-minimal + +DESCRIPTION="Version 2 of the library to manipulate XML files" +HOMEPAGE="http://www.xmlsoft.org/" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="alpha ~amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="debug examples icu ipv6 lzma python readline static-libs test" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20080827.tar.gz" + +SRC_URI="ftp://xmlsoft.org/${PN}/${PN}-${PV/_rc/-rc}.tar.gz + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + http://www.w3.org/XML/Test/${XMLCONF_TARBALL} )" + +RDEPEND=" + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND} + dev-util/gtk-doc-am + virtual/pkgconfig + hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) +" + +S="${WORKDIR}/${PN}-${PV%_rc*}" + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +src_unpack() { + # ${A} isn't used to avoid unpacking of test tarballs into $WORKDIR, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${P/_rc/-rc}.tar.gz + cd "${S}" || die + + if use test; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + DOCS=( AUTHORS ChangeLog NEWS README* TODO* ) + + # Patches needed for prefix support + eapply "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch + + eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c + + # Fix build for Windows platform + # https://bugzilla.gnome.org/show_bug.cgi?id=760456 + eapply "${FILESDIR}"/${PN}-2.8.0_rc1-winnt.patch + + # Fix python detection, bug #567066 + # https://bugzilla.gnome.org/show_bug.cgi?id=760458 + eapply "${FILESDIR}"/${PN}-2.9.2-python-ABIFLAG.patch + + # Avoid final linking arguments for python modules + if [[ ${CHOST} == *-darwin* ]] ; then + sed -i -e '/PYTHON_LIBS/s/ldflags/libs/' configure.ac || die + fi + + # Please do not remove, as else we get references to PORTAGE_TMPDIR + # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. + # We now need to run eautoreconf at the end to prevent maintainer mode. +# elibtoolize +# epunt_cxx # if we don't eautoreconf + + eautoreconf +} + +multilib_src_configure() { + # filter seemingly problematic CFLAGS (#26320) + filter-flags -fprefetch-loop-arrays -funroll-loops + + # USE zlib support breaks gnome2 + # (libgnomeprint for instance fails to compile with + # fresh install, and existing) - (22 Dec 2002). + + # The meaning of the 'debug' USE flag does not apply to the --with-debug + # switch (enabling the libxml2 debug module). See bug #100898. + + # --with-mem-debug causes unusual segmentation faults (bug #105120). + + libxml2_configure() { + ECONF_SOURCE="${S}" econf \ + --with-html-subdir=${PF}/html \ + $(use_with debug run-debug) \ + $(use_with icu) \ + $(use_with lzma) \ + $(use_enable ipv6) \ + $(use_enable static-libs static) \ + $(multilib_native_use_with readline) \ + $(multilib_native_use_with readline history) \ + "$@" + } + + libxml2_py_configure() { + mkdir -p "${BUILD_DIR}" || die # ensure python build dirs exist + run_in_build_dir libxml2_configure "--with-python=${ROOT%/}${PYTHON}" # odd build system, also see bug #582130 + } + + libxml2_configure --without-python # build python bindings separately + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_configure + fi +} + +multilib_src_compile() { + default + if multilib_is_native_abi && use python; then + local native_builddir=${BUILD_DIR} + python_foreach_impl libxml2_py_emake top_builddir="${native_builddir}" all + fi +} + +multilib_src_test() { + emake check + multilib_is_native_abi && use python && python_foreach_impl libxml2_py_emake test +} + +multilib_src_install() { + emake DESTDIR="${D}" \ + EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples install + + if multilib_is_native_abi && use python; then + python_foreach_impl libxml2_py_emake \ + DESTDIR="${D}" \ + docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \ + exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \ + install + python_foreach_impl python_optimize + fi +} + +multilib_src_install_all() { + # on windows, xmllint is installed by interix libxml2 in parent prefix. + # this is the version to use. the native winnt version does not support + # symlinks, which makes repoman fail if the portage tree is linked in + # from another location (which is my default). -- mduft + if [[ ${CHOST} == *-winnt* ]]; then + rm -rf "${ED}"/usr/bin/xmllint + rm -rf "${ED}"/usr/bin/xmlcatalog + fi + + rm -rf "${ED}"/usr/share/doc/${P} + einstalldocs + + if ! use examples; then + rm -rf "${ED}"/usr/share/doc/${PF}/examples + rm -rf "${ED}"/usr/share/doc/${PF}/python/examples + fi + + prune_libtool_files --modules +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ "${ROOT}" != "/" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}etc/xml/catalog" + + # we dont want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e ${CATALOG} ]]; then + [[ -d "${EROOT}etc/xml" ]] || mkdir -p "${EROOT}etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} + +libxml2_py_emake() { + pushd "${BUILD_DIR}/python" > /dev/null || die + emake "$@" + popd > /dev/null +} diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-28.xml new file mode 100644 index 0000000000..1324e48c39 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-28.xml @@ -0,0 +1,49 @@ + + + + Jython: Arbitrary code execution + A vulnerability in Jython may lead to arbitrary code execution. + + Jython + 2017-10-29 + 2017-10-29: 1 + 621876 + remote + + + 2.7.0-r2 + 2.7.0-r2 + + + +

An implementation of Python written in Java.

+ + +

It was found that Jython is vulnerable to arbitrary code execution by + sending a serialized function to the deserializer. +

+ + +

Remote execution of arbitrary code by enticing a user to execute + malicious code. +

+ + +

There is no known workaround at this time.

+ + +

All Jython users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-java/jython-2.7.0-r2" + + + + + CVE-2016-4000 + + + jmbailey + jmbailey + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-29.xml new file mode 100644 index 0000000000..a2dfda779e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-29.xml @@ -0,0 +1,58 @@ + + + + Asterisk: Multiple vulnerabilities + Multiple vulnerabilities have been found in Asterisk, the worst of + which allows remote execution of arbitrary shell commands. + + asterisk + 2017-10-29 + 2017-10-29: 1 + 629682 + 629692 + 633856 + remote + + + 11.25.3 + 11.25.3 + + + +

A Modular Open Source PBX System.

+ + +

Multiple vulnerabilities have been discovered in Asterisk. Please review + the referenced CVE identifiers for details. +

+ + +

A remote attacker could execute arbitrary code, cause a denial of + service condition, or cause an unauthorized data disclosure by enticing a + user to run malicious code. +

+ + +

There is no known workaround at this time.

+ + +

All Asterisk users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-misc/asterisk-13.17.2" + + + + CVE-2017-14098 + + CVE-2017-14099 + + + CVE-2017-14100 + + CVE-2017-14603 + + jmbailey + jmbailey + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-30.xml new file mode 100644 index 0000000000..67af29cd0f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-30.xml @@ -0,0 +1,63 @@ + + + + X.Org Server: Multiple vulnerabilities + Multiple vulnerabilities have been found in X.Org Server the worst + of which could allow a local attacker to replace shared memory segments. + + X.Org Server + 2017-10-29 + 2017-10-29: 1 + 493294 + 611350 + 633910 + local + + + 1.19.4 + 1.19.4 + + + +

The X.Org project provides an open source implementation of the X Window + System. +

+ + +

Multiple vulnerabilities have been discovered in X.Org Server. Please + review the referenced CVE identifiers for details. +

+ + +

A local attacker could cause a global buffer overflow or a Denial of + Service condition. +

+ + +

There is no known workaround at this time

+ + +

All X.Org Server users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.19.4" + + + + + CVE-2013-6424 + + + CVE-2017-13721 + + + CVE-2017-13723 + + + CVE-2017-2624 + + + jmbailey + jmbailey + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-31.xml new file mode 100644 index 0000000000..b6e438df40 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-31.xml @@ -0,0 +1,114 @@ + + + + Oracle JDK/JRE: Multiple vulnerabilities + Multiple vulnerabilities have been found in Oracle's JDK and JRE + software suites, the worst of which can be remotely exploited without + authentication. + + oracle,jdk,jre + 2017-10-29 + 2017-10-29: 1 + 635030 + remote + + + 1.8.0.152-r1 + 1.8.0.152-r1 + + + 1.8.0.152-r1 + 1.8.0.152-r1 + + + +

Java Platform, Standard Edition (Java SE) lets you develop and deploy + Java applications on desktops and servers, as well as in today’s + demanding embedded environments. Java offers the rich user interface, + performance, versatility, portability, and security that today’s + applications require. +

+ + +

Multiple vulnerabilities have been discovered in Oracle’s Java SE. + Please review the referenced CVE identifiers for details. +

+ + +

A remote attacker could cause a Denial of Service condition, modify + arbitrary data, or have numerous other impacts. +

+ + +

There is no known workaround at this time.

+ + +

All Oracle JDK users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=dev-java/oracle-jdk-bin-1.8.0.152-r1" + + +

All Oracle JRE users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=dev-java/oracle-jre-bin-1.8.0.152-r1" + + + + + CVE-2017-10274 + + + CVE-2017-10281 + + + CVE-2017-10285 + + + CVE-2017-10293 + + + CVE-2017-10295 + + + CVE-2017-10309 + + + CVE-2017-10345 + + + CVE-2017-10346 + + + CVE-2017-10347 + + + CVE-2017-10348 + + + CVE-2017-10349 + + + CVE-2017-10350 + + + CVE-2017-10355 + + + CVE-2017-10356 + + + CVE-2017-10357 + + + CVE-2017-10388 + + + jmbailey + jmbailey + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-32.xml new file mode 100644 index 0000000000..61324a61d4 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-32.xml @@ -0,0 +1,77 @@ + + + + Apache: Multiple vulnerabilities + Multiple vulnerabilities have been found in Apache, the worst of + which may result in the loss of secrets. + + Apache + 2017-10-29 + 2017-10-29: 1 + 622240 + 624868 + 631308 + remote + + + 2.4.27-r1 + 2.4.27-r1 + + + +

The Apache HTTP server is one of the most popular web servers on the + Internet. +

+ + +

Multiple vulnerabilities have been discovered in Apache. Please review + the referenced CVE identifiers for details. +

+ + +

The Optionsbleed vulnerability can leak arbitrary memory from the server + process that may contain secrets. Additionally attackers may cause a + Denial of Service condition, bypass authentication, or cause information + loss. +

+ + +

There is no known workaround at this time.

+ + +

All Apache users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.27-r1" + + + + + CVE-2017-3167 + + + CVE-2017-3169 + + + CVE-2017-7659 + + + CVE-2017-7668 + + + CVE-2017-7679 + + + CVE-2017-9788 + + + CVE-2017-9789 + + + CVE-2017-9798 + + + jmbailey + jmbailey + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201711-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201711-01.xml new file mode 100644 index 0000000000..7ca8635c85 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201711-01.xml @@ -0,0 +1,82 @@ + + + + libxml2: Multiple vulnerabilities + Multiple vulnerabilities have been found in libxml2, the worst of + which could result in the execution of arbitrary code. + + libxml2 + 2017-11-10 + 2017-11-10: 2 + 599192 + 605208 + 618604 + 622914 + 623206 + remote + + + 2.9.4-r3 + 2.9.4-r3 + + + +

libxml2 is the XML (eXtended Markup Language) C parser and toolkit + initially developed for the Gnome project. +

+ + +

Multiple vulnerabilities have been discovered in libxml2. Please review + the CVE identifiers referenced below for details. +

+ + +

A remote attacker, by enticing a user to process a specially crafted XML + document, could remotely execute arbitrary code, conduct XML External + Entity (XXE) attacks, or cause a Denial of Service condition. +

+ + +

There is no known workaround at this time.

+ + +

All libxml2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r3" + + +

Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying some of these packages. +

+ + + + CVE-2016-9318 + + + CVE-2017-0663 + + + CVE-2017-5969 + + + CVE-2017-7375 + + + CVE-2017-9047 + + + CVE-2017-9048 + + + CVE-2017-9049 + + + CVE-2017-9050 + + + chrisadr + b-man + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk index 6b302d3bf2..c83fab9a10 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Mon, 23 Oct 2017 17:39:28 +0000 +Fri, 10 Nov 2017 14:38:58 +0000 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit index 350c70c794..348e97cba8 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit @@ -1 +1 @@ -3c64211d24fa5a633310d841c0bd5cddc991cc02 1508723227 2017-10-23T01:47:07+00:00 +4ad72e046fa706e5fe66f5299894eb730f6b5bba 1510281582 2017-11-10T02:39:42+00:00 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 index 0252977dba..c8e74ab2c1 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r1 @@ -1,5 +1,5 @@ DEFINED_PHASES=compile configure install postinst prepare test unpack -DEPEND=dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 +DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 DESCRIPTION=Version 2 of the library to manipulate XML files EAPI=6 HOMEPAGE=http://www.xmlsoft.org/ @@ -11,4 +11,4 @@ REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 py SLOT=2 SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz ) _eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=6b4de4049bd7195f4260eab983a878fe +_md5_=2a5a1a0cd641a38ef62a2249076fb157 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r2 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r2 new file mode 100644 index 0000000000..a5406b5035 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r2 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 +DESCRIPTION=Version 2 of the library to manipulate XML files +EAPI=6 +HOMEPAGE=http://www.xmlsoft.org/ +IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt +LICENSE=MIT +RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) ) +SLOT=2 +SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz ) +_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=7e332363ad0884f56252a97f3ecb1dbd diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r3 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r3 new file mode 100644 index 0000000000..cf713af02c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.4-r3 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 +DESCRIPTION=Version 2 of the library to manipulate XML files +EAPI=6 +HOMEPAGE=http://www.xmlsoft.org/ +IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt +LICENSE=MIT +RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) ) +SLOT=2 +SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.4.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz ) +_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=34dff334b06fc41d041d809bcc50b03a diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.5 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.5 new file mode 100644 index 0000000000..ecd8eab911 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.5 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 +DESCRIPTION=Version 2 of the library to manipulate XML files +EAPI=6 +HOMEPAGE=http://www.xmlsoft.org/ +IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt +LICENSE=MIT +RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) ) +SLOT=2 +SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.5.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz ) +_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=e6b60ac57b7cb77be70a02f10a0c162f diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.6 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.6 new file mode 100644 index 0000000000..54f980d48f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/libxml2-2.9.6 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) dev-util/gtk-doc-am virtual/pkgconfig hppa? ( >=sys-devel/binutils-2.15.92.0.2 ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 +DESCRIPTION=Version 2 of the library to manipulate XML files +EAPI=6 +HOMEPAGE=http://www.xmlsoft.org/ +IUSE=debug examples icu ipv6 lzma python readline static-libs test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha ~amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt +LICENSE=MIT +RDEPEND=>=sys-libs/zlib-1.2.8-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] icu? ( >=dev-libs/icu-51.2-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] ) readline? ( sys-libs/readline:= ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 ) ) +SLOT=2 +SRC_URI=ftp://xmlsoft.org/libxml2/libxml2-2.9.6.tar.gz test? ( http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2002-01-16/xsts-2002-01-16.tar.gz http://www.w3.org/XML/2004/xml-schema-test-suite/xmlschema2004-01-14/xsts-2004-01-14.tar.gz http://www.w3.org/XML/Test/xmlts20080827.tar.gz ) +_eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 prefix 7b6fb2fc216b101b5d97d171925a847c python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=b23a32eb7b3c7e9025a9a7c72d048e33