packagesR
/
raptor
19
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[trunk] -> [extra] 'raptor-2.0.15-21' add
packagesR/raptor/pipeline/head This commit looks good Details

Browse Source
master
Nathan Owens 3 months ago
parent 8e61790953
commit b574017f56
Signed by: ndowens
GPG Key ID: DC5A6F8092641E2D
6 changed files with 166 additions and 10 deletions
Show Stats Download Patch File Download Diff File

11
trunk/PKGBUILD
Unescape View File

@ -1,4 +1,4 @@
# Maintainer: David Runge <dvzrv@archlinux.org>
# Maintainer: Nathan <ndowens@artixlinux.org>
# Contributor: Tom Gundersen <teg@jklm.no>
# Contributor: Andreas Radke <andyrtr@archlinux.org>
# Contributor: eric <eric@archlinux.org>
@ -7,7 +7,7 @@
_name=raptor2
pkgname=raptor
pkgver=2.0.15
pkgrel=20
pkgrel=21
pkgdesc="A C library that parses RDF/XML/N-Triples into RDF triples"
arch=(x86_64)
url="https://librdf.org/raptor"
@ -18,16 +18,16 @@ provides=(libraptor2.so)
options=(debug)
source=(
https://librdf.org/dist/source/$_name-$pkgver.tar.gz
$pkgname-2.0.15-CVE-2017-18926.patch::https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch
$pkgname-2.0.15-CVE-2017-18926.patch
$pkgname-2.0.15-out_of_bounds.patch
$pkgname-2.0.15-disable_broken_test_suites.patch
)
sha512sums=('563dd01869eb4df8524ec12e2c0a541653874dcd834bd1eb265bc2943bb616968f624121d4688579cdce11b4f00a8ab53b7099f1a0850e256bb0a2c16ba048ee'
'203ae75dae8242fb7988a199df8a7337b0660871f5caa6c9098167536ba880ad55765bb60fd4315020f208ed3ae8dc03eb1b91241851410a961a797192ecb969'
'82f2f7ea4b72aa2bf444013a81db3cb17fcce2ae650bdb22eaab00d6d5cf7f950f7a550ffff49348db878f90f2753b407e6026d08d543cd0757c1687c6dad159'
'140f90d74fad8cdc6ef7fa14fa655e425552947d57068021362f8ae9efdded8ed31295e9bdd495fe70e646967062e28fa3ecd5831f9902134da5fe0a82607735'
'bfa5e2c10e33bab9ba85541ca78e903dbcbe07e2fbb654687e0b65fe46531bf385d7b3de36619b9919b7b4db3b803624d294cb8bfd63a89b96fc85cd2fda278e')
b2sums=('0a39c7b5705bfbf2daa0ca633f79693953b4dfe24c144008d1646a9840a36d4d7ce153b527450647127ec2522047dbd0a6e71f307ee5656951f7e4b610adfd22'
'a3f83e34686dfd55ad1c4b9e97f6ae046be31b8224846dfa2b83ba9228cb987c6ebb19f37f48c196fab56a1e1d007d71225ed12acc2188e088b95c7cff5a0beb'
'5e86b3bb1e80662363cbefa889b36810a4472c23ddb0a96960c13586124ac13031c6759e4abb3381e17a8f3b7cc941eaa3f97f3bc7c562f165db37efc47a39f8'
'ab11eeb648bf2cf8ac4ef4bbff4cdb77d1b713ad086268b656c7249363bf5752b535763f9a9fd34be4d72b3ff420cd87ee6970d3da6e24e5e2b067b9dbb9c29e'
'5f623afff5566d47d132c24e32b6b683b7eff15a9a819387b1764b1c222ae47f6e1948892b2a93af77375a3616f9276b00e6686108720da1005b47232b3f6b5f')
validpgpkeys=('F879F0DEDA780198DD08DC6443EC92504F71955A') # Dave Beckett <dave@dajobe.org>
@ -35,6 +35,7 @@ validpgpkeys=('F879F0DEDA780198DD08DC6443EC92504F71955A') # Dave Beckett <dave@d
prepare() {
# fix CVE-2017-18926:
# https://bugs.archlinux.org/task/68613
# https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f
patch -d $_name-$pkgver -Np1 -i ../$pkgname-2.0.15-CVE-2017-18926.patch
# fix out-of-bounds read:
# https://bugs.librdf.org/mantis/view.php?id=650

37
trunk/keys/pgp/F879F0DEDA780198DD08DC6443EC92504F71955A.asc
Unescape View File

@ -0,0 +1,37 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBDzYRdgRBACSUwsAQ8fo/ZFQjh4vtpixDx1DTRXcmmGqmv5kSBDQpv9EHb+v
4XWBm8pQWjQaaruQVZzUT6EU4FfBS/WqmC68+Zj7H7X3YI0qUxnjIUWeYrr/hxnw
FGE8nzGYuZ402JCkIU2v/abPEgqjkgFVaxA8WAl1LJWG8JjbbJyQIsYuywCgsMYY
R8RKyuZrBlXJ6m9apsmX8fMD/3GHpwMp2d5h8XM75rpiDm7AOPvSa99x2TNf7cYz
b0Mche3xvwsMYmrMPfstsGOXMubQJnTfcpl2iBFGIRiZvcGGBf6BGbX0bm/7kmHF
bV9RRWEm56aab+1Kt96oVpMC32knEG9aO7BynhroQ7jKAbKh+46qjKw85CKQP8p4
jqgoBACDvJhsRKHqHCHWvRjZm72bi1HA1Ykxlt9gXb3rYgRGvZECJ4uWxG4/lxqY
ONkTe6dkyKQbn4jWbIE+0UV0NXDPr2je4CW9H8+/Hemh/3QJzBgCS89RYOG0aoFy
Oi1UImJFTxc0Q83B+87zpa5ATPnBULXdD8YG005Tz5AKLZ1lX7QeRGF2ZSBCZWNr
ZXR0IDxkYXZlQGRham9iZS5vcmc+iGQEExECACQCGwMCHgECF4ACGQEFCwkIBwMF
FQoJCAsFFgIDAQAFAkuHcxcACgkQQ+ySUE9xlVoMrQCdHu9SSfobPfsumUZFPEw3
5xXIoXQAoIUBZADRaZjHjdtqloYE0nIuapc4tCBEYXZlIEJlY2tldHQgPGRham9i
ZUBkYWpvYmUub3JnPohhBBMRAgAhAhsDAh4BAheABQsJCAcDBRUKCQgLBRYCAwEA
BQJLh3MbAAoJEEPsklBPcZVao3wAniADUADdQl1D9K84akAQG2F4D/mPAJ9b/F2Q
Q8Z6cRpMfv/eqxanbB2hWbQgRGF2ZSBCZWNrZXR0IDxkYWpvYmVAZGViaWFuLm9y
Zz6IYQQTEQIAIQIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMBAAUCS4dzGwAKCRBD
7JJQT3GVWr9dAJoDrF7Uqyq71UmUuPqKP49eTCSinQCfZ9LRD+0FnkgIQcXz+i2o
L711kh60KURhdmUgQmVja2V0dCA8ZGF2ZS5iZWNrZXR0QGJyaXN0b2wuYWMudWs+
iGYEExECAB4CF4AFCwkIBwMFFQoJCAsFFgIDAQACHgEFAkuHcxsAEgdlR1BHAAEB
CRBD7JJQT3GVWpsgAJ0aZmJnfx5BY7W/SYblkDSYsCDQcgCcDk1ZsF7omgU67K3k
jRUL3UmW8h25Ag0ESaNCuxAIAJ2E+mego//IBRppzyUvhDIavqPXsLd7S3C6am7d
InjL08RqJ24ydmtkr0lIU8Bxr6RKJpXGGy+qgF46i4TmsN4spOSZUP/3nHUmuSxe
Csey8iqzJ6CUMk1ZuO8g6YRV+pSpayCRC+K8Q2yp58w1ouOdxUnMhn/zxgABKlZo
tepdaef2Wo7Pmw05WJOzNms3h39SLg29NuXRiDUBgC0ZhgBg8Kek0+GCJ6FxPHr5
VywxjIkmpi3RGSK6Wu1/+gZRdD4YHmjb0qLfkitPp05d1kIHOIMvifYItGMVuxKH
m+rV7PWmdzlDHjV7G0d2nC3p1Hg69SOMEXY16DLjLDhUAWcAAwUH/3HDN+33i7BW
2tfIQadCrqeIyrLHTtzzOxZwxohv4pV+9pJpTuprtJvkwGE1b2eYeGzLl5yIL6h6
jsDxjIa1tRASz3ncRoFtzPJINErbskb5UtixN2zOXlXWamI/IvC9Ql1lT2UvoGOK
Z7ocPaGdePHWimHYlgW9FdGe9bkSdhssu2WhstEbma4JkYP+A8iHDjLtG72+7W+x
RYLIocdObGBml4/uql5860KjfijIq9McyIFxJJKrqzRnx5VZKJbHXNGdg4EtSfoH
S/EiobUWr3P+ey1khKer2JKuFPUU7FwOPvBjCSSRjEFv/EAgpiWgaBL8KQAyvTyi
TAjXSy8QZVCISQQYEQIACQIbDAUCS4dzTgAKCRBD7JJQT3GVWqeEAKCcdMZ/cOHw
CzVEF5PwbpTPGXE3rwCgnvMdQ/lzMP8M0VYoMX0Dk9DHT6w=
=ioV9
-----END PGP PUBLIC KEY BLOCK-----

40
trunk/raptor-2.0.15-CVE-2017-18926.patch
Unescape View File

@ -0,0 +1,40 @@
From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
From: Dave Beckett <dave@dajobe.org>
Date: Sun, 16 Apr 2017 23:15:12 +0100
Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
(raptor_xml_writer_start_element_common): Calculate max including for
each attribute a potential name and value.
Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
---
src/raptor_xml_writer.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
index 693b94686..0d3a36a5a 100644
--- a/src/raptor_xml_writer.c
+++ b/src/raptor_xml_writer.c
@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
size_t nspace_declarations_count = 0;
unsigned int i;
- /* max is 1 per element and 1 for each attribute + size of declared */
if(nstack) {
- int nspace_max_count = element->attribute_count+1;
+ int nspace_max_count = element->attribute_count * 2; /* attr and value */
+ if(element->name->nspace)
+ nspace_max_count++;
if(element->declared_nspaces)
nspace_max_count += raptor_sequence_size(element->declared_nspaces);
if(element->xml_language)
@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
}
}
- /* Add the attribute + value */
+ /* Add the attribute's value */
nspace_declarations[nspace_declarations_count].declaration=
raptor_qname_format_as_xml(element->attributes[i],
&nspace_declarations[nspace_declarations_count].length);

11
x86_64/extra/PKGBUILD
Unescape View File

@ -1,4 +1,4 @@
# Maintainer: David Runge <dvzrv@archlinux.org>
# Maintainer: Nathan <ndowens@artixlinux.org>
# Contributor: Tom Gundersen <teg@jklm.no>
# Contributor: Andreas Radke <andyrtr@archlinux.org>
# Contributor: eric <eric@archlinux.org>
@ -7,7 +7,7 @@
_name=raptor2
pkgname=raptor
pkgver=2.0.15
pkgrel=20
pkgrel=21
pkgdesc="A C library that parses RDF/XML/N-Triples into RDF triples"
arch=(x86_64)
url="https://librdf.org/raptor"
@ -18,16 +18,16 @@ provides=(libraptor2.so)
options=(debug)
source=(
https://librdf.org/dist/source/$_name-$pkgver.tar.gz
$pkgname-2.0.15-CVE-2017-18926.patch::https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch
$pkgname-2.0.15-CVE-2017-18926.patch
$pkgname-2.0.15-out_of_bounds.patch
$pkgname-2.0.15-disable_broken_test_suites.patch
)
sha512sums=('563dd01869eb4df8524ec12e2c0a541653874dcd834bd1eb265bc2943bb616968f624121d4688579cdce11b4f00a8ab53b7099f1a0850e256bb0a2c16ba048ee'
'203ae75dae8242fb7988a199df8a7337b0660871f5caa6c9098167536ba880ad55765bb60fd4315020f208ed3ae8dc03eb1b91241851410a961a797192ecb969'
'82f2f7ea4b72aa2bf444013a81db3cb17fcce2ae650bdb22eaab00d6d5cf7f950f7a550ffff49348db878f90f2753b407e6026d08d543cd0757c1687c6dad159'
'140f90d74fad8cdc6ef7fa14fa655e425552947d57068021362f8ae9efdded8ed31295e9bdd495fe70e646967062e28fa3ecd5831f9902134da5fe0a82607735'
'bfa5e2c10e33bab9ba85541ca78e903dbcbe07e2fbb654687e0b65fe46531bf385d7b3de36619b9919b7b4db3b803624d294cb8bfd63a89b96fc85cd2fda278e')
b2sums=('0a39c7b5705bfbf2daa0ca633f79693953b4dfe24c144008d1646a9840a36d4d7ce153b527450647127ec2522047dbd0a6e71f307ee5656951f7e4b610adfd22'
'a3f83e34686dfd55ad1c4b9e97f6ae046be31b8224846dfa2b83ba9228cb987c6ebb19f37f48c196fab56a1e1d007d71225ed12acc2188e088b95c7cff5a0beb'
'5e86b3bb1e80662363cbefa889b36810a4472c23ddb0a96960c13586124ac13031c6759e4abb3381e17a8f3b7cc941eaa3f97f3bc7c562f165db37efc47a39f8'
'ab11eeb648bf2cf8ac4ef4bbff4cdb77d1b713ad086268b656c7249363bf5752b535763f9a9fd34be4d72b3ff420cd87ee6970d3da6e24e5e2b067b9dbb9c29e'
'5f623afff5566d47d132c24e32b6b683b7eff15a9a819387b1764b1c222ae47f6e1948892b2a93af77375a3616f9276b00e6686108720da1005b47232b3f6b5f')
validpgpkeys=('F879F0DEDA780198DD08DC6443EC92504F71955A') # Dave Beckett <dave@dajobe.org>
@ -35,6 +35,7 @@ validpgpkeys=('F879F0DEDA780198DD08DC6443EC92504F71955A') # Dave Beckett <dave@d
prepare() {
# fix CVE-2017-18926:
# https://bugs.archlinux.org/task/68613
# https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f
patch -d $_name-$pkgver -Np1 -i ../$pkgname-2.0.15-CVE-2017-18926.patch
# fix out-of-bounds read:
# https://bugs.librdf.org/mantis/view.php?id=650

37
x86_64/extra/keys/pgp/F879F0DEDA780198DD08DC6443EC92504F71955A.asc
Unescape View File

@ -0,0 +1,37 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBDzYRdgRBACSUwsAQ8fo/ZFQjh4vtpixDx1DTRXcmmGqmv5kSBDQpv9EHb+v
4XWBm8pQWjQaaruQVZzUT6EU4FfBS/WqmC68+Zj7H7X3YI0qUxnjIUWeYrr/hxnw
FGE8nzGYuZ402JCkIU2v/abPEgqjkgFVaxA8WAl1LJWG8JjbbJyQIsYuywCgsMYY
R8RKyuZrBlXJ6m9apsmX8fMD/3GHpwMp2d5h8XM75rpiDm7AOPvSa99x2TNf7cYz
b0Mche3xvwsMYmrMPfstsGOXMubQJnTfcpl2iBFGIRiZvcGGBf6BGbX0bm/7kmHF
bV9RRWEm56aab+1Kt96oVpMC32knEG9aO7BynhroQ7jKAbKh+46qjKw85CKQP8p4
jqgoBACDvJhsRKHqHCHWvRjZm72bi1HA1Ykxlt9gXb3rYgRGvZECJ4uWxG4/lxqY
ONkTe6dkyKQbn4jWbIE+0UV0NXDPr2je4CW9H8+/Hemh/3QJzBgCS89RYOG0aoFy
Oi1UImJFTxc0Q83B+87zpa5ATPnBULXdD8YG005Tz5AKLZ1lX7QeRGF2ZSBCZWNr
ZXR0IDxkYXZlQGRham9iZS5vcmc+iGQEExECACQCGwMCHgECF4ACGQEFCwkIBwMF
FQoJCAsFFgIDAQAFAkuHcxcACgkQQ+ySUE9xlVoMrQCdHu9SSfobPfsumUZFPEw3
5xXIoXQAoIUBZADRaZjHjdtqloYE0nIuapc4tCBEYXZlIEJlY2tldHQgPGRham9i
ZUBkYWpvYmUub3JnPohhBBMRAgAhAhsDAh4BAheABQsJCAcDBRUKCQgLBRYCAwEA
BQJLh3MbAAoJEEPsklBPcZVao3wAniADUADdQl1D9K84akAQG2F4D/mPAJ9b/F2Q
Q8Z6cRpMfv/eqxanbB2hWbQgRGF2ZSBCZWNrZXR0IDxkYWpvYmVAZGViaWFuLm9y
Zz6IYQQTEQIAIQIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMBAAUCS4dzGwAKCRBD
7JJQT3GVWr9dAJoDrF7Uqyq71UmUuPqKP49eTCSinQCfZ9LRD+0FnkgIQcXz+i2o
L711kh60KURhdmUgQmVja2V0dCA8ZGF2ZS5iZWNrZXR0QGJyaXN0b2wuYWMudWs+
iGYEExECAB4CF4AFCwkIBwMFFQoJCAsFFgIDAQACHgEFAkuHcxsAEgdlR1BHAAEB
CRBD7JJQT3GVWpsgAJ0aZmJnfx5BY7W/SYblkDSYsCDQcgCcDk1ZsF7omgU67K3k
jRUL3UmW8h25Ag0ESaNCuxAIAJ2E+mego//IBRppzyUvhDIavqPXsLd7S3C6am7d
InjL08RqJ24ydmtkr0lIU8Bxr6RKJpXGGy+qgF46i4TmsN4spOSZUP/3nHUmuSxe
Csey8iqzJ6CUMk1ZuO8g6YRV+pSpayCRC+K8Q2yp58w1ouOdxUnMhn/zxgABKlZo
tepdaef2Wo7Pmw05WJOzNms3h39SLg29NuXRiDUBgC0ZhgBg8Kek0+GCJ6FxPHr5
VywxjIkmpi3RGSK6Wu1/+gZRdD4YHmjb0qLfkitPp05d1kIHOIMvifYItGMVuxKH
m+rV7PWmdzlDHjV7G0d2nC3p1Hg69SOMEXY16DLjLDhUAWcAAwUH/3HDN+33i7BW
2tfIQadCrqeIyrLHTtzzOxZwxohv4pV+9pJpTuprtJvkwGE1b2eYeGzLl5yIL6h6
jsDxjIa1tRASz3ncRoFtzPJINErbskb5UtixN2zOXlXWamI/IvC9Ql1lT2UvoGOK
Z7ocPaGdePHWimHYlgW9FdGe9bkSdhssu2WhstEbma4JkYP+A8iHDjLtG72+7W+x
RYLIocdObGBml4/uql5860KjfijIq9McyIFxJJKrqzRnx5VZKJbHXNGdg4EtSfoH
S/EiobUWr3P+ey1khKer2JKuFPUU7FwOPvBjCSSRjEFv/EAgpiWgaBL8KQAyvTyi
TAjXSy8QZVCISQQYEQIACQIbDAUCS4dzTgAKCRBD7JJQT3GVWqeEAKCcdMZ/cOHw
CzVEF5PwbpTPGXE3rwCgnvMdQ/lzMP8M0VYoMX0Dk9DHT6w=
=ioV9
-----END PGP PUBLIC KEY BLOCK-----

40
x86_64/extra/raptor-2.0.15-CVE-2017-18926.patch
Unescape View File

@ -0,0 +1,40 @@
From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
From: Dave Beckett <dave@dajobe.org>
Date: Sun, 16 Apr 2017 23:15:12 +0100
Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
(raptor_xml_writer_start_element_common): Calculate max including for
each attribute a potential name and value.
Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
---
src/raptor_xml_writer.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
index 693b94686..0d3a36a5a 100644
--- a/src/raptor_xml_writer.c
+++ b/src/raptor_xml_writer.c
@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
size_t nspace_declarations_count = 0;
unsigned int i;
- /* max is 1 per element and 1 for each attribute + size of declared */
if(nstack) {
- int nspace_max_count = element->attribute_count+1;
+ int nspace_max_count = element->attribute_count * 2; /* attr and value */
+ if(element->name->nspace)
+ nspace_max_count++;
if(element->declared_nspaces)
nspace_max_count += raptor_sequence_size(element->declared_nspaces);
if(element->xml_language)
@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
}
}
- /* Add the attribute + value */
+ /* Add the attribute's value */
nspace_declarations[nspace_declarations_count].declaration=
raptor_qname_format_as_xml(element->attributes[i],
&nspace_declarations[nspace_declarations_count].length);
Write Preview
Loading…
Cancel
Save