diff --git a/CVE-2025-32414.patch b/CVE-2025-32414.patch deleted file mode 100644 index f34c8d298e2a03325d17419203201176ea08ff72..0000000000000000000000000000000000000000 --- a/CVE-2025-32414.patch +++ /dev/null @@ -1,73 +0,0 @@ -From d7657811964eac1cb9743bb98649278ad948f0d2 Mon Sep 17 00:00:00 2001 -From: Maks Verver -Date: Tue, 8 Apr 2025 13:13:55 +0200 -Subject: [PATCH] [CVE-2025-32414] python: Read at most len/4 characters. - -Fixes #889 by reserving space in the buffer for UTF-8 encoding of text. ---- - python/libxml.c | 28 ++++++++++++++++++---------- - 1 file changed, 18 insertions(+), 10 deletions(-) - -diff --git a/python/libxml.c b/python/libxml.c -index 1fe8d6850..2bf140786 100644 ---- a/python/libxml.c -+++ b/python/libxml.c -@@ -248,7 +248,9 @@ xmlPythonFileReadRaw (void * context, char * buffer, int len) { - - file = (PyObject *) context; - if (file == NULL) return(-1); -- ret = PyObject_CallMethod(file, (char *) "read", (char *) "(i)", len); -+ /* When read() returns a string, the length is in characters not bytes, so -+ request at most len / 4 characters to leave space for UTF-8 encoding. */ -+ ret = PyObject_CallMethod(file, (char *) "read", (char *) "(i)", len / 4); - if (ret == NULL) { - printf("xmlPythonFileReadRaw: result is NULL\n"); - return(-1); -@@ -283,10 +285,12 @@ xmlPythonFileReadRaw (void * context, char * buffer, int len) { - Py_DECREF(ret); - return(-1); - } -- if (lenread > len) -- memcpy(buffer, data, len); -- else -- memcpy(buffer, data, lenread); -+ if (lenread < 0 || lenread > len) { -+ printf("xmlPythonFileReadRaw: invalid lenread\n"); -+ Py_DECREF(ret); -+ return(-1); -+ } -+ memcpy(buffer, data, lenread); - Py_DECREF(ret); - return(lenread); - } -@@ -310,7 +314,9 @@ xmlPythonFileRead (void * context, char * buffer, int len) { - - file = (PyObject *) context; - if (file == NULL) return(-1); -- ret = PyObject_CallMethod(file, (char *) "io_read", (char *) "(i)", len); -+ /* When io_read() returns a string, the length is in characters not bytes, so -+ request at most len / 4 characters to leave space for UTF-8 encoding. */ -+ ret = PyObject_CallMethod(file, (char *) "io_read", (char *) "(i)", len / 4); - if (ret == NULL) { - printf("xmlPythonFileRead: result is NULL\n"); - return(-1); -@@ -345,10 +351,12 @@ xmlPythonFileRead (void * context, char * buffer, int len) { - Py_DECREF(ret); - return(-1); - } -- if (lenread > len) -- memcpy(buffer, data, len); -- else -- memcpy(buffer, data, lenread); -+ if (lenread < 0 || lenread > len) { -+ printf("xmlPythonFileRead: invalid lenread\n"); -+ Py_DECREF(ret); -+ return(-1); -+ } -+ memcpy(buffer, data, lenread); - Py_DECREF(ret); - return(lenread); - } --- -GitLab - diff --git a/CVE-2025-32415.patch b/CVE-2025-32415.patch deleted file mode 100644 index 295dbb430a1d2123781d97a0d2420c0cfdc3fa03..0000000000000000000000000000000000000000 --- a/CVE-2025-32415.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Sun, 6 Apr 2025 12:41:11 +0200 -Subject: [PATCH] [CVE-2025-32415] schemas: Fix heap buffer overflow in - xmlSchemaIDCFillNodeTables - -Don't use local variable which could contain a stale value. - -Fixes #890. ---- - xmlschemas.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/xmlschemas.c b/xmlschemas.c -index e35c117ef..4bdabd129 100644 ---- a/xmlschemas.c -+++ b/xmlschemas.c -@@ -23324,7 +23324,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, - j++; - } while (j < nbDupls); - } -- if (nbNodeTable) { -+ if (bind->nbNodes) { - j = 0; - do { - if (nbFields == 1) { -@@ -23375,7 +23375,7 @@ xmlSchemaIDCFillNodeTables(xmlSchemaValidCtxtPtr vctxt, - - next_node_table_entry: - j++; -- } while (j < nbNodeTable); -+ } while (j < bind->nbNodes); - } - /* - * If everything is fine, then add the IDC target-node to --- -GitLab - diff --git a/CVE-2025-49794,CVE-2025-49796.patch b/CVE-2025-49794,CVE-2025-49796.patch deleted file mode 100644 index 1fe07ea663cc3a5057b3011d4474d268c3dce366..0000000000000000000000000000000000000000 --- a/CVE-2025-49794,CVE-2025-49796.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 71e1e8af5ee46dad1b57bb96cfbf1c3ad21fbd7b Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Fri, 4 Jul 2025 14:28:26 +0200 -Subject: [PATCH] schematron: Fix memory safety issues in - xmlSchematronReportOutput - -Fix use-after-free (CVE-2025-49794) and type confusion (CVE-2025-49796) -in xmlSchematronReportOutput. - -Fixes #931. -Fixes #933. ---- - result/schematron/cve-2025-49794_0.err | 2 ++ - result/schematron/cve-2025-49796_0.err | 2 ++ - schematron.c | 49 ++++++++++++++------------ - test/schematron/cve-2025-49794.sct | 10 ++++++ - test/schematron/cve-2025-49794_0.xml | 6 ++++ - test/schematron/cve-2025-49796.sct | 9 +++++ - test/schematron/cve-2025-49796_0.xml | 3 ++ - 7 files changed, 58 insertions(+), 23 deletions(-) - create mode 100644 result/schematron/cve-2025-49794_0.err - create mode 100644 result/schematron/cve-2025-49796_0.err - create mode 100644 test/schematron/cve-2025-49794.sct - create mode 100644 test/schematron/cve-2025-49794_0.xml - create mode 100644 test/schematron/cve-2025-49796.sct - create mode 100644 test/schematron/cve-2025-49796_0.xml - -diff --git a/result/schematron/cve-2025-49794_0.err b/result/schematron/cve-2025-49794_0.err -new file mode 100644 -index 000000000..57752310e ---- /dev/null -+++ b/result/schematron/cve-2025-49794_0.err -@@ -0,0 +1,2 @@ -+./test/schematron/cve-2025-49794_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: -+./test/schematron/cve-2025-49794_0.xml fails to validate -diff --git a/result/schematron/cve-2025-49796_0.err b/result/schematron/cve-2025-49796_0.err -new file mode 100644 -index 000000000..bf875ee0c ---- /dev/null -+++ b/result/schematron/cve-2025-49796_0.err -@@ -0,0 +1,2 @@ -+./test/schematron/cve-2025-49796_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: -+./test/schematron/cve-2025-49796_0.xml fails to validate -diff --git a/schematron.c b/schematron.c -index 85b462827..0fd374617 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1364,27 +1364,15 @@ exit: - * * - ************************************************************************/ - --static xmlNodePtr -+static xmlXPathObjectPtr - xmlSchematronGetNode(xmlSchematronValidCtxtPtr ctxt, - xmlNodePtr cur, const xmlChar *xpath) { -- xmlNodePtr node = NULL; -- xmlXPathObjectPtr ret; -- - if ((ctxt == NULL) || (cur == NULL) || (xpath == NULL)) - return(NULL); - - ctxt->xctxt->doc = cur->doc; - ctxt->xctxt->node = cur; -- ret = xmlXPathEval(xpath, ctxt->xctxt); -- if (ret == NULL) -- return(NULL); -- -- if ((ret->type == XPATH_NODESET) && -- (ret->nodesetval != NULL) && (ret->nodesetval->nodeNr > 0)) -- node = ret->nodesetval->nodeTab[0]; -- -- xmlXPathFreeObject(ret); -- return(node); -+ return(xmlXPathEval(xpath, ctxt->xctxt)); - } - - /** -@@ -1427,25 +1415,40 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - (child->type == XML_CDATA_SECTION_NODE)) - ret = xmlStrcat(ret, child->content); - else if (IS_SCHEMATRON(child, "name")) { -+ xmlXPathObject *obj = NULL; - xmlChar *path; - - path = xmlGetNoNsProp(child, BAD_CAST "path"); - - node = cur; - if (path != NULL) { -- node = xmlSchematronGetNode(ctxt, cur, path); -- if (node == NULL) -- node = cur; -+ obj = xmlSchematronGetNode(ctxt, cur, path); -+ if ((obj != NULL) && -+ (obj->type == XPATH_NODESET) && -+ (obj->nodesetval != NULL) && -+ (obj->nodesetval->nodeNr > 0)) -+ node = obj->nodesetval->nodeTab[0]; - xmlFree(path); - } - -- if ((node->ns == NULL) || (node->ns->prefix == NULL)) -- ret = xmlStrcat(ret, node->name); -- else { -- ret = xmlStrcat(ret, node->ns->prefix); -- ret = xmlStrcat(ret, BAD_CAST ":"); -- ret = xmlStrcat(ret, node->name); -+ switch (node->type) { -+ case XML_ELEMENT_NODE: -+ case XML_ATTRIBUTE_NODE: -+ if ((node->ns == NULL) || (node->ns->prefix == NULL)) -+ ret = xmlStrcat(ret, node->name); -+ else { -+ ret = xmlStrcat(ret, node->ns->prefix); -+ ret = xmlStrcat(ret, BAD_CAST ":"); -+ ret = xmlStrcat(ret, node->name); -+ } -+ break; -+ -+ /* TODO: handle other node types */ -+ default: -+ break; - } -+ -+ xmlXPathFreeObject(obj); - } else if (IS_SCHEMATRON(child, "value-of")) { - xmlChar *select; - xmlXPathObjectPtr eval; -diff --git a/test/schematron/cve-2025-49794.sct b/test/schematron/cve-2025-49794.sct -new file mode 100644 -index 000000000..7fc9ee3db ---- /dev/null -+++ b/test/schematron/cve-2025-49794.sct -@@ -0,0 +1,10 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49794_0.xml b/test/schematron/cve-2025-49794_0.xml -new file mode 100644 -index 000000000..debc64ba6 ---- /dev/null -+++ b/test/schematron/cve-2025-49794_0.xml -@@ -0,0 +1,6 @@ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49796.sct b/test/schematron/cve-2025-49796.sct -new file mode 100644 -index 000000000..e9702d752 ---- /dev/null -+++ b/test/schematron/cve-2025-49796.sct -@@ -0,0 +1,9 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ -diff --git a/test/schematron/cve-2025-49796_0.xml b/test/schematron/cve-2025-49796_0.xml -new file mode 100644 -index 000000000..be33c4ec5 ---- /dev/null -+++ b/test/schematron/cve-2025-49796_0.xml -@@ -0,0 +1,3 @@ -+ -+ -+ --- -GitLab - diff --git a/CVE-2025-49795.patch b/CVE-2025-49795.patch deleted file mode 100644 index a7b494dfc2c8b229565ac9a44eadff9c15d9bbb2..0000000000000000000000000000000000000000 --- a/CVE-2025-49795.patch +++ /dev/null @@ -1,119 +0,0 @@ -From 499bcb78ab389f60c2fd634ce410d4bb85c18765 Mon Sep 17 00:00:00 2001 -From: Michael Mann -Date: Sat, 21 Jun 2025 12:11:30 -0400 -Subject: [PATCH] Schematron: Fix null pointer dereference leading to DoS - -(CVE-2025-49795) - -Fixes #932 ---- - result/schematron/zvon16_0.err | 1 + - schematron.c | 2 ++ - test/schematron/zvon16.sct | 7 +++++++ - test/schematron/zvon16_0.xml | 5 +++++ - 4 files changed, 15 insertions(+) - create mode 100644 result/schematron/zvon16_0.err - create mode 100644 test/schematron/zvon16.sct - create mode 100644 test/schematron/zvon16_0.xml - -diff --git a/result/schematron/zvon16_0.err b/result/schematron/zvon16_0.err -new file mode 100644 -index 000000000..465cf2eb4 ---- /dev/null -+++ b/result/schematron/zvon16_0.err -@@ -0,0 +1 @@ -+xmlSchematronParse: could not load './test/schematron/zvon16.sct' -\ No newline at end of file -diff --git a/schematron.c b/schematron.c -index 5c1a27bf1..d33755e6d 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1453,6 +1453,8 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - select = xmlGetNoNsProp(child, BAD_CAST "select"); - comp = xmlXPathCtxtCompile(ctxt->xctxt, select); - eval = xmlXPathCompiledEval(comp, ctxt->xctxt); -+ if (eval == NULL) -+ return ret; - - switch (eval->type) { - case XPATH_NODESET: { -diff --git a/test/schematron/zvon16.sct b/test/schematron/zvon16.sct -new file mode 100644 -index 000000000..4d24c0541 ---- /dev/null -+++ b/test/schematron/zvon16.sct -@@ -0,0 +1,7 @@ -+ -+ -+ Book test -+ -+ -+ -diff --git a/test/schematron/zvon16_0.xml b/test/schematron/zvon16_0.xml -new file mode 100644 -index 000000000..551e2d654 ---- /dev/null -+++ b/test/schematron/zvon16_0.xml -@@ -0,0 +1,5 @@ -+ -+ -+ Test Author -+ -+ --- -GitLab - -From 24d7e15914588cb45e7fb41cbe4fcf785e1a4861 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Fri, 4 Jul 2025 12:19:20 +0200 -Subject: [PATCH] schematron: Complete fix for CVE-2025-49795 - -- Fix memory leaks -- Fix tests ---- - result/schematron/zvon16_0.err | 4 +++- - schematron.c | 5 ++++- - test/schematron/zvon16.sct | 2 +- - 3 files changed, 16 insertions(+), 6 deletions(-) - -diff --git a/result/schematron/zvon16_0.err b/result/schematron/zvon16_0.err -index 465cf2eb4..452bcc139 100644 ---- a/result/schematron/zvon16_0.err -+++ b/result/schematron/zvon16_0.err -@@ -1 +1,3 @@ --xmlSchematronParse: could not load './test/schematron/zvon16.sct' -\ No newline at end of file -+XPath error : Unregistered function: falae -+./test/schematron/zvon16_0.xml:2: element book: schematron error : /library/book line 2: Book -+./test/schematron/zvon16_0.xml fails to validate -diff --git a/schematron.c b/schematron.c -index d33755e6d..85b462827 100644 ---- a/schematron.c -+++ b/schematron.c -@@ -1453,8 +1453,11 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, - select = xmlGetNoNsProp(child, BAD_CAST "select"); - comp = xmlXPathCtxtCompile(ctxt->xctxt, select); - eval = xmlXPathCompiledEval(comp, ctxt->xctxt); -- if (eval == NULL) -+ if (eval == NULL) { -+ xmlXPathFreeCompExpr(comp); -+ xmlFree(select); - return ret; -+ } - - switch (eval->type) { - case XPATH_NODESET: { -diff --git a/test/schematron/zvon16.sct b/test/schematron/zvon16.sct -index 4d24c0541..f03848aae 100644 ---- a/test/schematron/zvon16.sct -+++ b/test/schematron/zvon16.sct -@@ -1,4 +1,4 @@ -- - - - Book test --- -GitLab - diff --git a/CVE-2025-6021.patch b/CVE-2025-6021.patch deleted file mode 100644 index 91d7b567d2f17f18920cb5e923c31c3639759631..0000000000000000000000000000000000000000 --- a/CVE-2025-6021.patch +++ /dev/null @@ -1,47 +0,0 @@ -From acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Tue, 27 May 2025 12:53:17 +0200 -Subject: [PATCH] tree: Fix integer overflow in xmlBuildQName - -This issue affects memory safety and might receive a CVE ID later. - -Fixes #926. ---- - tree.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/tree.c b/tree.c -index 8910dd8..e207f12 100644 ---- a/tree.c -+++ b/tree.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - #ifdef LIBXML_ZLIB_ENABLED - #include -@@ -221,16 +222,18 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) { - xmlChar * - xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, - xmlChar *memory, int len) { -- int lenn, lenp; -+ size_t lenn, lenp; - xmlChar *ret; - -- if (ncname == NULL) return(NULL); -+ if ((ncname == NULL) || (len < 0)) return(NULL); - if (prefix == NULL) return((xmlChar *) ncname); - - lenn = strlen((char *) ncname); - lenp = strlen((char *) prefix); -+ if (lenn >= SIZE_MAX - lenp - 1) -+ return(NULL); - -- if ((memory == NULL) || (len < lenn + lenp + 2)) { -+ if ((memory == NULL) || ((size_t) len < lenn + lenp + 2)) { - ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2); - if (ret == NULL) { - xmlTreeErrMemory("building QName"); - diff --git a/backport-CVE-2025-6170.patch b/backport-CVE-2025-6170.patch deleted file mode 100644 index 5a7c22e3c0119374a0fed76f6e1eb8d85e8ca24c..0000000000000000000000000000000000000000 --- a/backport-CVE-2025-6170.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 069bcda17d8194e9582c64dd4bc9dac99b015810 Mon Sep 17 00:00:00 2001 -From: Michael Mann -Date: Fri, 20 Jun 2025 23:05:00 -0400 -Subject: [PATCH] Fix potential buffer overflows of interactive shell - -CVE-2025-6170 - -Fixes #941 - -Reference: https://github.com/GNOME/libxml2/commit/069bcda17d8194e9582c64dd4bc9dac99b015810 -Conflict: rename shell.c to debugXML.c, no need xmllintShellReadline - ---- - debugXML.c | 15 ++++++++++----- - result/scripts/long_command | 8 ++++++++ - test/scripts/long_command.script | 6 ++++++ - test/scripts/long_command.xml | 1 + - 4 files changed, 25 insertions(+), 5 deletions(-) - create mode 100644 result/scripts/long_command - create mode 100644 test/scripts/long_command.script - create mode 100644 test/scripts/long_command.xml - -diff --git a/debugXML.c b/debugXML.c -index 3bb1930..c84c382 100644 ---- a/debugXML.c -+++ b/debugXML.c -@@ -2781,6 +2781,10 @@ xmlShellPwd(xmlShellCtxtPtr ctxt ATTRIBUTE_UNUSED, char *buffer, - return (0); - } - -+#define MAX_PROMPT_SIZE 500 -+#define MAX_ARG_SIZE 400 -+#define MAX_COMMAND_SIZE 100 -+ - /** - * xmlShell: - * @doc: the initial document -@@ -2796,10 +2800,10 @@ void - xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - FILE * output) - { -- char prompt[500] = "/ > "; -+ char prompt[MAX_PROMPT_SIZE] = "/ > "; - char *cmdline = NULL, *cur; -- char command[100]; -- char arg[400]; -+ char command[MAX_COMMAND_SIZE]; -+ char arg[MAX_ARG_SIZE]; - int i; - xmlShellCtxtPtr ctxt; - xmlXPathObjectPtr list; -@@ -2857,7 +2861,8 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - cur++; - i = 0; - while ((*cur != ' ') && (*cur != '\t') && -- (*cur != '\n') && (*cur != '\r')) { -+ (*cur != '\n') && (*cur != '\r') && -+ (i < (MAX_COMMAND_SIZE - 1))) { - if (*cur == 0) - break; - command[i++] = *cur++; -@@ -2872,7 +2877,7 @@ xmlShell(xmlDocPtr doc, char *filename, xmlShellReadlineFunc input, - while ((*cur == ' ') || (*cur == '\t')) - cur++; - i = 0; -- while ((*cur != '\n') && (*cur != '\r') && (*cur != 0)) { -+ while ((*cur != '\n') && (*cur != '\r') && (*cur != 0) && (i < (MAX_ARG_SIZE-1))) { - if (*cur == 0) - break; - arg[i++] = *cur++; -diff --git a/result/scripts/long_command b/result/scripts/long_command -new file mode 100644 -index 0000000..e6f0070 ---- /dev/null -+++ b/result/scripts/long_command -@@ -0,0 +1,8 @@ -+/ > b > b > Object is a Node Set : -+Set contains 1 nodes: -+1 ELEMENT a:c -+b > Unknown command This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_comm -+b > b > Unknown command ess_currents_of_time_and_existence -+b > -+Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_prof -+b > -\ No newline at end of file -diff --git a/test/scripts/long_command.script b/test/scripts/long_command.script -new file mode 100644 -index 0000000..00f6df0 ---- /dev/null -+++ b/test/scripts/long_command.script -@@ -0,0 +1,6 @@ -+cd a/b -+set -+xpath //*[namespace-uri()="foo"] -+This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_command_please_dont_crash foo -+set Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_profound_emotion_and_every_grand_aspiration_that_propels_our_species_ever_onward_through_the_relentless_currents_of_time_and_existence -+save - -diff --git a/test/scripts/long_command.xml b/test/scripts/long_command.xml -new file mode 100644 -index 0000000..1ba4401 ---- /dev/null -+++ b/test/scripts/long_command.xml -@@ -0,0 +1 @@ -+ --- -2.43.0 - diff --git a/libxml2-2.12.10.tar.xz b/libxml2-2.12.10.tar.xz deleted file mode 100644 index 86c94f800a26e3e4faf33eb5b07cac064295cb2f..0000000000000000000000000000000000000000 Binary files a/libxml2-2.12.10.tar.xz and /dev/null differ diff --git a/libxml2-2.13.9.tar.xz b/libxml2-2.13.9.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..bdf73127e3c6ab781f771c769375c4764ea3ecad Binary files /dev/null and b/libxml2-2.13.9.tar.xz differ diff --git a/libxml2.spec b/libxml2.spec index f7e5125657183e2d3213b164defa39e79fdf5d2d..37242f0e751e7fd7064988e8d16ad2741785f9d0 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,19 +1,13 @@ Summary: Library providing XML and HTML support Name: libxml2 -Version: 2.12.10 -Release: 7 +Version: 2.13.9 +Release: 1 License: MIT Group: Development/Libraries -Source: https://download.gnome.org/sources/%{name}/2.12/%{name}-%{version}.tar.xz +Source: https://download.gnome.org/sources/%{name}/2.13/%{name}-%{version}.tar.xz Patch0: libxml2-multilib.patch -Patch6001: CVE-2025-32414.patch -Patch6002: CVE-2025-32415.patch -Patch6003: CVE-2025-6021.patch -Patch6004: CVE-2025-49795.patch -Patch6005: CVE-2025-49794,CVE-2025-49796.patch -Patch6006: backport-CVE-2025-6170.patch -Patch6007: backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch +Patch6001: backport-Fix-relaxng-is-parsed-to-an-infinite-attrs-next-loop.patch BuildRequires: pkgconfig(python3) BuildRequires: pkgconfig(zlib) @@ -95,8 +89,6 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz %check %make_build check -(cd doc/examples ; make clean ; rm -rf .deps Makefile) - %files %license Copyright %{_libdir}/lib*.so.* @@ -105,8 +97,7 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz %files devel %doc NEWS README.md -%doc doc/tutorial doc/libxml2-api.xml.gz -%doc doc/examples +%doc doc/libxml2-api.xml.gz %doc %dir %{_datadir}/gtk-doc/html/libxml2 %doc %{_datadir}/gtk-doc/html/libxml2/*.devhelp2 %doc %{_datadir}/gtk-doc/html/libxml2/*.html @@ -134,6 +125,9 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz %changelog +* Wed Nov 12 2025 wangziliang - 2.13.9-1 +- update to 2.13.9 + * Mon Sep 15 2025 Funda Wang - 2.12.10-7 - remove http, ftp and lzma features which are removed upstream