[inkscape/el5] Initial patch.
Jon Ciesla
limb at fedoraproject.org
Wed Dec 19 18:31:51 UTC 2012
commit dff44e02de1037b5d19cf50287eb354f93192f73
Author: Jon Ciesla <limburgher at gmail.com>
Date: Wed Dec 19 12:29:23 2012 -0600
Initial patch.
inkscape-0.46-11931.patch | 60 +++++++++++++++++++++++++++++++++++++++++++++
inkscape.spec | 9 +++++-
2 files changed, 67 insertions(+), 2 deletions(-)
---
diff --git a/inkscape-0.46-11931.patch b/inkscape-0.46-11931.patch
new file mode 100644
index 0000000..e1d0ef6
--- /dev/null
+++ b/inkscape-0.46-11931.patch
@@ -0,0 +1,60 @@
+=== modified file 'src/preferences-skeleton.h'
+--- src/preferences-skeleton.h 2012-05-23 12:00:49 +0000
++++ src/preferences-skeleton.h 2012-12-05 22:39:22 +0000
+@@ -337,6 +337,10 @@
+ " check_on_reading=\"0\" "
+ " check_on_editing=\"0\" "
+ " check_on_writing=\"0\"/>\n"
++" <group id=\"externalresources\">\n"
++" <group id=\"xml\" "
++" allow_net_access=\"0\"/>\n"
++" </group>\n"
+ " <group id=\"forkgradientvectors\" value=\"1\"/>\n"
+ " <group id=\"iconrender\" named_nodelay=\"0\"/>\n"
+ " <group id=\"autosave\" enable=\"0\" interval=\"10\" path=\"\" max=\"10\"/>\n"
+
+=== modified file 'src/ui/dialog/ocaldialogs.cpp'
+--- src/ui/dialog/ocaldialogs.cpp 2012-11-26 10:33:19 +0000
++++ src/ui/dialog/ocaldialogs.cpp 2012-12-05 22:39:22 +0000
+@@ -1112,8 +1112,14 @@
+ xmlDoc *doc = NULL;
+ xmlNode *root_element = NULL;
+
+- doc = xmlReadMemory(data, (int) length, xml_uri.c_str(), NULL,
+- XML_PARSE_RECOVER + XML_PARSE_NOWARNING + XML_PARSE_NOERROR);
++ int parse_options = XML_PARSE_RECOVER + XML_PARSE_NOWARNING + XML_PARSE_NOERROR; // do not use XML_PARSE_NOENT ! see bug lp:1025185
++ Inkscape::Preferences *prefs = Inkscape::Preferences::get();
++ bool allowNetAccess = prefs->getBool("/options/externalresources/xml/allow_net_access", false);
++ if (!allowNetAccess) {
++ parse_options |= XML_PARSE_NONET;
++ }
++
++ doc = xmlReadMemory(data, (int) length, xml_uri.c_str(), NULL, parse_options);
+
+ if (doc == NULL) {
+ // If nothing is returned, no results could be found
+
+=== modified file 'src/xml/repr-io.cpp'
+--- src/xml/repr-io.cpp 2012-05-12 11:16:29 +0000
++++ src/xml/repr-io.cpp 2012-12-05 22:39:22 +0000
+@@ -297,12 +297,18 @@
+ XmlSource src;
+
+ if ( (src.setFile(filename) == 0) ) {
++ int parse_options = XML_PARSE_HUGE; // do not use XML_PARSE_NOENT ! see bug lp:1025185
++ Inkscape::Preferences *prefs = Inkscape::Preferences::get();
++ bool allowNetAccess = prefs->getBool("/options/externalresources/xml/allow_net_access", false);
++ if (!allowNetAccess) {
++ parse_options |= XML_PARSE_NONET;
++ }
+ doc = xmlReadIO( XmlSource::readCb,
+ XmlSource::closeCb,
+ &src,
+ localFilename,
+ src.getEncoding(),
+- XML_PARSE_NOENT | XML_PARSE_HUGE);
++ parse_options);
+ }
+ }
+
+
diff --git a/inkscape.spec b/inkscape.spec
index a716975..77ed6a0 100644
--- a/inkscape.spec
+++ b/inkscape.spec
@@ -1,6 +1,6 @@
Name: inkscape
Version: 0.46
-Release: 2%{?dist}.1
+Release: 3%{?dist}
Summary: Vector-based drawing program using SVG
Group: Applications/Productivity
@@ -11,6 +11,7 @@ Patch0: inkscape-16571-cxxinclude.patch
Patch1: inkscape-0.45.1-desktop.patch
Patch2: inkscape-0.46pre2-icons.patch
Patch3: inkscape-0.46-fixlatex.patch
+Patch4: inkscape-0.46-11931.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -39,7 +40,7 @@ BuildRequires: boost-devel
# Use popt-devel if Fedora 8, RHEL 6, newer or unknown,
# rely on popt otherwise
-%if %{!?fedora:8}%{?fedora} < 8 || %{!?rhel:6}%{?rhel} < 6
+%if %{!?rhel:6}%{?rhel} < 6
BuildRequires: popt
%else
BuildRequires: popt-devel
@@ -74,6 +75,7 @@ C and C++, using the Gtk+ toolkit and optionally some Gnome libraries.
%patch1 -p1 -b .desktop
%patch2 -p1 -b .icons
%patch3 -p1 -b .fixlatex
+%patch4 -p0 -b .xxeflaw
find -type f -regex '.*\.\(cpp\|h\)' -perm +111 -exec chmod -x {} ';'
find share/extensions/ -type f -regex '.*\.py' -perm +111 -exec chmod -x {} ';'
dos2unix -k -q share/extensions/*.py
@@ -133,6 +135,9 @@ update-desktop-database %{_datadir}/applications > /dev/null 2>&1 || :
%changelog
+* Wed Dec 19 2012 Jon Ciesla <limburgher at gmail.com> - 0.46-3
+- Fix for EL-5, patch for XXE flaw.
+
* Fri Apr 11 2008 Lubomir Kundrak <lkundrak at redhat.com> - 0.46-2.1
- More buildrequires more flexible, so that this builds on RHEL
More information about the scm-commits
mailing list