Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
python-libxml2-python.34539
libxml2.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2.spec of Package python-libxml2-python.34539
# # spec file for package libxml2 # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define lname libxml2-2 Name: libxml2 Version: 2.9.7 Release: 0 Summary: A Library to Manipulate XML Files License: MIT Group: Development/Libraries/C and C++ Url: http://xmlsoft.org Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz Source1: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc Source2: baselibs.conf Source3: %{name}.keyring Source4: https://www.w3.org/XML/Test/xmlts20080827.tar.gz Patch0: fix-perl.diff Patch1: python3.6-verify_fd.patch Patch2: libxml2-python3-unicode-errors.patch # PATCH-FIX-UPSTREAM libxml2-python3-string-null-check.patch bsc#1065270 mgorse@suse.com -- don't return a NULL string for an invalid UTF-8 conversion. Patch3: libxml2-python3-string-null-check.patch # PATCH-FIX-UPSTREAM bsc#1102046 CVE-2018-14404 NULL pointer dereference in xpath.c:xmlXPathCompOpEval() Patch4: libxml2-CVE-2018-14404.patch # PATCH-FIX-UPSTREAM bsc#1105166 bsc#1088279 CVE-2018-14567 CVE-2018-9251 Fix infinite loop in LZMA decompression Patch5: libxml2-CVE-2018-14567.patch # PATCH-FIX-SUSE bsc#1135123 Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit Patch6: libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch # PATCH-FIX-UPSTREAM bsc#1161517 CVE-2020-7595 Infinite loop in xmlStringLenDecodeEntities Patch7: libxml2-CVE-2020-7595.patch # PATCH-FIX-UPSTREAM bsc#1161521 CVE-2019-20388 Memory leak in xmlSchemaPreRun Patch8: libxml2-CVE-2019-20388.patch # PATCH-FIX-UPSTREAM bsc#1176179 CVE-2020-24977 xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal Patch9: libxml2-CVE-2020-24977.patch # PATCH-FIX-SUSE bsc#1178823 Avoid quadratic checking of identity-constraints Patch10: libxml2-Avoid-quadratic-checking-of-identity-constraints.patch # PATCH-FIX-UPSTREAM bsc#1185409 CVE-2021-3516 use-after-free in entities.c:xmlEncodeEntitiesInternal() Patch11: libxml2-CVE-2021-3516.patch # PATCH-FIX-UPSTREAM bsc#1185410 CVE-2021-3517 heap-based buffer overflow entities.c:xmlEncodeEntitiesInternal() Patch12: libxml2-CVE-2021-3517.patch # PATCH-FIX-UPSTREAM bsc#1185408 CVE-2021-3518 use-after-free in xinclude.c:xmlXIncludeDoProcess() Patch13: libxml2-CVE-2021-3518.patch # PATCH-FIX-UPSTREAM bsc#1185698 CVE-2021-3537 NULL pointer dereference in valid.c:xmlValidBuildAContentModel Patch14: libxml2-CVE-2021-3537.patch # PATCH-FIX-UPSTREAM bsc#1186015 CVE-2021-3541 Exponential entity expansion attack bypasses all existing protection mechanisms Patch15: libxml2-CVE-2021-3541.patch # PATCH-FIX-UPSTREAM bsc#1196490 CVE-2022-23308 Use-after-free of ID and IDREF attributes # - https://gitlab.gnome.org/GNOME/libxml2/-/commit/652dd12a858989b14eed4e84e453059cd3ba340e Patch16: libxml2-CVE-2022-23308.patch # PATCH-FIX-UPSTREAM bsc#1199132 CVE-2022-29824 integer overflow leading to out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) # - https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd Patch17: libxml2-CVE-2022-29824.patch # PATCH-FIX-UPSTREAM bsc#1201978 CVE-2016-3709 Cross-site scripting vulnerability Patch18: libxml2-CVE-2016-3709.patch # PATCH-FIX-UPSTREAM Fix integer overflows with XML_PARSE_HUGE (bsc#1204366, CVE-2022-40303) # https://gitlab.gnome.org/GNOME/libxml2/-/commit/ffaec75809a315457891a0e54f8828bc6e056067 Patch19: libxml2-CVE-2022-40303.patch # PATCH-FIX-UPSTREAM Fix dict corruption caused by entity reference cycles (bsc#1204367, CVE-2022-40304) # https://gitlab.gnome.org/GNOME/libxml2/-/commit/644a89e080bced793295f61f18aac8cfad6bece2 Patch20: libxml2-CVE-2022-40304.patch # PATCH-FIX-UPSTREAM [CVE-2023-29469, bsc#1210412] Hashing of empty dict strings isn't deterministic # https://gitlab.gnome.org/GNOME/libxml2/-/commit/09a2dd453007f9c7205274623acdd73747c22d64 Patch21: libxml2-CVE-2023-29469.patch # PATCH-FIX-UPSTREAM [CVE-CVE-2023-28484, bsc#1210411] NULL dereference in xmlSchemaFixupComplexType # https://gitlab.gnome.org/GNOME/libxml2/-/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f # https://gitlab.gnome.org/GNOME/libxml2/-/commit/4c6922f763ad958c48ff66f82823ae21f2e92ee6 Patch22: libxml2-CVE-2023-28484-1.patch Patch23: libxml2-CVE-2023-28484-2.patch # PATCH-FIX-UPSTREAM CVE-2023-39615 bsc#1214768 # https://gitlab.gnome.org/GNOME/libxml2/-/commit/d0c3f01e110d54415611c5fa0040cdf4a56053f9 Patch24: libxml2-CVE-2023-39615.patch # PATCH-FIX-UPSTREAM [CVE-2023-45322 bsc#1216129] use-after-free in xmlUnlinkNode() in tree.c # https://gitlab.gnome.org/GNOME/libxml2/-/commit/d39f78069dff496ec865c73aa44d7110e429bce9 Patch25: libxml2-CVE-2023-45322.patch # PATCH-FIX-UPSTREAM use-after-free in XMLReader bsc#1219576 david.anes@suse.com # https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a66b176055d25ee635bf328c7b35b381db0b71d Patch26: libxml2-CVE-2024-25062.patch # PATCH-FIX-UPSTREAM libxml2-CVE-2024-34459.patch bsc#1224282 david.anes@suse.com # https://gitlab.gnome.org/GNOME/libxml2/-/commit/3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Patch27: libxml2-CVE-2024-34459.patch BuildRequires: fdupes BuildRequires: pkgconfig BuildRequires: readline-devel BuildRequires: pkgconfig(liblzma) BuildRequires: pkgconfig(zlib) %description The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. %package -n %{lname} Summary: A Library to Manipulate XML Files Group: System/Libraries %description -n %{lname} The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. This library implements a number of existing standards related to markup languages, including the XML standard, name spaces in XML, XML Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and XML catalogs. In most cases, libxml tries to implement the specification in a rather strict way. To some extent, it provides support for the following specifications, but does not claim to implement them: DOM, FTP client, HTTP client, and SAX. The library also supports RelaxNG. Support for W3C XML Schemas is in progress. %package tools Summary: Tools using libxml Group: Productivity/Text/Utilities Provides: %{name} = %{version}-%{release} Obsoletes: %{name} < %{version}-%{release} %description tools This package contains xmllint, a very useful tool proving libxml's power. %package devel Summary: Development files for libxml2, an XML manipulation library Group: Development/Libraries/C and C++ Requires: %{lname} = %{version} Requires: %{name}-tools = %{version} Requires: glibc-devel Requires: readline-devel Requires: pkgconfig(liblzma) Requires: pkgconfig(zlib) %description devel The XML C library can load and save extensible data structures or manipulate any kind of XML files. This subpackage contains header files for developing applications that want to make use of libxml. %package doc Summary: Documentation for libxml, an XML manipulation library Group: Documentation/HTML Requires: %{lname} = %{version} BuildArch: noarch %description doc The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any kind of XML files. %prep %setup -q %patch0 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %patch27 -p1 %build %configure \ --disable-silent-rules \ --disable-static \ --docdir=%{_docdir}/%{name} \ --with-html-dir=%{_docdir}/%{name}/html \ --with-fexceptions \ --with-history \ --without-python \ --enable-ipv6 \ --with-sax1 \ --with-regexps \ --with-threads \ --with-reader \ --with-http make %{?_smp_mflags} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}" %install %make_install BASE_DIR="%{_docdir}" DOC_MODULE="%{name}" mkdir -p "%{buildroot}/%{_docdir}/%{name}" cp -a AUTHORS NEWS README COPYING* Copyright TODO* %{buildroot}%{_docdir}/%{name}/ ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml %fdupes %{buildroot}%{_datadir} %check # qemu-arm can't keep up atm, disabling check for arm %ifnarch %{arm} tar xzvf %{SOURCE4} # add conformance tests where they are expected make %{?_smp_mflags} check rm -rf %{_bindir}/xmlconf # remove conformance tests afterwards %endif %post -n %{lname} -p /sbin/ldconfig %postun -n %{lname} -p /sbin/ldconfig %files -n %{lname} %{_libdir}/lib*.so.* %doc %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/[ANRCT]* %files tools %{_bindir}/xmllint %{_bindir}/xmlcatalog %{_mandir}/man1/xmllint.1* %{_mandir}/man1/xmlcatalog.1* %files devel %{_bindir}/xml2-config %dir %{_datadir}/aclocal %{_datadir}/aclocal/libxml.m4 %{_includedir}/libxml %{_includedir}/libxml2 %{_libdir}/lib*.so # libxml2.la is needed for the python-libxml2 build. Deleting it breaks build of python-libxml2. %{_libdir}/libxml2.la %{_libdir}/*.sh %{_libdir}/pkgconfig/*.pc %{_libdir}/cmake %{_mandir}/man1/xml2-config.1%{ext_man} %{_mandir}/man3/libxml.3%{ext_man} %files doc %{_datadir}/gtk-doc/html/* %doc %{_docdir}/%{name}/examples %doc %{_docdir}/%{name}/html # owning these directories prevents gtk-doc <-> libxml2 build loop: %dir %{_datadir}/gtk-doc %dir %{_datadir}/gtk-doc/html %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor