From 880d0cf36582be1fff7f7b196d707a1d3593f3f2b3019b09d9fa7c626706cc86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Fri, 27 Jun 2025 15:44:03 +0200
Subject: [PATCH] Sync from SUSE:SLFO:Main python-lxml revision
 79de8f819da44edfabf60185801f64c5

---
 lxml-5.3.0.tar.gz   |  3 ---
 lxml-5.4.0.tar.gz   |  3 +++
 python-lxml.changes | 20 ++++++++++++++++++++
 python-lxml.spec    |  4 ++--
 4 files changed, 25 insertions(+), 5 deletions(-)
 delete mode 100644 lxml-5.3.0.tar.gz
 create mode 100644 lxml-5.4.0.tar.gz

diff --git a/lxml-5.3.0.tar.gz b/lxml-5.3.0.tar.gz
deleted file mode 100644
index 0c55dda..0000000
--- a/lxml-5.3.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4e109ca30d1edec1ac60cdbe341905dc3b8f55b16855e03a54aaf59e51ec8c6f
-size 3679318
diff --git a/lxml-5.4.0.tar.gz b/lxml-5.4.0.tar.gz
new file mode 100644
index 0000000..3e69a8c
--- /dev/null
+++ b/lxml-5.4.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d12832e1dbea4be280b22fd0ea7c9b87f0d8fc51ba06e92dc62d52f804f78ebd
+size 3679479
diff --git a/python-lxml.changes b/python-lxml.changes
index fa05f72..0fb3f78 100644
--- a/python-lxml.changes
+++ b/python-lxml.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Tue May 27 14:56:16 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
+
+- Update to 5.4.0
+  * LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve
+    several CVEs. Issue found by Anatoly Katyushin, see
+    https://bugs.launchpad.net/lxml/+bug/2107279
+
+-------------------------------------------------------------------
+Mon Apr 14 20:23:23 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- update to 5.3.2 (bsc#1237370, CVE-2025-24928):
+  * This release resolves CVE-2025-24928 as described in
+  * https://gitlab.gnome.org/GNOME/libxml2/-/issues/847
+  * GH#440: Some tests were adapted for libxml2 2.14.0.
+  * LP#2097175: ``DTD(external_id="…")`` erroneously required a
+    byte string as ID value.
+  * GH#450: ``iterparse()`` internally triggered the
+    `DeprecationWarning`` added in lxml 5.3.0 when parsing HTML.
+
 -------------------------------------------------------------------
 Wed Sep 25 13:33:01 UTC 2024 - Adrian Schröter <adrian@suse.de>
 
diff --git a/python-lxml.spec b/python-lxml.spec
index 6301641..5b9294c 100644
--- a/python-lxml.spec
+++ b/python-lxml.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-lxml
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %{?sle15_python_module_pythons}
 Name:           python-lxml
-Version:        5.3.0
+Version:        5.4.0
 Release:        0
 Summary:        Pythonic XML processing library
 License:        BSD-3-Clause AND GPL-2.0-or-later