xerces-c: update to 3.1.4 to fix security issues.

2025-02-03 08:07:15 +08:00 · 2016-07-02 09:12:04 +01:00 · 2016-07-02 09:12:04 +01:00 · a785c683c7
commit a785c683c7
parent 515e4b9bfa
2 changed files with 4 additions and 30 deletions
--- a/xerces-c/PKGBUILD
+++ b/xerces-c/PKGBUILD
@ -1,20 +1,13 @@
 pkgname=xerces-c
-pkgver=3.1.3
-pkgrel=2
+pkgver=3.1.4
+pkgrel=1
 pkgdesc="A validating XML parser written in a portable subset of C++"
 arch=('x86_64')
 url="http://xerces.apache.org/xerces-c/"
 license=("APACHE")
 depends=('gcc-libs' 'curl')
-source=("http://apache.osuosl.org/xerces/c/3/sources/${pkgname}-${pkgver}.tar.gz"
-        'xerces-c-cve-2016-2099.patch')
-md5sums=('70320ab0e3269e47d978a6ca0c0e1e2d'
-         '382aa993dc070be469e2ff2b2a9bad09')
-
-prepare() {
-  cd "${pkgname}-${pkgver}"
-  patch -p1 -i ../xerces-c-cve-2016-2099.patch
-}
+source=("http://apache.osuosl.org/xerces/c/3/sources/${pkgname}-${pkgver}.tar.gz")
+md5sums=('21bb097b711a513275379b59757cba4c')

 build() {
  cd ${pkgname}-${pkgver}
--- a/xerces-c/xerces-c-cve-2016-2099.patch
+++ b/xerces-c/xerces-c-cve-2016-2099.patch
@ -1,19 +0,0 @@
--- a/src/xercesc/validators/DTD/DTDScanner.cpp
-+++ b/src/xercesc/validators/DTD/DTDScanner.cpp
-@@ -2509,7 +2509,15 @@ void DTDScanner::scanExtSubsetDecl(const
-         {
-             while (true)
-             {
-                const XMLCh nextCh = fReaderMgr->peekNextChar();
-+                XMLCh nextCh;
-+
-+                try {
-+                    nextCh = fReaderMgr->peekNextChar();
-+                }
-+                catch (XMLException& ex) {
-+                    fScanner->emitError(XMLErrs::XMLException_Fatal, ex.getCode(), ex.getMessage(), NULL, NULL);
-+                    nextCh = chNull;
-+                }
- 
-                 if (!nextCh)
-                 {