From f7d8c05825ea34b2d2aeebc86f6a5a2f58202fa9d06be913c79a72567221366f Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 18 Mar 2010 21:52:34 +0000 Subject: [PATCH] Updating link to change in openSUSE:Factory/libxml2 revision 25.0 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=cbabc86bfa2655be8ce56e13794996a5 --- libxml2-2.7.3.tar.bz2 | 3 +++ libxml2-2.7.7.tar.bz2 | 3 --- libxml2-CVE-2024-25062.patch | 29 ----------------------------- libxml2-python.changes | 8 -------- libxml2-python.spec | 12 +++--------- libxml2.changes | 9 --------- libxml2.spec | 12 +++--------- 7 files changed, 9 insertions(+), 67 deletions(-) create mode 100644 libxml2-2.7.3.tar.bz2 delete mode 100644 libxml2-2.7.7.tar.bz2 delete mode 100644 libxml2-CVE-2024-25062.patch diff --git a/libxml2-2.7.3.tar.bz2 b/libxml2-2.7.3.tar.bz2 new file mode 100644 index 0000000..32e0636 --- /dev/null +++ b/libxml2-2.7.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:260da82b8ad1072469fb00fe1c61776e675e4d6e968266a9255b4c953897a057 +size 3678714 diff --git a/libxml2-2.7.7.tar.bz2 b/libxml2-2.7.7.tar.bz2 deleted file mode 100644 index fafcb4f..0000000 --- a/libxml2-2.7.7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a23a1d821437bda4d97fa6d8467e535e62b45778f6254addcd285fd7149bc4c0 -size 3738260 diff --git a/libxml2-CVE-2024-25062.patch b/libxml2-CVE-2024-25062.patch deleted file mode 100644 index 6aab9b2..0000000 --- a/libxml2-CVE-2024-25062.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 1a66b176055d25ee635bf328c7b35b381db0b71d Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Sat, 14 Oct 2023 22:45:54 +0200 -Subject: [PATCH] [CVE-2024-25062] xmlreader: Don't expand XIncludes when - backtracking - -Fixes a use-after-free if XML Reader if used with DTD validation and -XInclude expansion. - -Fixes #604. ---- - xmlreader.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/xmlreader.c b/xmlreader.c -index 3bdb8228..6486c7da 100644 ---- a/xmlreader.c -+++ b/xmlreader.c -@@ -1428,6 +1428,7 @@ node_found: - * Handle XInclude if asked for - */ - if ((reader->xinclude) && (reader->in_xinclude == 0) && -+ (reader->state != XML_TEXTREADER_BACKTRACK) && - (reader->node != NULL) && - (reader->node->type == XML_ELEMENT_NODE) && - (reader->node->ns != NULL) && --- -GitLab - diff --git a/libxml2-python.changes b/libxml2-python.changes index 3f19d94..7dd80c5 100644 --- a/libxml2-python.changes +++ b/libxml2-python.changes @@ -1,11 +1,3 @@ ------------------------------------------------------------------- - Thu Apr 01 23:15:00 CET 2010 - mrdocs@opensuse.org -- update to 2.7.7 -- add extra options to ./configure for scribus features and avoid a crash -- updates from 2.7.3 > 2.7.7 include a number of portability, correctness - memory leaks and build fixes including some CVE -- see http://xmlsoft.org/news.html for exact details - ------------------------------------------------------------------- Tue Dec 15 12:19:16 CET 2009 - jengelh@medozas.de diff --git a/libxml2-python.spec b/libxml2-python.spec index 6f7cac4..09921fd 100644 --- a/libxml2-python.spec +++ b/libxml2-python.spec @@ -24,8 +24,8 @@ License: MIT License (or similar) Group: Development/Libraries/Python AutoReqProv: on Summary: Python Bindings for libxml2 -Version: 2.7.7 -Release: 0 +Version: 2.7.3 +Release: 4 Source: libxml2-%{version}.tar.bz2 Source1: libxml2-python-rpmlintrc %py_requires @@ -66,13 +66,7 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" %configure \ --with-fexceptions \ --with-history \ - --enable-ipv6 \ - --with-sax1 \ - --with-regexps \ - --with-threads \ - --with-reader \ - --with-http - + --enable-ipv6 # use libxml2 as built by libxml2 source package mkdir .libs cp -v %{_libdir}/libxml2.la . diff --git a/libxml2.changes b/libxml2.changes index 151e9f9..a7ce115 100644 --- a/libxml2.changes +++ b/libxml2.changes @@ -1,12 +1,3 @@ ------------------------------------------------------------------- -Tue Mar 23 23:46:00 CET 2010 - mrdocs@opensuse.org - -- update to 2.7.7 -- add extra options to ./configure for scribus features and avoid a crash -- updates from 2.7.3 > 2.7.7 include a number of portability, correctness - memory leaks and build fixes including some CVE -- see http://xmlsoft.org/news.html for exact details - ------------------------------------------------------------------ Mon Feb 22 22:11:00 CET 2010 - mrdocs@opensuse.org diff --git a/libxml2.spec b/libxml2.spec index c034de9..7a9cff9 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -24,8 +24,8 @@ License: MIT License (or similar) Group: System/Libraries Summary: A Library to Manipulate XML Files Url: http://xmlsoft.org -Version: 2.7.7 -Release: 0 +Version: 2.7.3 +Release: 4 Source: %{name}-%{version}.tar.bz2 Source2: baselibs.conf BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -107,13 +107,7 @@ progress. --with-history \ --without-python \ --enable-ipv6 \ - --with-sax1 \ - --with-regexps \ - --with-threads \ - --with-reader \ - --with-http - - + --with-sax1 make %{?jobs:-j%jobs} DOC_MODULE=packages/%{name} %install