diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..d87f5613ec4234f82f8eaeebc563711f587fdf88 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.xz filter=lfs diff=lfs merge=lfs -text diff --git a/.lfsconfig b/.lfsconfig new file mode 100644 index 0000000000000000000000000000000000000000..49aa82c4bc1804c0cc9edd2721590fad4df3a165 --- /dev/null +++ b/.lfsconfig @@ -0,0 +1,2 @@ +[lfs] + url = https://artlfs.openeuler.openatom.cn/src-openEuler/libxml2 diff --git a/CVE-2025-32414.patch b/CVE-2025-32414.patch deleted file mode 100644 index f34c8d298e2a03325d17419203201176ea08ff72..0000000000000000000000000000000000000000 --- a/CVE-2025-32414.patch +++ /dev/null @@ -1,73 +0,0 @@ -From d7657811964eac1cb9743bb98649278ad948f0d2 Mon Sep 17 00:00:00 2001 -From: Maks Verver -Date: Tue, 8 Apr 2025 13:13:55 +0200 -Subject: [PATCH] [CVE-2025-32414] python: Read at most len/4 characters. - -Fixes #889 by reserving space in the buffer for UTF-8 encoding of text. ---- - python/libxml.c | 28 ++++++++++++++++++---------- - 1 file changed, 18 insertions(+), 10 deletions(-) - -diff --git a/python/libxml.c b/python/libxml.c -index 1fe8d6850..2bf140786 100644 ---- a/python/libxml.c -+++ b/python/libxml.c -@@ -248,7 +248,9 @@ xmlPythonFileReadRaw (void * context, char * buffer, int len) { - - file = (PyObject *) context; - if (file == NULL) return(-1); -- ret = PyObject_CallMethod(file, (char *) "read", (char *) "(i)", len); -+ /* When read() returns a string, the length is in characters not bytes, so -+ request at most len / 4 characters to leave space for UTF-8 encoding. */ -+ ret = PyObject_CallMethod(file, (char *) "read", (char *) "(i)", len / 4); - if (ret == NULL) { - printf("xmlPythonFileReadRaw: result is NULL\n"); - return(-1); -@@ -283,10 +285,12 @@ xmlPythonFileReadRaw (void * context, char * buffer, int len) { - Py_DECREF(ret); - return(-1); - } -- if (lenread > len) -- memcpy(buffer, data, len); -- else -- memcpy(buffer, data, lenread); -+ if (lenread < 0 || lenread > len) { -+ printf("xmlPythonFileReadRaw: invalid lenread\n"); -+ Py_DECREF(ret); -+ return(-1); -+ } -+ memcpy(buffer, data, lenread); - Py_DECREF(ret); - return(lenread); - } -@@ -310,7 +314,9 @@ xmlPythonFileRead (void * context, char * buffer, int len) { - - file = (PyObject *) context; - if (file == NULL) return(-1); -- ret = PyObject_CallMethod(file, (char *) "io_read", (char *) "(i)", len); -+ /* When io_read() returns a string, the length is in characters not bytes, so -+ request at most len / 4 characters to leave space for UTF-8 encoding. */ -+ ret = PyObject_CallMethod(file, (char *) "io_read", (char *) "(i)", len / 4); - if (ret == NULL) { - printf("xmlPythonFileRead: result is NULL\n"); - return(-1); -@@ -345,10 +351,12 @@ xmlPythonFileRead (void * context, char * buffer, int len) { - Py_DECREF(ret); - return(-1); - } -- if (lenread > len) -- memcpy(buffer, data, len); -- else -- memcpy(buffer, data, lenread); -+ if (lenread < 0 || lenread > len) { -+ printf("xmlPythonFileRead: invalid lenread\n"); -+ Py_DECREF(ret); -+ return(-1); -+ } -+ memcpy(buffer, data, lenread); - Py_DECREF(ret); - return(lenread); - } --- -GitLab - diff --git a/CVE-2025-32415.patch b/CVE-2025-32415.patch deleted file mode 100644 index 295dbb430a1d2123781d97a0d2420c0cfdc3fa03..0000000000000000000000000000000000000000 --- a/CVE-2025-32415.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Sun, 6 Apr 2025 12:41:11 +0200 -Subject: [PATCH] [CVE-2025-32415] schemas: Fix heap buffer overflow in - xmlSchemaIDCFillNodeTables - -Don't use local variable which could contain a stale value. - -Fixes #890. ---- - xmlschemas.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/xmlschemas.c b/xmlschemas.c -index e35c117ef..4bdabd129 100644 ---- a/xmlschemas.c -+++ b/xmlschemas.c -@@ -23324,7 +23324,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, - j++; - } while (j < nbDupls); - } -- if (nbNodeTable) { -+ if (bind->nbNodes) { - j = 0; - do { - if (nbFields == 1) { -@@ -23375,7 +23375,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, - - next_node_table_entry: - j++; -- } while (j < nbNodeTable); -+ } while (j < bind->nbNodes); - } - /* - * If everything is fine, then add the IDC target-node to --- -GitLab - diff --git a/CVE-2025-49794,CVE-2025-49796.patch b/CVE-2025-49794,CVE-2025-49796.patch deleted file mode 100644 index 1fe07ea663cc3a5057b3011d4474d268c3dce366..0000000000000000000000000000000000000000 --- a/CVE-2025-49794,CVE-2025-49796.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Fri, 4 Jul 2025 14:28:26 +0200 -Subject: [PATCH] schematron: Fix memory safety issues in - xmlSchematronReportOutput - -Fix use-after-free (CVE-2025-49794) and type confusion (CVE-2025-49796) -in xmlSchematronReportOutput. - -Fixes #931. -Fixes #933. ---- - result/schematron/cve-2025-49794_0.err | 2 ++ - result/schematron/cve-2025-49796_0.err | 2 ++ - schematron.c | 49 ++++++++++++++------------ - test/schematron/cve-2025-49794.sct | 10 ++++++ - test/schematron/cve-2025-49794_0.xml | 6 ++++ - test/schematron/cve-2025-49796.sct | 9 +++++ - test/schematron/cve-2025-49796_0.xml | 3 ++ - 7 files changed, 58 insertions(+), 23 deletions(-) - create mode 100644 result/schematron/cve-2025-49794_0.err - create mode 100644 result/schematron/cve-2025-49796_0.err - create mode 100644 test/schematron/cve-2025-49794.sct - create mode 100644 test/schematron/cve-2025-49794_0.xml - create mode 100644 test/schematron/cve-2025-49796.sct - create mode 100644 test/schematron/cve-2025-49796_0.xml - -diff --git a/result/schematron/cve-2025-49794_0.err b/result/schematron/cve-2025-49794_0.err -new file mode 100644 -index 000000000..57752310e ---- /dev/null -+++ b/result/schematron/cve-2025-49794_0.err -@@ -0,0 +1,2 @@ -+./test/schematron/cve-2025-49794_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: -+./test/schematron/cve-2025-49794_0.xml fails to validate -diff --git a/result/schematron/cve-2025-49796_0.err b/result/schematron/cve-2025-49796_0.err -new file mode 100644 -index 000000000..bf875ee0c ---- /dev/null -+++ b/result/schematron/cve-2025-49796_0.err -@@ -0,0 +1,2 @@ -+./test/schematron/cve-2025-49796_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: -+./test/schematron/cve-2025-49796_0.xml fails to validate -diff --git a/schematron.c b/schematron.c -index 85b462827..0fd374617 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1364,27 +1364,15 @@ exit: - * * - ************************************************************************/ - --static xmlNodePtr -+static xmlXPathObjectPtr - xmlSchematronGetNode(xmlSchematronValidCtxtPtr ctxt, - xmlNodePtr cur, const xmlChar *xpath) { -- xmlNodePtr node = NULL; -- xmlXPathObjectPtr ret; -- - if ((ctxt == NULL) || (cur == NULL) || (xpath == NULL)) - return(NULL); - - ctxt->xctxt->doc = cur->doc; - ctxt->xctxt->node = cur; -- ret = xmlXPathEval(xpath, ctxt->xctxt); -- if (ret == NULL) -- return(NULL); -- -- if ((ret->type == XPATH_NODESET) && -- (ret->nodesetval != NULL) && (ret->nodesetval->nodeNr > 0)) -- node = ret->nodesetval->nodeTab[0]; -- -- xmlXPathFreeObject(ret); -- return(node); -+ return(xmlXPathEval(xpath, ctxt->xctxt)); - } - - /** -@@ -1427,25 +1415,40 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - (child->type == XML_CDATA_SECTION_NODE)) - ret = xmlStrcat(ret, child->content); - else if (IS_SCHEMATRON(child, "name")) { -+ xmlXPathObject *obj = NULL; - xmlChar *path; - - path = xmlGetNoNsProp(child, BAD_CAST "path"); - - node = cur; - if (path != NULL) { -- node = xmlSchematronGetNode(ctxt, cur, path); -- if (node == NULL) -- node = cur; -+ obj = xmlSchematronGetNode(ctxt, cur, path); -+ if ((obj != NULL) && -+ (obj->type == XPATH_NODESET) && -+ (obj->nodesetval != NULL) && -+ (obj->nodesetval->nodeNr > 0)) -+ node = obj->nodesetval->nodeTab[0]; - xmlFree(path); - } - -- if ((node->ns == NULL) || (node->ns->prefix == NULL)) -- ret = xmlStrcat(ret, node->name); -- else { -- ret = xmlStrcat(ret, node->ns->prefix); -- ret = xmlStrcat(ret, BAD_CAST ":"); -- ret = xmlStrcat(ret, node->name); -+ switch (node->type) { -+ case XML_ELEMENT_NODE: -+ case XML_ATTRIBUTE_NODE: -+ if ((node->ns == NULL) || (node->ns->prefix == NULL)) -+ ret = xmlStrcat(ret, node->name); -+ else { -+ ret = xmlStrcat(ret, node->ns->prefix); -+ ret = xmlStrcat(ret, BAD_CAST ":"); -+ ret = xmlStrcat(ret, node->name); -+ } -+ break; -+ -+ /* TODO: handle other node types */ -+ default: -+ break; - } -+ -+ xmlXPathFreeObject(obj); - } else if (IS_SCHEMATRON(child, "value-of")) { - xmlChar *select; - xmlXPathObjectPtr eval; -diff --git a/test/schematron/cve-2025-49794.sct b/test/schematron/cve-2025-49794.sct -new file mode 100644 -index 000000000..7fc9ee3db ---- /dev/null -+++ b/test/schematron/cve-2025-49794.sct -@@ -0,0 +1,10 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49794_0.xml b/test/schematron/cve-2025-49794_0.xml -new file mode 100644 -index 000000000..debc64ba6 ---- /dev/null -+++ b/test/schematron/cve-2025-49794_0.xml -@@ -0,0 +1,6 @@ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49796.sct b/test/schematron/cve-2025-49796.sct -new file mode 100644 -index 000000000..e9702d752 ---- /dev/null -+++ b/test/schematron/cve-2025-49796.sct -@@ -0,0 +1,9 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49796_0.xml b/test/schematron/cve-2025-49796_0.xml -new file mode 100644 -index 000000000..be33c4ec5 ---- /dev/null -+++ b/test/schematron/cve-2025-49796_0.xml -@@ -0,0 +1,3 @@ -+ -+ -+ --- -GitLab - diff --git a/CVE-2025-49795.patch b/CVE-2025-49795.patch deleted file mode 100644 index a7b494dfc2c8b229565ac9a44eadff9c15d9bbb2..0000000000000000000000000000000000000000 --- a/CVE-2025-49795.patch +++ /dev/null @@ -1,119 +0,0 @@ -From 499bcb78ab389f60c2fd634ce410d4bb85c18765 Mon Sep 17 00:00:00 2001 -From: Michael Mann -Date: Sat, 21 Jun 2025 12:11:30 -0400 -Subject: [PATCH] Schematron: Fix null pointer dereference leading to DoS - -(CVE-2025-49795) - -Fixes #932 ---- - result/schematron/zvon16_0.err | 1 + - schematron.c | 2 ++ - test/schematron/zvon16.sct | 7 +++++++ - test/schematron/zvon16_0.xml | 5 +++++ - 4 files changed, 15 insertions(+) - create mode 100644 result/schematron/zvon16_0.err - create mode 100644 test/schematron/zvon16.sct - create mode 100644 test/schematron/zvon16_0.xml - -diff --git a/result/schematron/zvon16_0.err b/result/schematron/zvon16_0.err -new file mode 100644 -index 000000000..465cf2eb4 ---- /dev/null -+++ b/result/schematron/zvon16_0.err -@@ -0,0 +1 @@ -+xmlSchematronParse: could not load './test/schematron/zvon16.sct' -\ No newline at end of file -diff --git a/schematron.c b/schematron.c -index 5c1a27bf1..d33755e6d 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1453,6 +1453,8 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - select = xmlGetNoNsProp(child, BAD_CAST "select"); - comp = xmlXPathCtxtCompile(ctxt->xctxt, select); - eval = xmlXPathCompiledEval(comp, ctxt->xctxt); -+ if (eval == NULL) -+ return ret; - - switch (eval->type) { - case XPATH_NODESET: { -diff --git a/test/schematron/zvon16.sct b/test/schematron/zvon16.sct -new file mode 100644 -index 000000000..4d24c0541 ---- /dev/null -+++ b/test/schematron/zvon16.sct -@@ -0,0 +1,7 @@ -+ -+ -+ Book test -+ -+ -+ -diff --git a/test/schematron/zvon16_0.xml b/test/schematron/zvon16_0.xml -new file mode 100644 -index 000000000..551e2d654 ---- /dev/null -+++ b/test/schematron/zvon16_0.xml -@@ -0,0 +1,5 @@ -+ -+ -+ Test Author -+ -+ --- -GitLab - -From 24d7e15914588cb45e7fb41cbe4fcf785e1a4861 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Fri, 4 Jul 2025 12:19:20 +0200 -Subject: [PATCH] schematron: Complete fix for CVE-2025-49795 - -- Fix memory leaks -- Fix tests ---- - result/schematron/zvon16_0.err | 4 +++- - schematron.c | 5 ++++- - test/schematron/zvon16.sct | 2 +- - 3 files changed, 16 insertions(+), 6 deletions(-) - -diff --git a/result/schematron/zvon16_0.err b/result/schematron/zvon16_0.err -index 465cf2eb4..452bcc139 100644 ---- a/result/schematron/zvon16_0.err -+++ b/result/schematron/zvon16_0.err -@@ -1 +1,3 @@ --xmlSchematronParse: could not load './test/schematron/zvon16.sct' -\ No newline at end of file -+XPath error : Unregistered function: falae -+./test/schematron/zvon16_0.xml:2: element book: schematron error : /library/book line 2: Book -+./test/schematron/zvon16_0.xml fails to validate -diff --git a/schematron.c b/schematron.c -index d33755e6d..85b462827 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1453,8 +1453,11 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - select = xmlGetNoNsProp(child, BAD_CAST "select"); - comp = xmlXPathCtxtCompile(ctxt->xctxt, select); - eval = xmlXPathCompiledEval(comp, ctxt->xctxt); -- if (eval == NULL) -+ if (eval == NULL) { -+ xmlXPathFreeCompExpr(comp); -+ xmlFree(select); - return ret; -+ } - - switch (eval->type) { - case XPATH_NODESET: { -diff --git a/test/schematron/zvon16.sct b/test/schematron/zvon16.sct -index 4d24c0541..f03848aae 100644 ---- a/test/schematron/zvon16.sct -+++ b/test/schematron/zvon16.sct -@@ -1,4 +1,4 @@ -- - - - Book test --- -GitLab - diff --git a/CVE-2025-6021.patch b/CVE-2025-6021.patch deleted file mode 100644 index 91d7b567d2f17f18920cb5e923c31c3639759631..0000000000000000000000000000000000000000 --- a/CVE-2025-6021.patch +++ /dev/null @@ -1,47 +0,0 @@ -From acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Tue, 27 May 2025 12:53:17 +0200 -Subject: [PATCH] tree: Fix integer overflow in xmlBuildQName - -This issue affects memory safety and might receive a CVE ID later. - -Fixes #926. ---- - tree.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/tree.c b/tree.c -index 8910dd8..e207f12 100644 ---- a/tree.c -+++ b/tree.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - #ifdef LIBXML_ZLIB_ENABLED - #include -@@ -221,16 +222,18 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) { - xmlChar * - xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, - xmlChar *memory, int len) { -- int lenn, lenp; -+ size_t lenn, lenp; - xmlChar *ret; - -- if (ncname == NULL) return(NULL); -+ if ((ncname == NULL) || (len < 0)) return(NULL); - if (prefix == NULL) return((xmlChar *) ncname); - - lenn = strlen((char *) ncname); - lenp = strlen((char *) prefix); -+ if (lenn >= SIZE_MAX - lenp - 1) -+ return(NULL); - -- if ((memory == NULL) || (len < lenn + lenp + 2)) { -+ if ((memory == NULL) || ((size_t) len < lenn + lenp + 2)) { - ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2); - if (ret == NULL) { - xmlTreeErrMemory("building QName"); - diff --git a/backport-CVE-2025-6170.patch b/backport-CVE-2025-6170.patch deleted file mode 100644 index 5a7c22e3c0119374a0fed76f6e1eb8d85e8ca24c..0000000000000000000000000000000000000000 --- a/backport-CVE-2025-6170.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 069bcda17d8194e9582c64dd4bc9dac99b015810 Mon Sep 17 00:00:00 2001 -From: Michael Mann -Date: Fri, 20 Jun 2025 23:05:00 -0400 -Subject: [PATCH] Fix potential buffer overflows of interactive shell - -CVE-2025-6170 - -Fixes #941 - -Reference: https://github.com/GNOME/libxml2/commit/069bcda17d8194e9582c64dd4bc9dac99b015810 -Conflict: rename shell.c to debugXML.c, no need xmllintShellReadline - ---- - debugXML.c | 15 ++++++++++----- - result/scripts/long_command | 8 ++++++++ - test/scripts/long_command.script | 6 ++++++ - test/scripts/long_command.xml | 1 + - 4 files changed, 25 insertions(+), 5 deletions(-) - create mode 100644 result/scripts/long_command - create mode 100644 test/scripts/long_command.script - create mode 100644 test/scripts/long_command.xml - -diff --git a/debugXML.c b/debugXML.c -index 3bb1930..c84c382 100644 ---- a/debugXML.c -+++ b/debugXML.c -@@ -2781,6 +2781,10 @@ xmlShellPwd(xmlShellCtxtPtr ctxt ATTRIBUTE_UNUSED, char *buffer, - return (0); - } - -+#define MAX_PROMPT_SIZE 500 -+#define MAX_ARG_SIZE 400 -+#define MAX_COMMAND_SIZE 100 -+ - /** - * xmlShell: - * @doc: the initial document -@@ -2796,10 +2800,10 @@ void - xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - FILE * output) - { -- char prompt[500] = "/ > "; -+ char prompt[MAX_PROMPT_SIZE] = "/ > "; - char *cmdline = NULL, *cur; -- char command[100]; -- char arg[400]; -+ char command[MAX_COMMAND_SIZE]; -+ char arg[MAX_ARG_SIZE]; - int i; - xmlShellCtxtPtr ctxt; - xmlXPathObjectPtr list; -@@ -2857,7 +2861,8 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - cur++; - i = 0; - while ((*cur != ' ') && (*cur != '\t') && -- (*cur != '\n') && (*cur != '\r')) { -+ (*cur != '\n') && (*cur != '\r') && -+ (i < (MAX_COMMAND_SIZE - 1))) { - if (*cur == 0) - break; - command[i++] = *cur++; -@@ -2872,7 +2877,7 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - while ((*cur == ' ') || (*cur == '\t')) - cur++; - i = 0; -- while ((*cur != '\n') && (*cur != '\r') && (*cur != 0)) { -+ while ((*cur != '\n') && (*cur != '\r') && (*cur != 0) && (i < (MAX_ARG_SIZE-1))) { - if (*cur == 0) - break; - arg[i++] = *cur++; -diff --git a/result/scripts/long_command b/result/scripts/long_command -new file mode 100644 -index 0000000..e6f0070 ---- /dev/null -+++ b/result/scripts/long_command -@@ -0,0 +1,8 @@ -+/ > b > b > Object is a Node Set : -+Set contains 1 nodes: -+1 ELEMENT a:c -+b > Unknown command This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_comm -+b > b > Unknown command ess_currents_of_time_and_existence -+b > -+Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_prof -+b > -\ No newline at end of file -diff --git a/test/scripts/long_command.script b/test/scripts/long_command.script -new file mode 100644 -index 0000000..00f6df0 ---- /dev/null -+++ b/test/scripts/long_command.script -@@ -0,0 +1,6 @@ -+cd a/b -+set -+xpath //*[namespace-uri()="foo"] -+This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_command_please_dont_crash foo -+set Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_profound_emotion_and_every_grand_aspiration_that_propels_our_species_ever_onward_through_the_relentless_currents_of_time_and_existence -+save - -diff --git a/test/scripts/long_command.xml b/test/scripts/long_command.xml -new file mode 100644 -index 0000000..1ba4401 ---- /dev/null -+++ b/test/scripts/long_command.xml -@@ -0,0 +1 @@ -+ --- -2.43.0 - diff --git a/backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch b/backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch deleted file mode 100644 index cbeda9aa236712ea54e731c6586924ae921ec392..0000000000000000000000000000000000000000 --- a/backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch +++ /dev/null @@ -1,81 +0,0 @@ -From bb7169b5ad77209989a7e60b530976618a7f0339 Mon Sep 17 00:00:00 2001 -From: Omar Siam -Date: Tue, 10 Jun 2025 18:34:44 +0200 -Subject: [PATCH] Fix relaxng is parsed to an infinite attrs->next loop - -Test data for the bug. ---- - relaxng.c | 11 ++++++++--- - test/relaxng/useless_group.rng | 21 +++++++++++++++++++++ - test/relaxng/useless_group.xml | 3 +++ - 3 files changed, 32 insertions(+), 3 deletions(-) - create mode 100644 test/relaxng/useless_group.rng - create mode 100644 test/relaxng/useless_group.xml - -diff --git a/relaxng.c b/relaxng.c -index 8132fe8fec..afd416f546 100644 ---- a/relaxng.c -+++ b/relaxng.c -@@ -5856,6 +5856,7 @@ xmlRelaxNGSimplify(xmlRelaxNGParserCtxtPtr ctxt, - if (attronly == 1) { - /* - * migrate tmp to attrs -+ * if this runs twice an infinite attrs->next loop can be created - */ - pre->next = tmp->next; - tmp->next = cur->attrs; -@@ -5876,9 +5877,13 @@ xmlRelaxNGSimplify(xmlRelaxNGParserCtxtPtr ctxt, - if ((parent == NULL) && (prev == NULL)) { - cur->type = XML_RELAXNG_NOOP; - } else if (prev == NULL) { -- parent->content = cur->content; -- cur->content->next = cur->next; -- cur = cur->content; -+ // this simplification may already have happened -+ // if this is done twice this leads to an infinite loop of attrs->next -+ if (parent->content != cur->content) { -+ parent->content = cur->content; -+ cur->content->next = cur->next; -+ cur = cur->content; -+ } - } else { - cur->content->next = cur->next; - prev->next = cur->content; -diff --git a/test/relaxng/useless_group.rng b/test/relaxng/useless_group.rng -new file mode 100644 -index 0000000000..2a44336d30 ---- /dev/null -+++ b/test/relaxng/useless_group.rng -@@ -0,0 +1,21 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -\ No newline at end of file -diff --git a/test/relaxng/useless_group.xml b/test/relaxng/useless_group.xml -new file mode 100644 -index 0000000000..5b81c6db0b ---- /dev/null -+++ b/test/relaxng/useless_group.xml -@@ -0,0 +1,3 @@ -+ -+ -+ -\ No newline at end of file diff --git a/libxml2-2.12.10.tar.xz b/libxml2-2.12.10.tar.xz index 86c94f800a26e3e4faf33eb5b07cac064295cb2f..49b42b58735ca08568cc66efca134285f888ea6e 100644 Binary files a/libxml2-2.12.10.tar.xz and b/libxml2-2.12.10.tar.xz differ diff --git a/libxml2-2.15.1.tar.xz b/libxml2-2.15.1.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..5c40a182ad30666814a49dae479e520243e4ae90 --- /dev/null +++ b/libxml2-2.15.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c008bac08fd5c7b4a87f7b8a71f283fa581d80d80ff8d2efd3b26224c39bc54c +size 2004588 diff --git a/libxml2.spec b/libxml2.spec index f7e5125657183e2d3213b164defa39e79fdf5d2d..604b31ccd68c1657bf5579a3a8feace8221c2d68 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,23 +1,30 @@ +%bcond_without compat +%bcond_without docs + +%if %{with compat} +%global compat_version 2.12.10 +%endif + Summary: Library providing XML and HTML support Name: libxml2 -Version: 2.12.10 -Release: 7 +Version: 2.15.1 +Release: 1 License: MIT Group: Development/Libraries -Source: https://download.gnome.org/sources/%{name}/2.12/%{name}-%{version}.tar.xz +Source: https://download.gnome.org/sources/%{name}/%{version_major}/%{name}-%{version}.tar.xz +%if %{with compat} +Source1: https://download.gnome.org/sources/%{name}/2.12/%{name}-%{compat_version}.tar.xz +%endif Patch0: libxml2-multilib.patch -Patch6001: CVE-2025-32414.patch -Patch6002: CVE-2025-32415.patch -Patch6003: CVE-2025-6021.patch -Patch6004: CVE-2025-49795.patch -Patch6005: CVE-2025-49794,CVE-2025-49796.patch -Patch6006: backport-CVE-2025-6170.patch -Patch6007: backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch - +BuildRequires: meson >= 0.61 BuildRequires: pkgconfig(python3) BuildRequires: pkgconfig(zlib) -URL: http://xmlsoft.org/ +BuildRequires: /usr/bin/doxygen +BuildRequires: /usr/bin/xsltproc +BuildRequires: docbook-style-xsl +BuildRequires: cmake-rpm-macros +URL: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home %description This library allows to manipulate XML files. It includes support @@ -35,7 +42,6 @@ Summary: Libraries, includes, etc. to develop XML and HTML applications Group: Development/Libraries Requires: libxml2 = %{version}-%{release} Obsoletes: %{name}-static < %{version}-%{release} -Provides: %{name}-static = %{version}-%{release} %description devel Libraries, include files, etc you can use to develop XML applications. @@ -70,70 +76,71 @@ at parse time or later once the document has been modified. %prep %autosetup -n %{name}-%{version} -p1 - -mkdir py3doc -cp doc/*.py py3doc -sed -i 's|#!/usr/bin/python |#!%{__python3} |' py3doc/*.py +%if %{with compat} +tar xf %{S:1} +%endif %build -%configure --enable-static \ - --without-http \ - --without-ftp \ - --without-lzma +%meson \ + -Dhistory=disabled \ + -Dreadline=disabled \ + -Dpython=enabled \ + -Dhttp=disabled \ + -Dschematron=disabled \ +%if %{with docs} + -Ddocs=enabled \ +%else + -Ddocs=disabled \ +%endif +%{nil} +%meson_build + +%if %{with compat} +pushd %{name}-%{compat_version} +%configure --enable-static --without-http --without-ftp --without-lzma %make_build - -find doc -type f -exec chmod 0644 \{\} \; +popd +%endif %install -%make_install -%delete_la +%meson_install -rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.a -rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/* -gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz +%if %{with compat} +install -m755 %{name}-%{compat_version}/.libs/*.so.* %{buildroot}%{_libdir}/ +%endif %check -%make_build check - -(cd doc/examples ; make clean ; rm -rf .deps Makefile) +%meson_test %files %license Copyright -%{_libdir}/lib*.so.* +%{_libdir}/libxml2.so.* %{_bindir}/xmllint %{_bindir}/xmlcatalog %files devel %doc NEWS README.md -%doc doc/tutorial doc/libxml2-api.xml.gz -%doc doc/examples -%doc %dir %{_datadir}/gtk-doc/html/libxml2 -%doc %{_datadir}/gtk-doc/html/libxml2/*.devhelp2 -%doc %{_datadir}/gtk-doc/html/libxml2/*.html -%doc %{_datadir}/gtk-doc/html/libxml2/*.png -%doc %{_datadir}/gtk-doc/html/libxml2/*.css +%doc %{_datadir}/doc/%{name}/html +%doc %{_datadir}/doc/%{name}/*.html %{_libdir}/lib*.so %{_includedir}/* %{_bindir}/xml2-config -%{_datadir}/aclocal/libxml.m4 %{_libdir}/pkgconfig/libxml-2.0.pc %{_libdir}/cmake/libxml2/libxml2-config.cmake -%{_libdir}/*.a - %files -n python3-%{name} -%{python3_sitearch}/libxml2mod.so +%{python3_sitearch}/*.so %{python3_sitelib}/*.py %{python3_sitelib}/__pycache__/*.pyc -%doc python/libxml2class.txt -%doc py3doc/*.py %files help %{_mandir}/man?/* - %changelog +* Tue Dec 02 2025 Funda Wang - 2.15.1-1 +- update to 2.15.1 + * Mon Sep 15 2025 Funda Wang - 2.12.10-7 - remove http, ftp and lzma features which are removed upstream diff --git a/libxml2.yaml b/libxml2.yaml index 56b42d5c241434d55365993dc8829c2e7d612a51..ef37f58eae5384cf6ff19106903fa4eee5c692f5 100644 --- a/libxml2.yaml +++ b/libxml2.yaml @@ -1,4 +1,4 @@ version_control: github src_repo: GNOME/libxml2 tag_prefix: ^v -seperator: . +separator: .