blob 927fa8a69e4adb4ce6764d77ab8a5ceba134dea1 442 bytes (raw)
name: gnu/packages/patches/expat-CVE-2018-20843.patch # note: path name is non-authoritative(*)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| | Fix extraction of namespace prefix from XML name.
Fixes CVE-2018-20843
diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
index 30d55c5..737d7cd 100644
--- a/expat/lib/xmlparse.c
+++ b/expat/lib/xmlparse.c
@@ -6071,7 +6071,7 @@ setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE *elementType)
else
poolDiscard(&dtd->pool);
elementType->prefix = prefix;
-
+ break;
}
}
return 1;
|
debug log:
solving dd64b91965 ...
found dd64b91965 in https://yhetil.org/guix-patches/alpine.DEB.2.20.1907041947340.17508@marsh.hcoop.net/
applying [1/1] https://yhetil.org/guix-patches/alpine.DEB.2.20.1907041947340.17508@marsh.hcoop.net/
diff --git a/gnu/packages/patches/expat-CVE-2018-20843.patch b/gnu/packages/patches/expat-CVE-2018-20843.patch\r
new file mode 100644\r
index 0000000000..dd64b91965\r
1:7: trailing whitespace.
Fix extraction of namespace prefix from XML name.\r
1:8: trailing whitespace.
Fixes CVE-2018-20843\r
1:9: trailing whitespace.
\r
1:10: trailing whitespace.
diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c\r
1:11: trailing whitespace.
index 30d55c5..737d7cd 100644\r
Checking patch gnu/packages/patches/expat-CVE-2018-20843.patch...
Applied patch gnu/packages/patches/expat-CVE-2018-20843.patch cleanly.
warning: squelched 11 whitespace errors
warning: 16 lines add whitespace errors.
index at:
100644 927fa8a69e4adb4ce6764d77ab8a5ceba134dea1 gnu/packages/patches/expat-CVE-2018-20843.patch
(*) Git path names are given by the tree(s) the blob belongs to.
Blobs themselves have no identifier aside from the hash of its contents.^
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).