libxml2: add multiple security patches

Fixes for CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919,
CVE-2012-0841 and others from upstream.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>

1 files changed, 21 insertions, 0 deletions

diff --git a/package/libxml2/libxml2-2.7.8-allocation-error-copying-entities.patch b/package/libxml2/libxml2-2.7.8-allocation-error-copying-entities.patch
new file mode 100644
index 000000000..c0d943311
--- /dev/null
+++ b/package/libxml2/libxml2-2.7.8-allocation-error-copying-entities.patch
@@ -0,0 +1,21 @@
+From 5bd3c061823a8499b27422aee04ea20aae24f03e Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Fri, 16 Dec 2011 10:53:35 +0000
+Subject: Fix an allocation error when copying entities
+
+---
+diff --git a/parser.c b/parser.c
+index 4e5dcb9..c55e41d 100644
+--- a/parser.c
++++ b/parser.c
+@@ -2709,7 +2709,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
+ 
+ 		buffer[nbchars++] = '&';
+ 		if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) {
+-		    growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
++		    growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE);
+ 		}
+ 		for (;i > 0;i--)
+ 		    buffer[nbchars++] = *cur++;
+--
+cgit v0.9.0.2