diff --git a/expat.spec b/expat.spec index 20fb3d0..d2cbd36 100644 --- a/expat.spec +++ b/expat.spec @@ -1,11 +1,12 @@ %define Rversion %(echo %{version} | sed -e 's/\\./_/g' -e 's/^/R_/') Name: expat Version: 2.4.8 -Release: 1 +Release: 2 Summary: An XML parser library License: MIT URL: https://libexpat.github.io/ Source0: https://github.com/libexpat/libexpat/releases/download/%{Rversion}/expat-%{version}.tar.gz +Patch1: xmlparse.CVE-2022-40674.patch BuildRequires: sed,autoconf,automake,gcc-c++,libtool,xmlto @@ -59,6 +60,9 @@ make check %{_mandir}/man1/* %changelog +* Thu Sep 15 2022 dillon chen -2.4.8-2 +- fix CVE-2022-40674 + * Fri Jul 1 2022 panxiaohe - 2.4.8-1 - update to 2.4.8 diff --git a/xmlparse.CVE-2022-40674.patch b/xmlparse.CVE-2022-40674.patch new file mode 100644 index 0000000..7a7fced --- /dev/null +++ b/xmlparse.CVE-2022-40674.patch @@ -0,0 +1,31 @@ +--- expat-2.4.8/lib/xmlparse.c 2022-03-29 05:11:43.000000000 +0800 ++++ xmlparse.c 2022-09-15 10:56:50.317146415 +0800 +@@ -4271,7 +4271,7 @@ + const XML_Char *storedEncName = NULL; + const ENCODING *newEncoding = NULL; + const char *version = NULL; +- const char *versionend; ++ const char *versionend = NULL; + const XML_Char *storedversion = NULL; + int standalone = -1; + +@@ -5826,10 +5826,15 @@ + { + parser->m_processor = contentProcessor; + /* see externalEntityContentProcessor vs contentProcessor */ +- return doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding, +- s, end, nextPtr, +- (XML_Bool)! parser->m_parsingStatus.finalBuffer, +- XML_ACCOUNT_DIRECT); ++ result = doContent(parser, parser->m_parentParser ? 1 : 0, ++ parser->m_encoding, s, end, nextPtr, ++ (XML_Bool)! parser->m_parsingStatus.finalBuffer, ++ XML_ACCOUNT_DIRECT); ++ if (result == XML_ERROR_NONE) { ++ if (! storeRawNames(parser)) ++ return XML_ERROR_NO_MEMORY; ++ } ++ return result; + } + } +