commit libxml2 for openSUSE:Factory
Hello community, here is the log from the commit of package libxml2 for openSUSE:Factory checked in at 2017-09-29 11:48:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxml2 (Old) and /work/SRC/openSUSE:Factory/.libxml2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libxml2" Fri Sep 29 11:48:40 2017 rev:87 rq:528090 version:2.9.5 Changes: -------- --- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes 2017-06-20 11:00:55.163117626 +0200 +++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-09-29 11:48:43.163210936 +0200 @@ -1,0 +2,28 @@ +Thu Sep 21 14:19:56 UTC 2017 - jengelh@inai.de + +- Update package summaries and RPM groups. Trim descriptions for + size on secondary subpackages. Replace install call by a + commonly-used macro. + +------------------------------------------------------------------- +Thu Sep 21 14:05:29 UTC 2017 - tchvatal@suse.com + +- Add patch to fix TW integration: + * libxml2-bug787941.patch + +------------------------------------------------------------------- +Sun Sep 10 09:54:07 UTC 2017 - tchvatal@suse.com + +- Version update to 2.9.5 release: + * Merged all the previous cve fixes that were patched in + * Few small tweaks +- Remove merged patches: + * libxml2-CVE-2016-4658.patch + * libxml2-CVE-2017-0663.patch + * libxml2-CVE-2017-5969.patch + * libxml2-CVE-2017-9047.patch + * libxml2-CVE-2017-9048.patch + * libxml2-CVE-2017-9049.patch + * libxml2-2.9.4-fix_attribute_decoding.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes 2016-06-12 18:51:33.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes 2017-09-29 11:48:43.211204168 +0200 @@ -1,0 +2,22 @@ +Thu Sep 21 14:19:56 UTC 2017 - jengelh@inai.de + +- Update package summaries and RPM groups. Trim descriptions for + size on secondary subpackages. Replace install call by a + commonly-used macro. + +------------------------------------------------------------------- +Sun Sep 10 09:54:07 UTC 2017 - tchvatal@suse.com + +- Version update to 2.9.5 release: + * Merged all the previous cve fixes that were patched in + * Few small tweaks +- Remove merged patches: + * libxml2-CVE-2016-4658.patch + * libxml2-CVE-2017-0663.patch + * libxml2-CVE-2017-5969.patch + * libxml2-CVE-2017-9047.patch + * libxml2-CVE-2017-9048.patch + * libxml2-CVE-2017-9049.patch + * libxml2-2.9.4-fix_attribute_decoding.patch + +------------------------------------------------------------------- Old: ---- libxml2-2.9.4-fix_attribute_decoding.patch libxml2-2.9.4.tar.gz libxml2-2.9.4.tar.gz.asc libxml2-CVE-2016-4658.patch libxml2-CVE-2017-0663.patch libxml2-CVE-2017-5969.patch libxml2-CVE-2017-9047.patch libxml2-CVE-2017-9048.patch libxml2-CVE-2017-9049.patch New: ---- libxml2-2.9.5.tar.gz libxml2-2.9.5.tar.gz.asc libxml2-bug787941.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxml2.spec ++++++ --- /var/tmp/diff_new_pack.0WWeFS/_old 2017-09-29 11:48:44.075082344 +0200 +++ /var/tmp/diff_new_pack.0WWeFS/_new 2017-09-29 11:48:44.075082344 +0200 @@ -18,55 +18,29 @@ %define lname libxml2-2 Name: libxml2 -Version: 2.9.4 +Version: 2.9.5 Release: 0 Summary: A Library to Manipulate XML Files License: MIT -Group: System/Libraries +Group: Development/Libraries/C and C++ Url: http://xmlsoft.org Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz Source1: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc Source2: baselibs.conf Source3: %{name}.keyring Patch0: fix-perl.diff -# PATCH-FIX-UPSTREAM bnc#983288 kstreitova@suse.com -- fix attribute decoding during XML schema validation -Patch1: libxml2-2.9.4-fix_attribute_decoding.patch -# PATCH-FIX-UPSTREAM bsc#1005544 pmonrealgonzalez@suse.com -- Disallow namespace nodes in XPointer ranges -Patch2: libxml2-CVE-2016-4658.patch -# PATCH-FIX-UPSTREAM bsc#1039063 -- pmonrealgonzalez@suse.com -- stack overflow vulnerability -Patch3: libxml2-CVE-2017-9047.patch -# PATCH-FIX-UPSTREAM bsc#1039064 -- pmonrealgonzalez@suse.com -- stack overflow vulnerability -Patch4: libxml2-CVE-2017-9048.patch -# PATCH-FIX-UPSTREAM bsc#1039066 -- pmonrealgonzalez@suse.com -- heap-based buffer overflow -Patch5: libxml2-CVE-2017-9049.patch -# PATCH-FIX-UPSTREAM bnc#1024989 pmonrealgonzalez@suse.com -- CVE-2017-5969 NULL pointer derefence parsing xml file -Patch6: libxml2-CVE-2017-5969.patch -# PATCH-FIX-UPSTREAM bnc#1044337 pmonrealgonzalez@suse.com -- CVE-2017-0663: libxml2: Heap buffer overflow in xmlAddID -Patch7: libxml2-CVE-2017-0663.patch - +Patch1: libxml2-bug787941.patch BuildRequires: fdupes -BuildRequires: pkg-config +BuildRequires: pkgconfig BuildRequires: readline-devel -BuildRequires: xz-devel -BuildRequires: zlib-devel -BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: pkgconfig(liblzma) +BuildRequires: pkgconfig(zlib) %description The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. -This library implements a number of existing standards related to -markup languages, including the XML standard, name spaces in XML, XML -Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and -XML catalogs. In most cases, libxml tries to implement the -specification in a rather strict way. To some extent, it provides -support for the following specifications, but does not claim to -implement them: DOM, FTP client, HTTP client, and SAX. - -The library also supports RelaxNG. Support for W3C XML Schemas is in -progress. - %package -n %{lname} Summary: A Library to Manipulate XML Files Group: System/Libraries @@ -89,7 +63,7 @@ %package tools Summary: Tools using libxml -Group: System/Libraries +Group: Productivity/Text/Utilities Provides: %{name} = %{version}-%{release} Obsoletes: %{name} < %{version}-%{release} @@ -97,26 +71,25 @@ This package contains xmllint, a very useful tool proving libxml's power. %package devel -Summary: Include Files and Libraries mandatory for Development +Summary: Development files for libxml2, an XML manipulation library Group: Development/Libraries/C and C++ Requires: %{lname} = %{version} Requires: %{name}-tools = %{version} Requires: glibc-devel Requires: readline-devel -Requires: xz-devel -Requires: zlib-devel -# bug437293 -%ifarch ppc64 -Obsoletes: libxml2-devel-64bit -%endif +Requires: pkgconfig(liblzma) +Requires: pkgconfig(zlib) %description devel -This package contains all necessary include files and libraries needed -to develop applications that require these. +The XML C library can load and save extensible data structures +or manipulate any kind of XML files. + +This subpackage contains header files for developing +applications that want to make use of libxml. %package doc -Summary: A Library to Manipulate XML Files -Group: System/Libraries +Summary: Documentation for libxml, an XML manipulation library +Group: Documentation/HTML Requires: %{lname} = %{version} BuildArch: noarch @@ -125,30 +98,15 @@ now used by many programs to load and save extensible data structures or manipulate any kind of XML files. -This library implements a number of existing standards related to -markup languages, including the XML standard, name spaces in XML, XML -Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and -XML catalogs. In most cases, libxml tries to implement the -specification in a rather strict way. To some extent, it provides -support for the following specifications, but does not claim to -implement them: DOM, FTP client, HTTP client, and SAX. - -The library also supports RelaxNG. Support for W3C XML Schemas is in -progress. - %prep %setup -q %patch0 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 %build -%configure --disable-static \ +%configure \ + --disable-silent-rules \ + --disable-static \ --docdir=%{_docdir}/%{name} \ --with-html-dir=%{_docdir}/%{name}/html \ --with-fexceptions \ @@ -164,7 +122,7 @@ make %{?_smp_mflags} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}" %install -make install DESTDIR=%{buildroot} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}" +%make_install BASE_DIR="%{_docdir}" DOC_MODULE="%{name}" mkdir -p "%{buildroot}/%{_docdir}/%{name}" cp -a AUTHORS NEWS README COPYING* Copyright TODO* %{buildroot}%{_docdir}/%{name}/ ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml @@ -172,29 +130,25 @@ %check # qemu-arm can't keep up atm, disabling check for arm -%ifnarch %arm +%ifnarch %{arm} make %{?_smp_mflags} check %endif %post -n %{lname} -p /sbin/ldconfig - %postun -n %{lname} -p /sbin/ldconfig %files -n %{lname} -%defattr(-, root, root) %{_libdir}/lib*.so.* %doc %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/[ANRCT]* %files tools -%defattr(-, root, root) %{_bindir}/xmllint %{_bindir}/xmlcatalog %{_mandir}/man1/xmllint.1* %{_mandir}/man1/xmlcatalog.1* %files devel -%defattr(-, root, root) %{_bindir}/xml2-config %dir %{_datadir}/aclocal %{_datadir}/aclocal/libxml.m4 @@ -206,11 +160,10 @@ %{_libdir}/*.sh %{_libdir}/pkgconfig/*.pc %{_libdir}/cmake -%{_mandir}/man1/xml2-config.1* -%{_mandir}/man3/libxml.3* +%{_mandir}/man1/xml2-config.1%{ext_man} +%{_mandir}/man3/libxml.3%{ext_man} %files doc -%defattr(-, root, root) %{_datadir}/gtk-doc/html/* %doc %{_docdir}/%{name}/examples %doc %{_docdir}/%{name}/html ++++++ python-libxml2.spec ++++++ --- /var/tmp/diff_new_pack.0WWeFS/_old 2017-09-29 11:48:44.103078395 +0200 +++ /var/tmp/diff_new_pack.0WWeFS/_new 2017-09-29 11:48:44.107077832 +0200 @@ -17,18 +17,18 @@ Name: python-libxml2 -Version: 2.9.4 +Version: 2.9.5 Release: 0 Summary: Python Bindings for libxml2 License: MIT Group: Development/Libraries/Python Url: http://xmlsoft.org Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: libxml2-devel -BuildRequires: python-devel -#!BuildIgnore: python +BuildRequires: pkgconfig BuildRequires: python-xml +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(python) +#!BuildIgnore: python Requires: libxml2-2 = %{version} # Uncomment to save space: #NoSource: 0 @@ -49,10 +49,6 @@ %setup -q -n libxml2-%{version} %build -# workaround for bnc#310196 -%ifarch s390 s390x -export RPM_OPT_FLAGS=${RPM_OPT_FLAGS/-O2/-O1} -%endif export CFLAGS="%{optflags} -fno-strict-aliasing" %configure \ --with-fexceptions \ @@ -70,8 +66,7 @@ make -C python %{?_smp_mflags} %install -make -C python install \ - DESTDIR=%{buildroot} \ +%make_install -C python \ pythondir=%{py_sitedir} \ PYTHON_SITE_PACKAGES=%{py_sitedir} chmod a-x python/tests/*.py @@ -82,7 +77,6 @@ rm -f %{buildroot}%{py_sitedir}/*.{la,a} %files -%defattr(-, root, root) %doc python/TODO %doc python/libxml2class.txt %doc python/tests ++++++ libxml2-2.9.4.tar.gz -> libxml2-2.9.5.tar.gz ++++++ ++++ 59848 lines of diff (skipped) ++++++ libxml2-bug787941.patch ++++++
From 3157cf4e53c03bc3da604472c015c63141907db8 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer
Date: Wed, 20 Sep 2017 16:13:29 +0200 Subject: Report undefined XPath variable error message
Commit c851970 removed a redundant error message if XPath evaluation
failed. This uncovered a case where an undefined XPath variable error
wasn't reported correctly.
Thanks to Petr Pisar for the report.
Fixes bug 787941.
---
xpath.c | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/xpath.c b/xpath.c
index 2c1b268..9481507 100644
--- a/xpath.c
+++ b/xpath.c
@@ -13531,10 +13531,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
if (op->value5 == NULL) {
val = xmlXPathVariableLookup(ctxt->context, op->value4);
- if (val == NULL) {
- ctxt->error = XPATH_UNDEF_VARIABLE_ERROR;
- return(0);
- }
+ if (val == NULL)
+ XP_ERROR0(XPATH_UNDEF_VARIABLE_ERROR);
valuePush(ctxt, val);
} else {
const xmlChar *URI;
@@ -13549,10 +13547,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
}
val = xmlXPathVariableLookupNS(ctxt->context,
op->value4, URI);
- if (val == NULL) {
- ctxt->error = XPATH_UNDEF_VARIABLE_ERROR;
- return(0);
- }
+ if (val == NULL)
+ XP_ERROR0(XPATH_UNDEF_VARIABLE_ERROR);
valuePush(ctxt, val);
}
return (total);
--
cgit v0.12
++++++ libxml2.keyring ++++++
--- /var/tmp/diff_new_pack.0WWeFS/_old 2017-09-29 11:48:45.790840388 +0200
+++ /var/tmp/diff_new_pack.0WWeFS/_new 2017-09-29 11:48:45.790840388 +0200
@@ -1,10 +1,12 @@
-pub 1024D/DE95BC1F 2000-05-31
-uid [ unknown] Daniel Veillard (Red Hat work email)
participants (1)
-
root@hilbert.suse.de