mirror of
git://slackware.nl/current.git
synced 2025-01-16 15:41:42 +01:00
87f850786e
patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Use-after-free of ID and IDREF attributes (Thanks to Shinji Sato for the report) Use-after-free in xmlXIncludeCopyRange (David Kilzer) Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong) Fix memory leak in xmlXPathCompNodeTest Fix null pointer deref in xmlStringGetNodeList Fix several memory leaks found by Coverity (David King) For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308 (* Security fix *) patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix use-after-free in xsltApplyTemplates Fix memory leak in xsltDocumentElem (David King) Fix memory leak in xsltCompileIdKeyPattern (David King) Fix double-free with stylesheets containing entity nodes For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560 (* Security fix *)
35 lines
1.5 KiB
Diff
35 lines
1.5 KiB
Diff
diff -up libxml2-2.9.0/xzlib.c.do-not-check-crc libxml2-2.9.0/xzlib.c
|
|
--- libxml2-2.9.0/xzlib.c.do-not-check-crc 2012-09-11 05:52:46.000000000 +0200
|
|
+++ libxml2-2.9.0/xzlib.c 2012-11-19 19:28:42.431700534 +0100
|
|
@@ -552,17 +552,20 @@ xz_decomp(xz_statep state)
|
|
#ifdef HAVE_ZLIB_H
|
|
if (state->how == GZIP) {
|
|
if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) {
|
|
- xz_error(state, LZMA_DATA_ERROR, "unexpected end of file");
|
|
- return -1;
|
|
- }
|
|
- if (crc != state->zstrm.adler) {
|
|
- xz_error(state, LZMA_DATA_ERROR, "incorrect data check");
|
|
- return -1;
|
|
- }
|
|
- if (len != (state->zstrm.total_out & 0xffffffffL)) {
|
|
- xz_error(state, LZMA_DATA_ERROR, "incorrect length check");
|
|
- return -1;
|
|
- }
|
|
+ /*
|
|
+ xz_error(state, LZMA_DATA_ERROR, "unexpected end of file");
|
|
+ return -1;
|
|
+ */
|
|
+ } else {
|
|
+ if (crc != state->zstrm.adler) {
|
|
+ xz_error(state, LZMA_DATA_ERROR, "incorrect data check");
|
|
+ return -1;
|
|
+ }
|
|
+ if (len != (state->zstrm.total_out & 0xffffffffL)) {
|
|
+ xz_error(state, LZMA_DATA_ERROR, "incorrect length check");
|
|
+ return -1;
|
|
+ }
|
|
+ }
|
|
state->strm.avail_in = 0;
|
|
state->strm.next_in = NULL;
|
|
state->strm.avail_out = 0;
|