From 0fccddd8ddf1324058e4b93627bbed01bd10e7b9 Mon Sep 17 00:00:00 2001 From: Marian Koncek Date: Mon, 19 Nov 2018 09:36:47 +0100 Subject: [PATCH] Update to version 2.12.0 --- .gitignore | 1 + sources | 2 +- xerces-j2-CVE-2013-4002.patch | 47 ----------------------------------- xerces-j2-build.patch | 2 +- xerces-j2-manifest.patch | 2 +- xerces-j2.spec | 14 +++++------ 6 files changed, 10 insertions(+), 58 deletions(-) delete mode 100644 xerces-j2-CVE-2013-4002.patch diff --git a/.gitignore b/.gitignore index 36e1cf7..70dc9b9 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ /.build-*.log /noarch/ /*.src.rpm +/Xerces-J-src.2.12.0.tar.gz diff --git a/sources b/sources index b894cb9..e51e4e1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d01fc11eacbe43b45681cb85ac112ebf Xerces-J-src.2.11.0.tar.gz +SHA512 (Xerces-J-src.2.12.0.tar.gz) = b5c2925aa459a2beb5fe4ba90324038b258ff0c5bf40cd6562f1631a76881b12cc74203f0d9f9a60f5af2a61ea801f3f79d5e92f715424973d0e5ce7f80a44f4 diff --git a/xerces-j2-CVE-2013-4002.patch b/xerces-j2-CVE-2013-4002.patch deleted file mode 100644 index a2f5516..0000000 --- a/xerces-j2-CVE-2013-4002.patch +++ /dev/null @@ -1,47 +0,0 @@ ---- src/org/apache/xerces/impl/XMLScanner.java 2013/07/03 18:25:06 1499505 -+++ src/org/apache/xerces/impl/XMLScanner.java 2013/07/03 18:29:43 1499506 -@@ -542,7 +542,7 @@ - // document is until we scan the encoding declaration - // you cannot reliably read any characters outside - // of the ASCII range here. -- mrglavas -- String name = fEntityScanner.scanName(); -+ String name = scanPseudoAttributeName(); - XMLEntityManager.print(fEntityManager.getCurrentEntity()); - if (name == null) { - reportFatalError("PseudoAttrNameExpected", null); -@@ -599,6 +599,35 @@ - } // scanPseudoAttribute(XMLString):String - - /** -+ * Scans the name of a pseudo attribute. The only legal names -+ * in XML 1.0/1.1 documents are 'version', 'encoding' and 'standalone'. -+ * -+ * @return the name of the pseudo attribute or null -+ * if a legal pseudo attribute name could not be scanned. -+ */ -+ private String scanPseudoAttributeName() throws IOException, XNIException { -+ final int ch = fEntityScanner.peekChar(); -+ switch (ch) { -+ case 'v': -+ if (fEntityScanner.skipString(fVersionSymbol)) { -+ return fVersionSymbol; -+ } -+ break; -+ case 'e': -+ if (fEntityScanner.skipString(fEncodingSymbol)) { -+ return fEncodingSymbol; -+ } -+ break; -+ case 's': -+ if (fEntityScanner.skipString(fStandaloneSymbol)) { -+ return fStandaloneSymbol; -+ } -+ break; -+ } -+ return null; -+ } // scanPseudoAttributeName() -+ -+ /** - * Scans a processing instruction. - *

- *

diff --git a/xerces-j2-build.patch b/xerces-j2-build.patch
index dde254c..7e7caaf 100644
--- a/xerces-j2-build.patch
+++ b/xerces-j2-build.patch
@@ -39,7 +39,7 @@
      
      
-@@ -1231,30 +1206,6 @@
+@@ -1232,30 +1207,6 @@
      
      
diff --git a/xerces-j2-manifest.patch b/xerces-j2-manifest.patch
index 524e8ec..413fa8b 100644
--- a/xerces-j2-manifest.patch
+++ b/xerces-j2-manifest.patch
@@ -13,5 +13,5 @@
 +Require-Bundle: system.bundle,javax.xml;visibility:=reexport, org.apache.xml.resolver;bundle-version="[1.2.0,2.0.0)";visibility:=reexport,org.apache.xml.serializer;bundle-version="[2.7.1,3.0.0)"
 +Export-Package: META-INF.services;version="@impl.version@",org.apache.html.dom;version="@impl.version@",org.apache.wml;version="@impl.version@",org.apache.wml.dom;version="@impl.version@",org.apache.xerces.dom;version="@impl.version@",org.apache.xerces.dom.events;version="@impl.version@",org.apache.xerces.dom3.as;version="@impl.version@",org.apache.xerces.impl;version="@impl.version@",org.apache.xerces.impl.dtd;version="@impl.version@",org.apache.xerces.impl.dtd.models;version="@impl.version@",org.apache.xerces.impl.dv;version="@impl.version@",org.apache.xerces.impl.dv.dtd;version="@impl.version@",org.apache.xerces.impl.dv.util;version="@impl.version@",org.apache.xerces.impl.dv.xs;version="@impl.version@",org.apache.xerces.impl.io;version="@impl.version@",org.apache.xerces.impl.msg;version="@impl.version@",org.apache.xerces.impl.validation;version="@impl.version@",org.apache.xerces.impl.xpath;version="@impl.version@",org.apache.xerces.impl.xpath.regex;version="@impl.version@",org.apache.xerces.impl.xs;version="@impl.version@",org.apache.xerces.impl.xs.identity;version="@impl.version@",org.apache.xerces.impl.xs.models;version="@impl.version@",org.apache.xerces.impl.xs.opti;version="@impl.version@",org.apache.xerces.impl.xs.traversers;version="@impl.version@",org.apache.xerces.impl.xs.util;version="@impl.version@",org.apache.xerces.jaxp;version="@impl.version@",org.apache.xerces.jaxp.datatype;version="@impl.version@",org.apache.xerces.jaxp.validation;version="@impl.version@",org.apache.xerces.parsers;version="@impl.version@",org.apache.xerces.stax;version="@impl.version@",org.apache.xerces.stax.events;version="@impl.version@",org.apache.xerces.util;version="@impl.version@",org.apache.xerces.xinclude;version="@impl.version@",org.apache.xerces.xni;version="@impl.version@",org.apache.xerces.xni.grammars;version="@impl.version@",org.apache.xerces.xni.parser;version="@impl.version@",org.apache.xerces.xpointer;version="@impl.version@",org.apache.xerces.xs;version="@impl.version@",org.apache.xerces.xs.datatypes;version="@impl.version@",org.apache.xml.serialize;version="@impl.version@",org.w3c.dom.html;version="@impl.version@"
  
- Name: org/apache/xerces/impl/Version.class
+ Name: org/apache/xerces/impl/
  Comment: @impl.name@ 
diff --git a/xerces-j2.spec b/xerces-j2.spec
index 5f416bf..f802347 100644
--- a/xerces-j2.spec
+++ b/xerces-j2.spec
@@ -1,10 +1,10 @@
-%global cvs_version 2_11_0
+%global cvs_version 2_12_0
 
 %define __requires_exclude system.bundle
 
 Name:          xerces-j2
-Version:       2.11.0
-Release:       34%{?dist}
+Version:       2.12.0
+Release:       1%{?dist}
 Summary:       Java XML parser
 # Most of the source is ASL 2.0
 # W3C licensed files:
@@ -34,10 +34,6 @@ Patch0:        %{name}-build.patch
 # Patch the manifest so that it includes OSGi stuff
 Patch1:        %{name}-manifest.patch
 
-# Backported fix from upstream http://svn.apache.org/viewvc?view=revision&revision=1499506
-# See https://bugzilla.redhat.com/show_bug.cgi?id=1140031
-Patch2:        xerces-j2-CVE-2013-4002.patch
-
 BuildArch:     noarch
 
 BuildRequires: javapackages-local
@@ -115,7 +111,6 @@ Requires:       %{name} = %{version}-%{release}
 %setup -q -n xerces-%{cvs_version}
 %patch0 -p0 -b .orig
 %patch1 -p0 -b .orig
-%patch2 -p0 -b .orig
 
 # Copy the custom ant tasks into place
 mkdir -p tools/org/apache/xerces/util
@@ -203,6 +198,9 @@ ln -sf %{name}.jar %{_javadir}/jaxp_parser_impl.jar
 %{_datadir}/%{name}
 
 %changelog
+* Mon Nov 19 2018 Marian Koncek  - 2.12.0-1
+- Update to upstream version 2.12.0
+
 * Fri Aug 03 2018 Michael Simacek  - 2.11.0-34
 - Fix license tag to include W3C