diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/patches/expat-CVE-2018-20843.patch | 21 | ||||
-rw-r--r-- | gnu/packages/xml.scm | 8 |
3 files changed, 0 insertions, 30 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index b9575ad201..75cb7b62af 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -781,7 +781,6 @@ dist_patch_DATA = \ %D%/packages/patches/evilwm-lost-focus-bug.patch \ %D%/packages/patches/exiv2-CVE-2017-14860.patch \ %D%/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch \ - %D%/packages/patches/expat-CVE-2018-20843.patch \ %D%/packages/patches/extundelete-e2fsprogs-1.44.patch \ %D%/packages/patches/fastcap-mulGlobal.patch \ %D%/packages/patches/fastcap-mulSetup.patch \ diff --git a/gnu/packages/patches/expat-CVE-2018-20843.patch b/gnu/packages/patches/expat-CVE-2018-20843.patch deleted file mode 100644 index 216fbe9667..0000000000 --- a/gnu/packages/patches/expat-CVE-2018-20843.patch +++ /dev/null @@ -1,21 +0,0 @@ -Fix extraction of namespace prefix from XML name. -Fixes CVE-2018-20843 - -This patch comes from upstream commit 11f8838bf99ea0a6f0b76f9760c43704d00c4ff6 -https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6 - -CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 - -diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c -index 30d55c5..737d7cd 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -6071,7 +6071,7 @@ setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE *elementType) - else - poolDiscard(&dtd->pool); - elementType->prefix = prefix; -- -+ break; - } - } - return 1; diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index e708348006..78b9b713e5 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -88,14 +88,6 @@ stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags).") (license license:expat))) -(define expat/fixed - (package - (inherit expat) - (source - (origin - (inherit (package-source expat)) - (patches (search-patches "expat-CVE-2018-20843.patch")))))) - (define-public libebml (package (name "libebml") |