From owner-freebsd-ports-bugs@FreeBSD.ORG  Fri Sep 26 16:40:04 2008
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E98521065688
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri, 26 Sep 2008 16:40:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id C44E98FC26
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri, 26 Sep 2008 16:40:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m8QGe37m049331
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Fri, 26 Sep 2008 16:40:03 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m8QGe3fr049330;
	Fri, 26 Sep 2008 16:40:03 GMT (envelope-from gnats)
Resent-Date: Fri, 26 Sep 2008 16:40:03 GMT
Resent-Message-Id: <200809261640.m8QGe3fr049330@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, bf <bf2006a@yahoo.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CAFE810656A0
	for <freebsd-gnats-submit@FreeBSD.org>;
	Fri, 26 Sep 2008 16:36:31 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id B8B728FC13
	for <freebsd-gnats-submit@FreeBSD.org>;
	Fri, 26 Sep 2008 16:36:31 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id m8QGaVwW035826
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 26 Sep 2008 16:36:31 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id m8QGaVFS035825;
	Fri, 26 Sep 2008 16:36:31 GMT (envelope-from nobody)
Message-Id: <200809261636.m8QGaVFS035825@www.freebsd.org>
Date: Fri, 26 Sep 2008 16:36:31 GMT
From: bf <bf2006a@yahoo.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Cc: 
Subject: ports/127661: [PATCH]textproc/libxml2: update to 2.7.1,
	which includes security fixes
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Sep 2008 16:40:04 -0000


>Number:         127661
>Category:       ports
>Synopsis:       [PATCH]textproc/libxml2: update to 2.7.1, which includes security fixes
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 26 16:40:03 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     bf
>Release:        7-STABLE i386
>Organization:
-
>Environment:
>Description:
I hesitated to suggest a change to this port during slush, because it
has a number of important dependencies, but I think that it would be better 
to address the security problems with the current version sooner rather than
later.  I didn't see an update to this port in the marcuscom repository ports
module, although one person did make a reference to one of the security
problems in a post to the freebsd-gnome mailing list.  There are two options
to deal with the security problems: either stick with 2.6.32 and patch it; or update to 2.7.1.  Since I'm guessing that we'll eventually be moving to the
newer version, I chose the latter. Besides, 2.7.1 has some other improvements:
in addition to fixes for CVE-2008-3281 and CVE-2008-3529, it also fixes other
bugs, and attempts to prevent more of the kinds of attacks described in
CVE-2003-1564 than does 2.6.32.  This didn't cause any problems in the
dependent ports that I have installed on 7-STABLE i386.  It also passed most
of the bundled regression tests.  In a cursory check of some related mailing
lists, I found some mention of problems that 2.7.0 caused with a few other pieces of software that had abused the libxml2 API, but these seem to have been
addressed in 2.7.1, and in the other software. Also, 2.7.1 seems to have been
incorporated in Red Hat's package system and NetBSD pkgsrc, so it seems okay to
stick it in.  If these changes, are accepted, py-libxml2 will also need a small
patch, which I will send in a subsequent message.

For an overview of changes, see:

http://xmlsoft.org/news.html
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN libxml2.orig/Makefile libxml2/Makefile
--- libxml2.orig/Makefile	2008-09-21 02:17:35.033361776 -0400
+++ libxml2/Makefile	2008-09-21 04:03:28.421022218 -0400
@@ -12,7 +12,7 @@
 #
 
 PORTNAME=	libxml2
-PORTVERSION=	2.6.32
+PORTVERSION=	2.7.1
 PORTREVISION?=	0
 CATEGORIES?=	textproc gnome
 MASTER_SITES=	ftp://fr.rpmfind.net/pub/libxml/ \
@@ -65,6 +65,9 @@
 .endif
 
 post-patch:
+	@${REINPLACE_CMD} -e 's|%%FREEBSD_LIBXML_VERSION_INFO%%|5:1:0|' \
+		${WRKSRC}/Makefile.in
+
 .for d in . doc doc/devhelp doc/examples
 	@${REINPLACE_CMD} -e '/^install-data-am:/ s|install-data-local||' \
 		${WRKSRC}/${d}/Makefile.in
diff -ruN libxml2.orig/distinfo libxml2/distinfo
--- libxml2.orig/distinfo	2008-09-21 02:17:35.033361776 -0400
+++ libxml2/distinfo	2008-09-21 04:03:28.421022218 -0400
@@ -1,3 +1,3 @@
-MD5 (gnome2/libxml2-2.6.32.tar.gz) = 2621d322c16f0257e30f0ff2b13384de
-SHA256 (gnome2/libxml2-2.6.32.tar.gz) = 1b4428b879afcaae3c2013b21283baad040661fbd502e893e83adc3d15c85d53
-SIZE (gnome2/libxml2-2.6.32.tar.gz) = 4722227
+MD5 (gnome2/libxml2-2.7.1.tar.gz) = abc093e9ac7ea1aabf37982ae9df6d6c
+SHA256 (gnome2/libxml2-2.7.1.tar.gz) = 636d3f2c08ff69dd96182d49a3c75027d1bfe8e645e5a1d075a51fc9a9065bd9
+SIZE (gnome2/libxml2-2.7.1.tar.gz) = 4769568
diff -ruN libxml2.orig/files/patch-aa libxml2/files/patch-aa
--- libxml2.orig/files/patch-aa	2008-09-21 02:17:34.993361999 -0400
+++ libxml2/files/patch-aa	2008-09-21 04:03:28.421022218 -0400
@@ -1,31 +1,24 @@
---- Makefile.in.orig	2008-01-22 15:47:56.000000000 -0500
-+++ Makefile.in	2008-01-22 15:49:21.000000000 -0500
-@@ -486,13 +486,13 @@ sysconfdir = @sysconfdir@
- target_alias = @target_alias@
- top_builddir = @top_builddir@
- top_srcdir = @top_srcdir@
--SUBDIRS = include . doc example xstc @PYTHON_SUBDIR@
-+SUBDIRS = include . doc example xstc @WITH_PYTHON_TRUE@ @PYTHON_SUBDIR@
- DIST_SUBDIRS = include . doc example python xstc
- INCLUDES = -I$(top_builddir)/include -I@srcdir@/include @THREAD_CFLAGS@ @Z_CFLAGS@ 
+--- Makefile.in.orig	2008-09-21 02:30:27.355231455 -0400
++++ Makefile.in	2008-09-21 03:31:02.901115638 -0400
+@@ -519,7 +519,7 @@
  bin_SCRIPTS = xml2-config
  lib_LTLIBRARIES = libxml2.la
  libxml2_la_LIBADD = @THREAD_LIBS@ @Z_LIBS@ $(ICONV_LIBS) @M_LIBS@ @WIN32_EXTRA_LIBADD@
 -libxml2_la_LDFLAGS = @CYGWIN_EXTRA_LDFLAGS@ @WIN32_EXTRA_LDFLAGS@ -version-info @LIBXML_VERSION_INFO@ @MODULE_PLATFORM_LIBS@
-+libxml2_la_LDFLAGS = @CYGWIN_EXTRA_LDFLAGS@ @WIN32_EXTRA_LDFLAGS@ -version-info 5:0:0 @MODULE_PLATFORM_LIBS@
++libxml2_la_LDFLAGS = @CYGWIN_EXTRA_LDFLAGS@ @WIN32_EXTRA_LDFLAGS@ -version-info %%FREEBSD_LIBXML_VERSION_INFO%% @MODULE_PLATFORM_LIBS@
  @WITH_TRIO_SOURCES_FALSE@libxml2_la_SOURCES = SAX.c entities.c encoding.c error.c parserInternals.c  \
  @WITH_TRIO_SOURCES_FALSE@		parser.c tree.c hash.c list.c xmlIO.c xmlmemory.c uri.c  \
  @WITH_TRIO_SOURCES_FALSE@		valid.c xlink.c HTMLparser.c HTMLtree.c debugXML.c xpath.c  \
-@@ -590,7 +590,7 @@ testapi_LDFLAGS = 
- testapi_DEPENDENCIES = $(DEPS)
- testapi_LDADD = $(LDADDS)
- CLEANFILES = xml2Conf.sh
+@@ -633,7 +633,7 @@
+ runxmlconf_DEPENDENCIES = $(DEPS)
+ runxmlconf_LDADD = $(LDADDS)
+ CLEANFILES = xml2Conf.sh *.gcda *.gcno
 -confexecdir = $(libdir)
 +confexecdir = $(sysconfdir)
  confexec_DATA = xml2Conf.sh
  CVS_EXTRA_DIST = 
  EXTRA_DIST = xml2-config.in xml2Conf.sh.in libxml.spec.in libxml2.spec \
-@@ -613,8 +613,8 @@ pkgconfig_DATA = libxml-2.0.pc
+@@ -656,8 +656,8 @@
  # Install the tests program sources as examples 
  #
  BASE_DIR = $(datadir)/doc
@@ -33,12 +26,12 @@
 -EXAMPLES_DIR = $(BASE_DIR)/$(DOC_MODULE)/examples
 +DOC_MODULE = libxml2
 +EXAMPLES_DIR = $(datadir)/examples/libxml2
- all: config.h
- 	$(MAKE) $(AM_MAKEFLAGS) all-recursive
  
-@@ -1344,7 +1344,7 @@ distcleancheck: distclean
+ #
+ # Coverage support, largely borrowed from libvirt
+@@ -1414,7 +1414,7 @@
+ 	       exit 1; } >&2
  check-am: all-am
- 	$(MAKE) $(AM_MAKEFLAGS) check-local
  check: check-recursive
 -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(SCRIPTS) $(MANS) $(DATA) \
 +all-am: Makefile $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \


>Release-Note:
>Audit-Trail:
>Unformatted: