Created attachment 314741 [details, diff] Patch to fix non-POSIX check There is a non-POSIX check in the ./configure script of libxslt. I have attached a patch to address this. Let me know if it is okay to commit.
Looks ok to me, could you also report this to upstream to not need to carry this patch forever? -> bugzilla.gnome.org
*** Bug 421029 has been marked as a duplicate of this bug. ***
(In reply to comment #1) > Looks ok to me, could you also report this to upstream to not need to carry > this patch forever? -> bugzilla.gnome.org Sorry about the duplicate report. I was going through my backlog and forgot that I had already filed this. Anyway, I will send this upstream when I get a chance.
This was already fixed upstream in libxstl-1.1.27-rc1, see http://git.gnome.org/browse/libxslt/tree/configure.in?id=v1.1.27-rc1 I've applied the patch in our 1.1.26-r4. >*libxslt-1.1.26-r4 (10 Sep 2012) > > 10 Sep 2012; Alexandre Rostovtsev <tetromino@gentoo.org> > +files/0002-Hardening-ofcodecheckingnodetypesinvariousentrypoint.patch, > +libxslt-1.1.26-r4.ebuild, +files/libxslt-1.1.26-generate-id-crash.patch, > +files/libxslt-1.1.26-node-type-1.patch, > +files/libxslt-1.1.26-node-type-2.patch, > +files/libxslt-1.1.26-node-type-3.patch, > +files/libxslt-1.1.26-pattern-compile-crash.patch, > +files/libxslt-1.1.26-posix-comparison.patch: > Ensure special treatment for namespace nodes (CVE-2012-2871) and fix > use-after-free errors (CVE-2012-2870); bug #433603, thanks to Paweł Hajdan, > Jr. Fix non-posix comparison in configure; bug #420335, thanks to Richard > Yao.