Received: by mail.netbsd.org (Postfix, from userid 605)
	id A90DF855D1; Wed, 21 Jun 2017 18:17:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 3933E855C7
	for <pkgsrc-changes@NetBSD.org>; Wed, 21 Jun 2017 18:17:37 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id ongsQamzplJS for <pkgsrc-changes@netbsd.org>;
	Wed, 21 Jun 2017 18:17:36 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197])
	by mail.netbsd.org (Postfix) with ESMTP id 9ED4284D7B
	for <pkgsrc-changes@NetBSD.org>; Wed, 21 Jun 2017 18:17:36 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 9CD82FAE8; Wed, 21 Jun 2017 18:17:36 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_149806905684260"
MIME-Version: 1.0
Date: Wed, 21 Jun 2017 18:17:36 +0000
From: "Benny Siegert" <bsiegert@netbsd.org>
Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/textproc/libxml2
To: pkgsrc-changes@NetBSD.org
Reply-To: bsiegert@netbsd.org
X-Mailer: log_accum
Message-Id: <20170621181736.9CD82FAE8@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_149806905684260
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	bsiegert
Date:		Wed Jun 21 18:17:36 UTC 2017

Modified Files:
	pkgsrc/textproc/libxml2 [pkgsrc-2017Q1]: Makefile distinfo
Added Files:
	pkgsrc/textproc/libxml2/patches [pkgsrc-2017Q1]: patch-valid.c

Log Message:
Pullup ticket #5478 - requested by sevan
textproc/libxml2: security fix

Revisions pulled up:
- textproc/libxml2/Makefile                                     1.144
- textproc/libxml2/distinfo                                     1.115
- textproc/libxml2/patches/patch-valid.c                        1.1

---
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Sun Jun 11 04:40:53 UTC 2017

   Modified Files:
           pkgsrc/textproc/libxml2: Makefile distinfo
   Added Files:
           pkgsrc/textproc/libxml2/patches: patch-valid.c

   Log Message:
   libxml2: Apply upstream patch for CVE-2017-5969.
   (Minor issue, only a denial-of-service when using recover mode)

   bump PKGREVISION


To generate a diff of this commit:
cvs rdiff -u -r1.143 -r1.143.2.1 pkgsrc/textproc/libxml2/Makefile
cvs rdiff -u -r1.114 -r1.114.4.1 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r0 -r1.2.2.2 pkgsrc/textproc/libxml2/patches/patch-valid.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_149806905684260
Content-Disposition: inline
Content-Length: 4328
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/textproc/libxml2/Makefile
diff -u pkgsrc/textproc/libxml2/Makefile:1.143 pkgsrc/textproc/libxml2/Makefile:1.143.2.1
--- pkgsrc/textproc/libxml2/Makefile:1.143	Fri Dec 30 02:17:48 2016
+++ pkgsrc/textproc/libxml2/Makefile	Wed Jun 21 18:17:36 2017
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.143 2016/12/30 02:17:48 dholland Exp $
+# $NetBSD: Makefile,v 1.143.2.1 2017/06/21 18:17:36 bsiegert Exp $
 
 .include "../../textproc/libxml2/Makefile.common"
 
-PKGREVISION=	2
+PKGREVISION=	3
 
 COMMENT=	XML parser library from the GNOME project
 LICENSE=	modified-bsd

Index: pkgsrc/textproc/libxml2/distinfo
diff -u pkgsrc/textproc/libxml2/distinfo:1.114 pkgsrc/textproc/libxml2/distinfo:1.114.4.1
--- pkgsrc/textproc/libxml2/distinfo:1.114	Tue Dec 27 02:34:33 2016
+++ pkgsrc/textproc/libxml2/distinfo	Wed Jun 21 18:17:36 2017
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.114 2016/12/27 02:34:33 sevan Exp $
+$NetBSD: distinfo,v 1.114.4.1 2017/06/21 18:17:36 bsiegert Exp $
 
 SHA1 (libxml2-2.9.4.tar.gz) = 958ae70baf186263a4bd801a81dd5d682aedd1db
 RMD160 (libxml2-2.9.4.tar.gz) = bb59656e0683d64a38a2f1a45ca9d918837e1e56
@@ -16,6 +16,7 @@ SHA1 (patch-runtest.c) = 759fcee959833b3
 SHA1 (patch-test_XPath_xptr_vidbase) = a9b497505f914924388145c6266aa517152f9da3
 SHA1 (patch-testlimits.c) = 8cba18464b619469abbb8488fd950a32a567be7b
 SHA1 (patch-timsort.h) = e09118e7c99d53f71c28fe4d54269c4801244959
+SHA1 (patch-valid.c) = e6ff3a9aed6b985fcc69d214efa953a90a055d6b
 SHA1 (patch-xmlIO.c) = 5efcc5e43a8b3139832ab69af6b5ab94e5a6ad59
 SHA1 (patch-xpath.c) = ec94ab2116f99a08f51630dee6b9e7e25d2b5c00
 SHA1 (patch-xpointer.c) = 8ca75f64b89369106c0d088ff7fd36b38005e032

Added files:

Index: pkgsrc/textproc/libxml2/patches/patch-valid.c
diff -u /dev/null pkgsrc/textproc/libxml2/patches/patch-valid.c:1.2.2.2
--- /dev/null	Wed Jun 21 18:17:36 2017
+++ pkgsrc/textproc/libxml2/patches/patch-valid.c	Wed Jun 21 18:17:36 2017
@@ -0,0 +1,55 @@
+$NetBSD: patch-valid.c,v 1.2.2.2 2017/06/21 18:17:36 bsiegert Exp $
+
+Upstream commit by Daniel Veillard
+
+Fix NULL pointer deref in xmlDumpElementContent
+Can only be triggered in recovery mode.
+Fixes bug 758422 (CVE-2017-5969).
+
+
+--- valid.c.orig	2016-05-23 07:25:25.000000000 +0000
++++ valid.c
+@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, 
+ 	    xmlBufferWriteCHAR(buf, content->name);
+ 	    break;
+ 	case XML_ELEMENT_CONTENT_SEQ:
+-	    if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+-	        (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
++	    if ((content->c1 != NULL) &&
++	        ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
++	         (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
+ 		xmlDumpElementContent(buf, content->c1, 1);
+ 	    else
+ 		xmlDumpElementContent(buf, content->c1, 0);
+             xmlBufferWriteChar(buf, " , ");
+-	    if ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
+-	        ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
+-		 (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
++	    if ((content->c2 != NULL) &&
++	        ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
++	         ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
++		  (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
+ 		xmlDumpElementContent(buf, content->c2, 1);
+ 	    else
+ 		xmlDumpElementContent(buf, content->c2, 0);
+ 	    break;
+ 	case XML_ELEMENT_CONTENT_OR:
+-	    if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+-	        (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
++	    if ((content->c1 != NULL) &&
++	        ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
++	         (content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
+ 		xmlDumpElementContent(buf, content->c1, 1);
+ 	    else
+ 		xmlDumpElementContent(buf, content->c1, 0);
+             xmlBufferWriteChar(buf, " | ");
+-	    if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
+-	        ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
+-		 (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))
++	    if ((content->c2 != NULL) &&
++	        ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) ||
++	         ((content->c2->type == XML_ELEMENT_CONTENT_OR) &&
++		  (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))))
+ 		xmlDumpElementContent(buf, content->c2, 1);
+ 	    else
+ 		xmlDumpElementContent(buf, content->c2, 0);


--_----------=_149806905684260--