Pullup ticket #6753 - requested by gutteridge
textproc/libxml2: security fix
textproc/py-libxml2: security fix
Revisions pulled up:
- textproc/libxml2/Makefile 1.169
- textproc/libxml2/Makefile.common 1.20
- textproc/libxml2/distinfo 1.144
- textproc/py-libxml2/Makefile 1.85
---
Module Name: pkgsrc
Committed By: gutteridge
Date: Sat Apr 15 13:06:22 UTC 2023
Modified Files:
pkgsrc/textproc/libxml2: Makefile Makefile.common distinfo
pkgsrc/textproc/py-libxml2: Makefile
Log Message:
libxml2 & py-libxml2: update to 2.10.4
v2.10.4: Apr 11 2023
### Security
- [CVE-2023-29469] Hashing of empty dict strings isn't deterministic
- [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType
- schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK
### Regressions
- SAX2: Ignore namespaces in HTML documents
- io: Fix "buffer full" error with certain buffer sizes
(bsiegert)
diff -r1.167 -r1.167.2.1 pkgsrc/textproc/libxml2/Makefile| @@ -1,18 +1,17 @@ | @@ -1,18 +1,17 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.167 2023/01/27 14:49:37 jperkin Exp $ | 1 | # $NetBSD: Makefile,v 1.167.2.1 2023/04/16 14:52:36 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | .include "../../textproc/libxml2/Makefile.common" | 3 | .include "../../textproc/libxml2/Makefile.common" | |
| 4 | 4 | |||
| 5 | PKGREVISION= 2 | |||
| 6 | COMMENT= XML parser library from the GNOME project | 5 | COMMENT= XML parser library from the GNOME project | |
| 7 | LICENSE= modified-bsd | 6 | LICENSE= modified-bsd | |
| 8 | 7 | |||
| 9 | USE_FEATURES= glob | 8 | USE_FEATURES= glob | |
| 10 | USE_LIBTOOL= yes | 9 | USE_LIBTOOL= yes | |
| 11 | USE_TOOLS+= gmake | 10 | USE_TOOLS+= gmake | |
| 12 | GNU_CONFIGURE= yes | 11 | GNU_CONFIGURE= yes | |
| 13 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | 12 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | |
| 14 | CONFIGURE_ARGS+= --with-html-dir=${PREFIX}/share/doc/libxml2 | 13 | CONFIGURE_ARGS+= --with-html-dir=${PREFIX}/share/doc/libxml2 | |
| 15 | CONFIGURE_ARGS+= --with-iconv=${BUILDLINK_PREFIX.iconv} | 14 | CONFIGURE_ARGS+= --with-iconv=${BUILDLINK_PREFIX.iconv} | |
| 16 | CONFIGURE_ARGS+= --with-zlib=${BUILDLINK_PREFIX.zlib} | 15 | CONFIGURE_ARGS+= --with-zlib=${BUILDLINK_PREFIX.zlib} | |
| 17 | CONFIGURE_ARGS+= --with-lzma=${BUILDLINK_PREFIX.xz} | 16 | CONFIGURE_ARGS+= --with-lzma=${BUILDLINK_PREFIX.xz} | |
| 18 | CONFIGURE_ARGS+= --without-python | 17 | CONFIGURE_ARGS+= --without-python |
| @@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
| 1 | # $NetBSD: Makefile.common,v 1.19 2023/01/27 14:49:37 jperkin Exp $ | 1 | # $NetBSD: Makefile.common,v 1.19.2.1 2023/04/16 14:52:36 bsiegert Exp $ | |
| 2 | # | 2 | # | |
| 3 | # used by textproc/libxml2/Makefile | 3 | # used by textproc/libxml2/Makefile | |
| 4 | # used by textproc/py-libxml2/Makefile | 4 | # used by textproc/py-libxml2/Makefile | |
| 5 | 5 | |||
| 6 | DISTNAME= libxml2-2.10.3 | 6 | DISTNAME= libxml2-2.10.4 | |
| 7 | CATEGORIES= textproc | 7 | CATEGORIES= textproc | |
| 8 | MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libxml2/${PKGVERSION_NOREV:R}/} | 8 | MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libxml2/${PKGVERSION_NOREV:R}/} | |
| 9 | EXTRACT_SUFX= .tar.xz | 9 | EXTRACT_SUFX= .tar.xz | |
| 10 | 10 | |||
| 11 | MAINTAINER= pkgsrc-users@NetBSD.org | 11 | MAINTAINER= pkgsrc-users@NetBSD.org | |
| 12 | HOMEPAGE= http://xmlsoft.org/ | 12 | HOMEPAGE= http://xmlsoft.org/ | |
| 13 | 13 | |||
| 14 | DISTINFO_FILE= ${.CURDIR}/../../textproc/libxml2/distinfo | 14 | DISTINFO_FILE= ${.CURDIR}/../../textproc/libxml2/distinfo | |
| 15 | PATCHDIR= ${.CURDIR}/../../textproc/libxml2/patches | 15 | PATCHDIR= ${.CURDIR}/../../textproc/libxml2/patches |
| @@ -1,8 +1,8 @@ | @@ -1,8 +1,8 @@ | |||
| 1 | $NetBSD: distinfo,v 1.143 2023/01/26 01:49:16 gutteridge Exp $ | 1 | $NetBSD: distinfo,v 1.143.2.1 2023/04/16 14:52:36 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | BLAKE2s (libxml2-2.10.3.tar.xz) = e46e6337acb5ff88e6206d1d61ee8b27d66c5f716c98e830c3504a01dc178ad6 | 3 | BLAKE2s (libxml2-2.10.4.tar.xz) = f54b22ffa245226395133ab4d172192d06ee88b1a4a9f700804bb26d7af757d0 | |
| 4 | SHA512 (libxml2-2.10.3.tar.xz) = 33bb87ae9a45c475c3de09477e5d94840d8f687f893ef7839408bc7267e57611c4f2b863ed8ec819a4b5f1ebd6a122db9f6054c73bceed427d37f3e67f62620c | 4 | SHA512 (libxml2-2.10.4.tar.xz) = 792c1dceb098cd353a7eca4c46d31cce6310b2553d97fd3918cf0b94d93b2480759202036511bde36c24166236bd4616f57e79959eea9afe3f60614bdfe13094 | |
| 5 | Size (libxml2-2.10.3.tar.xz) = 2639908 bytes | 5 | Size (libxml2-2.10.4.tar.xz) = 2643600 bytes | |
| 6 | SHA1 (patch-configure) = 3d73d05780562dccd5f9621d9e9f15f2d62cfa87 | 6 | SHA1 (patch-configure) = 3d73d05780562dccd5f9621d9e9f15f2d62cfa87 | |
| 7 | SHA1 (patch-encoding.c) = 7fe0f67db061a2f46abe1c4b6b4d8a0402f82830 | 7 | SHA1 (patch-encoding.c) = 7fe0f67db061a2f46abe1c4b6b4d8a0402f82830 | |
| 8 | SHA1 (patch-error.c) = 77561e820e0da96acb572378c2f2a0b9b84112e1 | 8 | SHA1 (patch-error.c) = 77561e820e0da96acb572378c2f2a0b9b84112e1 |
| @@ -1,19 +1,18 @@ | @@ -1,19 +1,18 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.84 2023/01/27 14:52:53 jperkin Exp $ | 1 | # $NetBSD: Makefile,v 1.84.2.1 2023/04/16 14:52:36 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | .include "../../textproc/libxml2/Makefile.common" | 3 | .include "../../textproc/libxml2/Makefile.common" | |
| 4 | 4 | |||
| 5 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | 5 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | |
| 6 | PKGREVISION= 2 | |||
| 7 | 6 | |||
| 8 | COMMENT= Python wrapper for libxml2 | 7 | COMMENT= Python wrapper for libxml2 | |
| 9 | LICENSE= modified-bsd | 8 | LICENSE= modified-bsd | |
| 10 | 9 | |||
| 11 | USE_GCC_RUNTIME= yes | 10 | USE_GCC_RUNTIME= yes | |
| 12 | 11 | |||
| 13 | PYSETUPSUBDIR= python | 12 | PYSETUPSUBDIR= python | |
| 14 | GNU_CONFIGURE= YES | 13 | GNU_CONFIGURE= YES | |
| 15 | USE_TOOLS+= pkg-config | 14 | USE_TOOLS+= pkg-config | |
| 16 | 15 | |||
| 17 | SUBST_CLASSES+= setup | 16 | SUBST_CLASSES+= setup | |
| 18 | SUBST_MESSAGE.setup= Fixing hardcoded paths. | 17 | SUBST_MESSAGE.setup= Fixing hardcoded paths. | |
| 19 | SUBST_STAGE.setup= pre-build | 18 | SUBST_STAGE.setup= pre-build |