[libxslt/f17] Update to libxslt-1.1.28 for CVE-2012-6139
Daniel Veillard
veillard at fedoraproject.org
Wed Mar 27 10:51:58 UTC 2013
commit b28e392ef8ae84fc42691ec3bf097d6c214f0a7b
Author: Daniel Veillard <veillard at redhat.com>
Date: Wed Mar 27 18:51:07 2013 +0800
Update to libxslt-1.1.28 for CVE-2012-6139
libxslt-Avoid-a-heap-use-after-free-error.patch | 54 --
...t-Cleanup-of-the-pattern-compilation-code.patch | 214 -------
libxslt-Fix-a-bug-in-selecting-XSLT-elements.patch | 32 -
libxslt-Fix-a-dictionary-string-usage.patch | 113 ----
libxslt-Fix-bug-602515.patch | 142 -----
...lt-template-processing-on-namespace-nodes.patch | 42 --
libxslt-Fix-direct-pattern-matching-bug.patch | 96 ----
...enerate-id-to-not-expose-object-addresses.patch | 66 ---
...ix-popping-of-vars-in-xsltCompilerNodePop.patch | 35 --
...Fix-portability-to-upcoming-libxml2-2.9.0.patch | 71 ---
...t-Fix-some-case-of-pattern-parsing-errors.patch | 33 --
...ix-system-property-with-unknown-namespace.patch | 69 ---
...ning-of-code-checking-node-types-in-EXSLT.patch | 42 --
...hecking-node-types-in-various-entry-point.patch | 594 --------------------
...ld-return-an-error-code-if-xinclude-fails.patch | 51 --
libxslt.spec | 44 +--
sources | 2 +-
17 files changed, 9 insertions(+), 1691 deletions(-)
---
diff --git a/libxslt.spec b/libxslt.spec
index fcb7f84..e0febbb 100644
--- a/libxslt.spec
+++ b/libxslt.spec
@@ -1,37 +1,21 @@
Summary: Library providing the Gnome XSLT engine
Name: libxslt
-Version: 1.1.26
-Release: 10%{?dist}%{?extra_release}
+Version: 1.1.28
+Release: 1%{?dist}%{?extra_release}
License: MIT
Group: Development/Libraries
Source: ftp://xmlsoft.org/XSLT/libxslt-%{version}.tar.gz
URL: http://xmlsoft.org/XSLT/
-BuildRequires: libxml2-devel
+BuildRequires: libxml2-devel >= 2.6.27
BuildRequires: python2-devel
BuildRequires: libxml2-python
BuildRequires: libgcrypt-devel
BuildRequires: automake autoconf
-# Fedora specific patch
+# Fedora specific patches
Patch0: multilib.patch
Patch1: libxslt-1.1.26-utf8-docs.patch
-Patch2: libxslt-Fix-direct-pattern-matching-bug.patch
-Patch3: libxslt-Fix-popping-of-vars-in-xsltCompilerNodePop.patch
-Patch4: libxslt-Fix-bug-602515.patch
-Patch5: libxslt-Fix-generate-id-to-not-expose-object-addresses.patch
-Patch6: libxslt-Fix-some-case-of-pattern-parsing-errors.patch
-Patch7: libxslt-Fix-a-bug-in-selecting-XSLT-elements.patch
-Patch8: libxslt-Fix-portability-to-upcoming-libxml2-2.9.0.patch
-Patch9: libxslt-Fix-default-template-processing-on-namespace-nodes.patch
-Patch10: libxslt-Cleanup-of-the-pattern-compilation-code.patch
-Patch11: libxslt-Hardening-of-code-checking-node-types-in-various-entry-point.patch
-Patch12: libxslt-Hardening-of-code-checking-node-types-in-EXSLT.patch
-Patch13: libxslt-Fix-system-property-with-unknown-namespace.patch
-Patch14: libxslt-xsltproc-should-return-an-error-code-if-xinclude-fails.patch
-Patch15: libxslt-Fix-a-dictionary-string-usage.patch
-Patch16: libxslt-Avoid-a-heap-use-after-free-error.patch
-
%description
This C library allows to transform XML files into other XML files
(or HTML, text, ...) using the standard XSLT stylesheet transformation
@@ -44,6 +28,7 @@ Group: Development/Libraries
Requires: libxslt = %{version}-%{release}
Requires: libgcrypt-devel
+
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
@@ -76,22 +61,6 @@ gzip -9 ChangeLog
touch -r ChangeLog.utf8 ChangeLog.gz
touch -r NEWS.utf8 NEWS
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11 -p1
-%patch12 -p1
-%patch13 -p1
-%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-
chmod 644 python/tests/*
%build
@@ -151,6 +120,9 @@ make tests
%doc python/tests/*.xsl
%changelog
+* Wed Mar 27 2013 Daniel Veillard <veillard at redhat.com> - 1.1.28-1
+- update to upstream release of libxslt-1.1.28 for CVE-2012-6139
+
* Wed Sep 12 2012 Daniel Veillard <veillard at redhat.com> 1.1.26-10
- Fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870
- Fix direct pattern matching bug
diff --git a/sources b/sources
index a484e40..12db275 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-e61d0364a30146aaa3001296f853b2b9 libxslt-1.1.26.tar.gz
+9667bf6f9310b957254fdcf6596600b7 libxslt-1.1.28.tar.gz
More information about the scm-commits
mailing list