./textproc/libxml2, XML parser library from the GNOME project

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.9.14, Package name: libxml2-2.9.14, Maintainer: pkgsrc-users

XML parser library from the GNOME project


Required to run:
[textproc/xmlcatmgr]

Required to build:
[pkgtools/cwrappers]

Package options: inet6

Master sites: (Expand)

Filesize: 3056.609 KB

Version history: (Expand)


CVS history: (Expand)


   2022-05-06 02:55:55 by David H. Gutteridge | Files touched by this commit (4) | Package updated
Log message:
libxml2: update to 2.9.14, includes security fixes

v2.9.14: May 02 2022:
   - Security:
  [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
  Fix potential double-free in xmlXPtrStringRangeFunction
  Fix memory leak in xmlFindCharEncodingHandler
  Normalize XPath strings in-place
  Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars()
    (David Kilzer)
  Fix leak of xmlElementContent (David Kilzer)

   - Bug fixes:
  Fix parsing of subtracted regex character classes
  Fix recursion check in xinclude.c
  Reset last error in xmlCleanupGlobals
  Fix certain combinations of regex range quantifiers
  Fix range quantifier on subregex

   - Improvements:
  Fix recovery from invalid HTML start tags

   - Build system, portability:
  Define LFS macros before including system headers
  Initialize XPath floating-point globals
  configure: check for icu DEFS (James Hilliard)
  configure.ac: produce tar.xz only (GNOME policy) (David Seifert)
  CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
  Fix build with older Python versions
  Fix --without-valid build
   2022-04-18 21:12:27 by Adam Ciarcinski | Files touched by this commit (1798) | Package updated
Log message:
revbump for textproc/icu update
   2022-03-12 08:33:22 by Kimmo Suominen | Files touched by this commit (9)
Log message:
textproc/libxml2: Update to 2.9.13

NEWS:

v2.9.13: Feb 19 2022:
   - Security:
  [CVE-2022-23308] Use-after-free of ID and IDREF attributes
  (Thanks to Shinji Sato for the report)
  Use-after-free in xmlXIncludeCopyRange (David Kilzer)
  Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
  Fix memory leak in xmlXPathCompNodeTest
  Fix null pointer deref in xmlStringGetNodeList
  Fix several memory leaks found by Coverity (David King)

   - Fixed regressions:
  Fix regression in RelaxNG pattern matching
  Properly handle nested documents in xmlFreeNode
  Fix regression with PEs in external DTD
  Fix random dropping of characters on dumping ASCII encoded XML (Mohammad Razavi)
  Revert "Make schema validation fail with multiple top-level elements"
  Fix regression when parsing invalid HTML tags in push mode
  Fix regression parsing public IDs literals in HTML
  Fix buffering in xmlOutputBufferWrite
  Fix whitespace when serializing empty HTML documents
  Fix XPath recursion limit
  Fix regression in xmlNodeDumpOutputInternal
  Work around lxml API abuse

   - Bug fixes:
  Fix xmlSetTreeDoc with entity references
  Fix double counting of CRLF in comments
  Make sure to grow input buffer in xmlParseMisc
  Don't ignore xmllint options after "-"
  Don't normalize namespace URIs in XPointer xmlns() scheme
  Fix handling of XSD with empty namespace
  Also register HTML document nodes
  Make xmllint return an error if arguments are missing
  Fix handling of ctxt->base in xmlXPtrEvalXPtrPart
  Fix xmllint --maxmem
  Fix htmlReadFd, which was using a mix of xml and html context functions (Finn \ 
Barber)
  Move current position before possible calling of ctxt->sax->characters \ 
(Yulin Li)
  Fix parse failure when 4-byte character in UTF-16 BE is split across a chunk \ 
(David Kilzer)
  Patch to forbid epsilon-reduction of final states (Arne Becker)
  Avoid segfault at exit when using custom memory functions (Mike Dalessio)

   - Tests, code quality, fuzzing:
  Remove .travis.yml
  Make xmlFuzzReadString return a zero size in error case
  Fix unused function warning in testapi.c
  Update NewsML DTD in test suite
  Add more checks for malloc failures in xmllint.c
  Avoid potential integer overflow in xmlstring.c
  Run CI tests with UBSan implicit-conversion checks
  Fix casting of line numbers in SAX2.c
  Fix integer conversion warnings in hash.c
  Add explicit casts in runtest.c
  Fix integer conversion warning in xmlIconvWrapper
  Add suffix to unsigned constant in xmlmemory.c
  Add explicit casts in testchar.c
  Fix integer conversion warnings in xmlstring.c
  Add explicit cast in xmlURIUnescapeString
  Remove unused variable in xmlCharEncOutFunc (David King)

   - Build system, portability:
  Remove xmlwin32version.h
  Fix fuzzer test with VPATH build
  Support custom prefix when installing Python module
  Remove Makefile.win
  Remove CVS and SVN-related code
  Port python 3.x module to Windows and improve distutils (Chun-wei Fan)
  Correctly install the HTML examples into their subdirectory (Mattia Rizzolo)
  Refactor the settings of $docdir (Mattia Rizzolo)
  Remove unused configure checks (Ben Boeckel)
  python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS (Sam James)
  Fix check for libtool in autogen.sh
  Use version in configure.ac for CMake (Timothy Lyanguzov)
  Add CMake alias targets for embedded projects (Markus Rickert)

   - Documentation:
  Remove SVN keyword anchors
  Rework README
  Remove README.cvs-commits
  Remove old ChangeLog
  Update hyperlinks
  Remove README.docs
  Remove MAINTAINERS
  Remove xmltutorial.pdf
  Upload documentation to GitLab pages
  Document how to escape XML_CATALOG_FILES
  Fix libxml2.doap
  Update URL for libxml++ C++ binding (Kjell Ahlstedt)
  Generate devhelp2 index file (Emmanuele Bassi)
  Mention XML_CATALOG_FILES is space-separated (Jan Tojnar)
  Add documentaiton for xmllint exit code 10 (Rainer Canavan)
  Fix some validation errors in the FAQ (David King)
  Add instructions on how to use CMake to compile libxml (Markus Rickert)
   2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063)
Log message:
revbump for icu and libffi
   2021-10-26 13:23:42 by Nia Alarie | Files touched by this commit (1161)
Log message:
textproc: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./textproc/convertlit/distinfo clit18src.zip
   2021-10-07 17:02:49 by Nia Alarie | Files touched by this commit (1162)
Log message:
textproc: Remove SHA1 hashes for distfiles
   2021-07-21 15:55:07 by Tobias Nygren | Files touched by this commit (3)
Log message:
libxml2: don't show non-existent -I/usr/include in "xml2-config --cflags"

Check that the iconv include directory actually exists before adding it
to xml2-config. This fixes build of lang/llvm on Darwin. Bump PKGREVISION.
   2021-06-12 19:02:52 by David H. Gutteridge | Files touched by this commit (3) | Package updated
Log message:
py-libxml2: work around a problem in error handling

Restore part of a patch lost in the last libxml2 update which is still
relevant. Reapplying it fixes segfaults caused by itstool, e.g., when
building editors/pluma, which is PR pkg/56229 from Andrius V.

Quoting from wiz@'s original commit from Jan 9, 2019, which covers
everything else:

"In some cases, invalid UTF-8 strings were returned which caused
Python interpreter crashes. See

itstool/itstool#22

Use a variant of the patch that was used in Fedora.

Bump PKGREVISION."

Fedora is still carrying this patch as-is.

(Also, evidently distinfo was not regenerated properly after the last
update, so there's a diff applied to it unrelated to this change set.)