security fix

author: Andreas Proschofsky <suka@gentoo.org> 2004-04-24 10:48:06 +0000
committer: Andreas Proschofsky <suka@gentoo.org> 2004-04-24 10:48:06 +0000
commit: e373f4e2b48bbd1d5bc955db43de8f510eb406d6 (patch)
tree: e0d36400959bd1c38c676312e3512157573076b8 /app-office/openoffice
parent: update copyright years (diff)
download: historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.tar.gz
historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.tar.bz2
historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.zip
8 files changed, 498 insertions, 27 deletions
diff --git a/app-office/openoffice/ChangeLog b/app-office/openoffice/ChangeLog
index e4583367c13d..af35a89ecddc 100644
--- a/app-office/openoffice/ChangeLog
+++ b/app-office/openoffice/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for app-office/openoffice
 # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/ChangeLog,v 1.66 2004/04/16 09:05:20 pauldv Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/ChangeLog,v 1.67 2004/04/24 10:48:06 suka Exp $
+
+  24 Apr 2004; suka@gentoo.org +files/1.1.0/neon.patch,
+  +files/1.1.1/neon.patch, openoffice-1.1.0-r2.ebuild,
+  openoffice-1.1.0-r3.ebuild, openoffice-1.1.1.ebuild:
+  Security fix, see:
+  http://secunia.com/advisories/11364/
 
   16 Apr 2004; Paul de Vrieze <pauldv@gentoo.org> openoffice-1.1.1.ebuild:
   Filter out LC_ALL as it breaks things
diff --git a/app-office/openoffice/Manifest b/app-office/openoffice/Manifest
index e6f84e08291b..348c88e5f0c8 100644
--- a/app-office/openoffice/Manifest
+++ b/app-office/openoffice/Manifest
@@ -1,40 +1,42 @@
-MD5 6b4172602645dc78be6218d63cc8ee93 openoffice-1.1.0-r2.ebuild 20288
-MD5 c90aa71c45606a9cfa4394e638ed6d2c openoffice-1.1.1.ebuild 16260
-MD5 c0a6d36a7529f0a22bae30399b11bc5d openoffice-1.0.3-r1.ebuild 21888
+MD5 63bbb60febb16f544ee1c2036900549e openoffice-1.1.0-r2.ebuild 20341
+MD5 dac3db6e3bb4f36a27b8120494bbfb93 openoffice-1.1.1.ebuild 16311
+MD5 8862134fb615f9cb94963c0eb189df30 openoffice-1.0.3-r1.ebuild 21885
+MD5 fe324ef2792a49d1e5e29958f2fdb2ea openoffice-1.1.0-r3.ebuild 15951
+MD5 932ecc41e083520d1742fedf2eacada7 ChangeLog 16041
 MD5 e3ec4a70395943b59adad7fc4f0538d7 metadata.xml 461
-MD5 df66a68166f311f545ab468a3dcc5302 ChangeLog 15816
-MD5 21a72230c73df5f6951aaf77581fd1bc openoffice-1.1.0-r3.ebuild 15900
+MD5 8382af8b277f267e568feab0f7976f3c files/digest-openoffice-1.1.1 130
+MD5 b1ec8fd75e9b93ccf4a4f0c926de5199 files/digest-openoffice-1.0.3-r1 330
 MD5 9d1828c128b70f1612c0c31b69719a26 files/digest-openoffice-1.1.0-r2 195
 MD5 601e987d3fa97d8dfc4cdd052b0e9832 files/digest-openoffice-1.1.0-r3 128
-MD5 b1ec8fd75e9b93ccf4a4f0c926de5199 files/digest-openoffice-1.0.3-r1 330
-MD5 8382af8b277f267e568feab0f7976f3c files/digest-openoffice-1.1.1 130
-MD5 46080de39ef5acd7488ce1e76ac10cbe files/1.0.3/ooffice-wrapper-1.3 8362
-MD5 3834566292e23e2832f625e0b5accf85 files/1.0.3/openoffice-1.0.1-use-STLport-4.5.3.patch 10485
-MD5 3fe10dea0d52c0779a9929b021d84e43 files/1.0.3/openoffice-1.0.1-compiler-flags.patch 954
-MD5 ce580b49f86ec9ab3ceba58268c886df files/1.0.3/openoffice-1.0.1-sparc.patch.bz2 15843
-MD5 bf8388f4d41ad2ed1a38a0aa2d8fe4ce files/1.0.3/openoffice-1.0.3-sparc-gentoo.patch 580
-MD5 edb031b5b0c87b33ff0cd9b5a6fc4a79 files/1.0.3/openoffice-1.0.1-use-freetype-2.1.3.patch 14774
-MD5 5d4663d4ee957ca7329fed3e72e9555c files/1.0.3/openoffice-1.0.1-use-STLport-4.5.3-newgcc.patch 10481
 MD5 c6d765863f974f7f6f6b17d20ad95541 files/1.0.3/openoffice-1.0.1-fix-asm.patch 2207
-MD5 aae1ec77961ab6273026a12a6cf9804c files/1.0.3/openoffice-1.0.2-default-fonts.patch 15285
 MD5 e448fa25e672e8e100a5d68adb75dda3 files/1.0.3/freetype-2.1.3.patch 1367
-MD5 d1194605b25954eaa73f74d9d3982a9b files/1.0.3/openoffice-1.0.1-no-mozab.patch 2496
 MD5 271539dafab707398e9b806eef8f250a files/1.0.3/ooffice-wrapper-1.2 8220
+MD5 46080de39ef5acd7488ce1e76ac10cbe files/1.0.3/ooffice-wrapper-1.3 8362
 MD5 58a4bf52e74e8e287c29956229b94ff9 files/1.0.3/openoffice-1.0.1-xinteraction-fix.patch 1052
 MD5 d56f7c3ee055eb733a7d6a9d87ccc6d7 files/1.0.3/openoffice-1.0.1-fix-jdk-1.4.0.patch 2091
+MD5 5d4663d4ee957ca7329fed3e72e9555c files/1.0.3/openoffice-1.0.1-use-STLport-4.5.3-newgcc.patch 10481
 MD5 67ce98390eb8da814deb778bc3b524f7 files/1.0.3/vcl.printcxx.OOO_STABLE_1_PORTS.100102.patch 612
-MD5 80d0277676c6b7e55b29a12b02eae325 files/1.0.3/openoffice-1.0.2-ft-antialias-advice.patch 596
+MD5 aae1ec77961ab6273026a12a6cf9804c files/1.0.3/openoffice-1.0.2-default-fonts.patch 15285
+MD5 3834566292e23e2832f625e0b5accf85 files/1.0.3/openoffice-1.0.1-use-STLport-4.5.3.patch 10485
+MD5 d1194605b25954eaa73f74d9d3982a9b files/1.0.3/openoffice-1.0.1-no-mozab.patch 2496
 MD5 d61186f38b5e704b69af03ce33a9053d files/1.0.3/openoffice-errno.patch 291
-MD5 7499a81bad1959834a0e6f995200e3e8 files/1.1.0/openoffice-1.1.0-linux-2.6-fix.patch 603
+MD5 3fe10dea0d52c0779a9929b021d84e43 files/1.0.3/openoffice-1.0.1-compiler-flags.patch 954
+MD5 bf8388f4d41ad2ed1a38a0aa2d8fe4ce files/1.0.3/openoffice-1.0.3-sparc-gentoo.patch 580
+MD5 ce580b49f86ec9ab3ceba58268c886df files/1.0.3/openoffice-1.0.1-sparc.patch.bz2 15843
+MD5 edb031b5b0c87b33ff0cd9b5a6fc4a79 files/1.0.3/openoffice-1.0.1-use-freetype-2.1.3.patch 14774
+MD5 80d0277676c6b7e55b29a12b02eae325 files/1.0.3/openoffice-1.0.2-ft-antialias-advice.patch 596
+MD5 fa0af18a5e8a31bf68e0cdbb2f0e4981 files/1.1.0/fixed-gcc.patch 644
 MD5 ea579df37ecea73bc37977db44c7bba4 files/1.1.0/ooffice-wrapper-1.3 8972
-MD5 309ec50c6facc777068caebd51640c92 files/1.1.0/no-mozab.patch 2741
 MD5 35601b7efe487b346f78d43c23e2f8f3 files/1.1.0/openoffice-java.patch 2092
 MD5 0b9b6204209b8be145648863dbffaa99 files/1.1.0/openoffice-1.1.0-sparc64-fix.patch 400
+MD5 7499a81bad1959834a0e6f995200e3e8 files/1.1.0/openoffice-1.1.0-linux-2.6-fix.patch 603
+MD5 ee20d490a8aa62d79ca65e99339e3397 files/1.1.0/neon.patch 8300
+MD5 309ec50c6facc777068caebd51640c92 files/1.1.0/no-mozab.patch 2741
 MD5 7978a9c1f590a83622b8040ee83197a4 files/1.1.0/nptl.patch 1285
-MD5 fa0af18a5e8a31bf68e0cdbb2f0e4981 files/1.1.0/fixed-gcc.patch 644
 MD5 93eb1ff95722454c0eb92a916dc4877d files/1.1.0/newstlportfix.patch 17655
 MD5 4b2f3102e273ff72e281ed0d481b1526 files/1.1.1/ooffice-wrapper-1.3 9166
 MD5 35601b7efe487b346f78d43c23e2f8f3 files/1.1.1/openoffice-java.patch 2092
-MD5 fc8711196de6324c9fae45342d159bf3 files/1.1.1/build.patch 330
+MD5 ee20d490a8aa62d79ca65e99339e3397 files/1.1.1/neon.patch 8300
 MD5 7978a9c1f590a83622b8040ee83197a4 files/1.1.1/nptl.patch 1285
+MD5 fc8711196de6324c9fae45342d159bf3 files/1.1.1/build.patch 330
 MD5 d08ea5bce1e9a925cbd712607f89f920 files/1.1.1/newstlportfix.patch 10032
diff --git a/app-office/openoffice/files/1.1.0/neon.patch b/app-office/openoffice/files/1.1.0/neon.patch
new file mode 100644
index 000000000000..d68adb2eb353
--- /dev/null
+++ b/app-office/openoffice/files/1.1.0/neon.patch
@@ -0,0 +1,227 @@
+--- /work/ooo/gnome-ooo/openoffice/build/OOO_1_1_1/neon/neon.patch	2004-03-19 17:32:52.000000000 -0500
++++ neon/neon.patch	2004-04-05 12:38:42.000000000 -0400
+@@ -135,8 +134,8 @@
+ ! #define read _read
+ ! 
+ ! #endif
+-*** misc/neon-0.23.5/src/makefile.mk	Tue Oct 22 17:55:55 2002
+---- misc/build/neon-0.23.5/src/makefile.mk	Tue Oct 22 17:35:49 2002
++*** misc/neon-0.23.5/src/makefile.mk	2004-04-05 12:38:37.706437510 -0400
++--- misc/build/neon-0.23.5/src/makefile.mk	2004-04-05 12:21:47.810143789 -0400
+ ***************
+ *** 1 ****
+ ! dummy
+@@ -190,8 +189,173 @@
+ ! # --- Targets ------------------------------------------------------
+ ! 
+ ! .INCLUDE :  target.mk
+-*** misc/neon-0.23.5/src/ne_props.c	Sun Jul 14 13:18:06 2002
+---- misc/build/neon-0.23.5/src/ne_props.c	Tue Oct 22 17:35:49 2002
++*** misc/neon-0.23.5/src/ne_207.c	2002-06-23 10:04:36.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_207.c	2004-04-05 12:38:18.221460697 -0400
++***************
++*** 1,6 ****
++  /* 
++     WebDAV 207 multi-status response handling
++!    Copyright (C) 1999-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     WebDAV 207 multi-status response handling
++!    Copyright (C) 1999-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 358,369 ****
++  	if (ne_get_status(req)->code == 207) {
++  	    if (!ne_xml_valid(p)) { 
++  		/* The parse was invalid */
++! 		ne_set_error(sess, ne_xml_get_error(p));
++  		ret = NE_ERROR;
++  	    } else if (ctx.is_error) {
++  		/* If we've actually got any error information
++  		 * from the 207, then set that as the error */
++! 		ne_set_error(sess, ctx.buf->data);
++  		ret = NE_ERROR;
++  	    }
++  	} else if (ne_get_status(req)->klass != 2) {
++--- 358,369 ----
++  	if (ne_get_status(req)->code == 207) {
++  	    if (!ne_xml_valid(p)) { 
++  		/* The parse was invalid */
++! 		ne_set_error(sess, "%s", ne_xml_get_error(p));
++  		ret = NE_ERROR;
++  	    } else if (ctx.is_error) {
++  		/* If we've actually got any error information
++  		 * from the 207, then set that as the error */
++! 		ne_set_error(sess, "%s", ctx.buf->data);
++  		ret = NE_ERROR;
++  	    }
++  	} else if (ne_get_status(req)->klass != 2) {
++*** misc/neon-0.23.5/src/ne_auth.c	2002-10-07 16:33:17.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_auth.c	2004-04-05 12:38:18.223460387 -0400
++***************
++*** 908,914 ****
++      if (areq->auth_info_hdr != NULL && 
++  	verify_response(areq, sess, areq->auth_info_hdr)) {
++  	NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n");
++! 	ne_set_error(sess->sess, _(sess->spec->fail_msg));
++  	ret = NE_ERROR;
++      } else if (status->code == sess->spec->status_code && 
++  	       areq->auth_hdr != NULL) {
++--- 908,914 ----
++      if (areq->auth_info_hdr != NULL && 
++  	verify_response(areq, sess, areq->auth_info_hdr)) {
++  	NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n");
++! 	ne_set_error(sess->sess, "%s", _(sess->spec->fail_msg));
++  	ret = NE_ERROR;
++      } else if (status->code == sess->spec->status_code && 
++  	       areq->auth_hdr != NULL) {
++*** misc/neon-0.23.5/src/ne_compress.c	2002-09-18 16:50:34.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_compress.c	2004-04-05 12:38:18.225460077 -0400
++***************
++*** 1,6 ****
++  /* 
++     Handling of compressed HTTP responses
++!    Copyright (C) 2001-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     Handling of compressed HTTP responses
++!    Copyright (C) 2001-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 252,258 ****
++  	     * doesn't work, and this does, but I have no idea why..
++  	     * Google showed me the way. */
++  	    if (inflateInit2(&ctx->zstr, -MAX_WBITS) != Z_OK) {
++! 		ne_set_error(ctx->session, ctx->zstr.msg);
++  		ctx->state = NE_Z_ERROR;
++  		return;
++  	    }
++--- 252,258 ----
++  	     * doesn't work, and this does, but I have no idea why..
++  	     * Google showed me the way. */
++  	    if (inflateInit2(&ctx->zstr, -MAX_WBITS) != Z_OK) {
++! 		ne_set_error(ctx->session, "%s", ctx->zstr.msg);
++  		ctx->state = NE_Z_ERROR;
++  		return;
++  	    }
++*** misc/neon-0.23.5/src/ne_locks.c	2002-08-05 16:10:53.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_locks.c	2004-04-05 12:38:18.227459766 -0400
++***************
++*** 723,729 ****
++  	}
++  	else if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++--- 723,729 ----
++  	}
++  	else if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, "%s", ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++***************
++*** 792,798 ****
++      if (ret == NE_OK && ne_get_status(req)->klass == 2) {
++  	if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++--- 792,798 ----
++      if (ret == NE_OK && ne_get_status(req)->klass == 2) {
++  	if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, "%s", ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++*** misc/neon-0.23.5/src/ne_props.c	2002-07-14 07:18:06.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_props.c	2004-04-05 12:38:27.458027606 -0400
++***************
++*** 1,6 ****
++  /* 
++     WebDAV property manipulation
++!    Copyright (C) 2000-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     WebDAV property manipulation
++!    Copyright (C) 2000-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 136,142 ****
++      if (ret == NE_OK && ne_get_status(req)->klass != 2) {
++  	ret = NE_ERROR;
++      } else if (!ne_xml_valid(handler->parser)) {
++! 	ne_set_error(handler->sess, ne_xml_get_error(handler->parser));
++  	ret = NE_ERROR;
++      }
++  
++--- 136,142 ----
++      if (ret == NE_OK && ne_get_status(req)->klass != 2) {
++  	ret = NE_ERROR;
++      } else if (!ne_xml_valid(handler->parser)) {
++! 	ne_set_error(handler->sess, "%s", ne_xml_get_error(handler->parser));
++  	ret = NE_ERROR;
++      }
++  
+ ***************
+ *** 457,462 ****
+ --- 457,465 ----
+@@ -204,3 +368,37 @@
+       /* If we get a non-2xx response back here, we wipe the value for
+        * each of the properties in this propstat, so the caller knows to
+        * look at the status instead. It's annoying, since for each prop
++*** misc/neon-0.23.5/src/ne_xml.c	2002-10-08 15:11:31.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_xml.c	2004-04-05 12:38:18.232458991 -0400
++***************
++*** 1,6 ****
++  /* 
++     Higher Level Interface to XML Parsers.
++!    Copyright (C) 1999-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     Higher Level Interface to XML Parsers.
++!    Copyright (C) 1999-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 860,866 ****
++  
++  void ne_xml_set_error(ne_xml_parser *p, const char *msg)
++  {
++!     ne_snprintf(p->error, ERR_SIZE, msg);
++  }
++  
++  #ifdef HAVE_LIBXML
++--- 860,866 ----
++  
++  void ne_xml_set_error(ne_xml_parser *p, const char *msg)
++  {
++!     ne_snprintf(p->error, ERR_SIZE, "%s", msg);
++  }
++  
++  #ifdef HAVE_LIBXML
diff --git a/app-office/openoffice/files/1.1.1/neon.patch b/app-office/openoffice/files/1.1.1/neon.patch
new file mode 100644
index 000000000000..d68adb2eb353
--- /dev/null
+++ b/app-office/openoffice/files/1.1.1/neon.patch
@@ -0,0 +1,227 @@
+--- /work/ooo/gnome-ooo/openoffice/build/OOO_1_1_1/neon/neon.patch	2004-03-19 17:32:52.000000000 -0500
++++ neon/neon.patch	2004-04-05 12:38:42.000000000 -0400
+@@ -135,8 +134,8 @@
+ ! #define read _read
+ ! 
+ ! #endif
+-*** misc/neon-0.23.5/src/makefile.mk	Tue Oct 22 17:55:55 2002
+---- misc/build/neon-0.23.5/src/makefile.mk	Tue Oct 22 17:35:49 2002
++*** misc/neon-0.23.5/src/makefile.mk	2004-04-05 12:38:37.706437510 -0400
++--- misc/build/neon-0.23.5/src/makefile.mk	2004-04-05 12:21:47.810143789 -0400
+ ***************
+ *** 1 ****
+ ! dummy
+@@ -190,8 +189,173 @@
+ ! # --- Targets ------------------------------------------------------
+ ! 
+ ! .INCLUDE :  target.mk
+-*** misc/neon-0.23.5/src/ne_props.c	Sun Jul 14 13:18:06 2002
+---- misc/build/neon-0.23.5/src/ne_props.c	Tue Oct 22 17:35:49 2002
++*** misc/neon-0.23.5/src/ne_207.c	2002-06-23 10:04:36.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_207.c	2004-04-05 12:38:18.221460697 -0400
++***************
++*** 1,6 ****
++  /* 
++     WebDAV 207 multi-status response handling
++!    Copyright (C) 1999-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     WebDAV 207 multi-status response handling
++!    Copyright (C) 1999-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 358,369 ****
++  	if (ne_get_status(req)->code == 207) {
++  	    if (!ne_xml_valid(p)) { 
++  		/* The parse was invalid */
++! 		ne_set_error(sess, ne_xml_get_error(p));
++  		ret = NE_ERROR;
++  	    } else if (ctx.is_error) {
++  		/* If we've actually got any error information
++  		 * from the 207, then set that as the error */
++! 		ne_set_error(sess, ctx.buf->data);
++  		ret = NE_ERROR;
++  	    }
++  	} else if (ne_get_status(req)->klass != 2) {
++--- 358,369 ----
++  	if (ne_get_status(req)->code == 207) {
++  	    if (!ne_xml_valid(p)) { 
++  		/* The parse was invalid */
++! 		ne_set_error(sess, "%s", ne_xml_get_error(p));
++  		ret = NE_ERROR;
++  	    } else if (ctx.is_error) {
++  		/* If we've actually got any error information
++  		 * from the 207, then set that as the error */
++! 		ne_set_error(sess, "%s", ctx.buf->data);
++  		ret = NE_ERROR;
++  	    }
++  	} else if (ne_get_status(req)->klass != 2) {
++*** misc/neon-0.23.5/src/ne_auth.c	2002-10-07 16:33:17.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_auth.c	2004-04-05 12:38:18.223460387 -0400
++***************
++*** 908,914 ****
++      if (areq->auth_info_hdr != NULL && 
++  	verify_response(areq, sess, areq->auth_info_hdr)) {
++  	NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n");
++! 	ne_set_error(sess->sess, _(sess->spec->fail_msg));
++  	ret = NE_ERROR;
++      } else if (status->code == sess->spec->status_code && 
++  	       areq->auth_hdr != NULL) {
++--- 908,914 ----
++      if (areq->auth_info_hdr != NULL && 
++  	verify_response(areq, sess, areq->auth_info_hdr)) {
++  	NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n");
++! 	ne_set_error(sess->sess, "%s", _(sess->spec->fail_msg));
++  	ret = NE_ERROR;
++      } else if (status->code == sess->spec->status_code && 
++  	       areq->auth_hdr != NULL) {
++*** misc/neon-0.23.5/src/ne_compress.c	2002-09-18 16:50:34.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_compress.c	2004-04-05 12:38:18.225460077 -0400
++***************
++*** 1,6 ****
++  /* 
++     Handling of compressed HTTP responses
++!    Copyright (C) 2001-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     Handling of compressed HTTP responses
++!    Copyright (C) 2001-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 252,258 ****
++  	     * doesn't work, and this does, but I have no idea why..
++  	     * Google showed me the way. */
++  	    if (inflateInit2(&ctx->zstr, -MAX_WBITS) != Z_OK) {
++! 		ne_set_error(ctx->session, ctx->zstr.msg);
++  		ctx->state = NE_Z_ERROR;
++  		return;
++  	    }
++--- 252,258 ----
++  	     * doesn't work, and this does, but I have no idea why..
++  	     * Google showed me the way. */
++  	    if (inflateInit2(&ctx->zstr, -MAX_WBITS) != Z_OK) {
++! 		ne_set_error(ctx->session, "%s", ctx->zstr.msg);
++  		ctx->state = NE_Z_ERROR;
++  		return;
++  	    }
++*** misc/neon-0.23.5/src/ne_locks.c	2002-08-05 16:10:53.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_locks.c	2004-04-05 12:38:18.227459766 -0400
++***************
++*** 723,729 ****
++  	}
++  	else if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++--- 723,729 ----
++  	}
++  	else if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, "%s", ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++***************
++*** 792,798 ****
++      if (ret == NE_OK && ne_get_status(req)->klass == 2) {
++  	if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++--- 792,798 ----
++      if (ret == NE_OK && ne_get_status(req)->klass == 2) {
++  	if (parse_failed) {
++  	    ret = NE_ERROR;
++! 	    ne_set_error(sess, "%s", ne_xml_get_error(parser));
++  	}
++  	else if (ne_get_status(req)->code == 207) {
++  	    ret = NE_ERROR;
++*** misc/neon-0.23.5/src/ne_props.c	2002-07-14 07:18:06.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_props.c	2004-04-05 12:38:27.458027606 -0400
++***************
++*** 1,6 ****
++  /* 
++     WebDAV property manipulation
++!    Copyright (C) 2000-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     WebDAV property manipulation
++!    Copyright (C) 2000-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 136,142 ****
++      if (ret == NE_OK && ne_get_status(req)->klass != 2) {
++  	ret = NE_ERROR;
++      } else if (!ne_xml_valid(handler->parser)) {
++! 	ne_set_error(handler->sess, ne_xml_get_error(handler->parser));
++  	ret = NE_ERROR;
++      }
++  
++--- 136,142 ----
++      if (ret == NE_OK && ne_get_status(req)->klass != 2) {
++  	ret = NE_ERROR;
++      } else if (!ne_xml_valid(handler->parser)) {
++! 	ne_set_error(handler->sess, "%s", ne_xml_get_error(handler->parser));
++  	ret = NE_ERROR;
++      }
++  
+ ***************
+ *** 457,462 ****
+ --- 457,465 ----
+@@ -204,3 +368,37 @@
+       /* If we get a non-2xx response back here, we wipe the value for
+        * each of the properties in this propstat, so the caller knows to
+        * look at the status instead. It's annoying, since for each prop
++*** misc/neon-0.23.5/src/ne_xml.c	2002-10-08 15:11:31.000000000 -0400
++--- misc/build/neon-0.23.5/src/ne_xml.c	2004-04-05 12:38:18.232458991 -0400
++***************
++*** 1,6 ****
++  /* 
++     Higher Level Interface to XML Parsers.
++!    Copyright (C) 1999-2002, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++--- 1,6 ----
++  /* 
++     Higher Level Interface to XML Parsers.
++!    Copyright (C) 1999-2004, Joe Orton <joe@manyfish.co.uk>
++  
++     This library is free software; you can redistribute it and/or
++     modify it under the terms of the GNU Library General Public
++***************
++*** 860,866 ****
++  
++  void ne_xml_set_error(ne_xml_parser *p, const char *msg)
++  {
++!     ne_snprintf(p->error, ERR_SIZE, msg);
++  }
++  
++  #ifdef HAVE_LIBXML
++--- 860,866 ----
++  
++  void ne_xml_set_error(ne_xml_parser *p, const char *msg)
++  {
++!     ne_snprintf(p->error, ERR_SIZE, "%s", msg);
++  }
++  
++  #ifdef HAVE_LIBXML
diff --git a/app-office/openoffice/openoffice-1.0.3-r1.ebuild b/app-office/openoffice/openoffice-1.0.3-r1.ebuild
index 8d3a29dfa65b..4ec127fe0d48 100644
--- a/app-office/openoffice/openoffice-1.0.3-r1.ebuild
+++ b/app-office/openoffice/openoffice-1.0.3-r1.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.0.3-r1.ebuild,v 1.10 2003/11/14 12:39:41 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.0.3-r1.ebuild,v 1.11 2004/04/24 10:48:06 suka Exp $
 
 # IMPORTANT:  This is extremely alpha!!!
 
diff --git a/app-office/openoffice/openoffice-1.1.0-r2.ebuild b/app-office/openoffice/openoffice-1.1.0-r2.ebuild
index d203d4723b50..caf493999000 100644
--- a/app-office/openoffice/openoffice-1.1.0-r2.ebuild
+++ b/app-office/openoffice/openoffice-1.1.0-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.0-r2.ebuild,v 1.9 2004/03/28 02:24:26 bazik Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.0-r2.ebuild,v 1.10 2004/04/24 10:48:06 suka Exp $
 
 # IMPORTANT:  This is extremely alpha!!!
 
@@ -283,6 +283,9 @@ src_unpack() {
 		epatch ${FILESDIR}/${PV}/openoffice-1.1.0-sparc64-fix.patch
 	fi
 
+	#Security fix
+	epatch ${FILESDIR}/${PV}/neon.patch
+
 	#The gcc-3.2.3 version in gentoo is fixed for the internal error that
 	#blocks compilation with it, so remove the check from the configure script
 #	epatch ${FILESDIR}/${PV}/fixed-gcc.patch
diff --git a/app-office/openoffice/openoffice-1.1.0-r3.ebuild b/app-office/openoffice/openoffice-1.1.0-r3.ebuild
index 9d7c9b39f096..817e60aac640 100644
--- a/app-office/openoffice/openoffice-1.1.0-r3.ebuild
+++ b/app-office/openoffice/openoffice-1.1.0-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.0-r3.ebuild,v 1.7 2004/02/10 10:20:03 pauldv Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.0-r3.ebuild,v 1.8 2004/04/24 10:48:06 suka Exp $
 
 # IMPORTANT:  This is extremely alpha!!!
 
@@ -271,6 +271,9 @@ src_unpack() {
 		epatch ${FILESDIR}/${PV}/openoffice-1.1.0-sparc64-fix.patch
 	fi
 
+	#Security fix
+	epatch ${FILESDIR}/${PV}/neon.patch
+
 	if [ "$(gcc-version)" == "3.2" ]; then
 		einfo "You use a buggy gcc, so replacing -march=pentium4 with -march=pentium3"
 		replace-flags "-march=pentium4" "-march=pentium3 -mcpu=pentium4"
diff --git a/app-office/openoffice/openoffice-1.1.1.ebuild b/app-office/openoffice/openoffice-1.1.1.ebuild
index 9d460c24ba3e..47dba61b6924 100644
--- a/app-office/openoffice/openoffice-1.1.1.ebuild
+++ b/app-office/openoffice/openoffice-1.1.1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.1.ebuild,v 1.8 2004/04/16 09:05:21 pauldv Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/openoffice/openoffice-1.1.1.ebuild,v 1.9 2004/04/24 10:48:06 suka Exp $
 
 # IMPORTANT:  This is extremely alpha!!!
 
@@ -273,6 +273,9 @@ src_unpack() {
 #		epatch ${FILESDIR}/${PV}/openoffice-1.1.0-sparc64-fix.patch
 #	fi
 
+	#Security fix
+	epatch ${FILESDIR}/${PV}/neon.patch
+
 	if [ "$(gcc-version)" == "3.2" ]; then
 		einfo "You use a buggy gcc, so replacing -march=pentium4 with -march=pentium3"
 		replace-flags "-march=pentium4" "-march=pentium3 -mcpu=pentium4"
author	Andreas Proschofsky <suka@gentoo.org>	2004-04-24 10:48:06 +0000
committer	Andreas Proschofsky <suka@gentoo.org>	2004-04-24 10:48:06 +0000
commit	e373f4e2b48bbd1d5bc955db43de8f510eb406d6 (patch)
tree	e0d36400959bd1c38c676312e3512157573076b8 /app-office/openoffice
parent	update copyright years (diff)
download	historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.tar.gz historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.tar.bz2 historical-e373f4e2b48bbd1d5bc955db43de8f510eb406d6.zip