File libxml2.spec of Package libxml2.23977

Overview Repositories Revisions Requests Users Attributes Meta

File libxml2.spec of Package libxml2.23977

#
# spec file for package libxml2
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

%define lname libxml2-2
Name:           libxml2
Version:        2.9.7
Release:        0
Summary:        A Library to Manipulate XML Files
License:        MIT
Group:          Development/Libraries/C and C++
Url:            http://xmlsoft.org
Source:         ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
Source1:        ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc
Source2:        baselibs.conf
Source3:        %{name}.keyring
Patch0:         fix-perl.diff
# PATCH-FIX-UPSTREAM bsc#1102046 CVE-2018-14404 NULL pointer dereference in xpath.c:xmlXPathCompOpEval()
Patch1:         libxml2-CVE-2018-14404.patch
# PATCH-FIX-UPSTREAM bsc#1105166 bsc#1088279 CVE-2018-14567 CVE-2018-9251 Fix infinite loop in LZMA decompression
Patch2:         libxml2-CVE-2018-14567.patch
# PATCH-FIX-SUSE bsc#1135123 Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit
Patch3:         libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
# PATCH-FIX-UPSTREAM bsc#1161517 CVE-2020-7595 Infinite loop in xmlStringLenDecodeEntities
Patch5:         libxml2-CVE-2020-7595.patch
# PATCH-FIX-UPSTREAM bsc#1161521 CVE-2019-20388 Memory leak in xmlSchemaPreRun
Patch6:         libxml2-CVE-2019-20388.patch
# PATCH-FIX-UPSTREAM bsc#1176179 CVE-2020-24977 xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal
Patch7:         libxml2-CVE-2020-24977.patch
# PATCH-FIX-SUSE bsc#1178823 Avoid quadratic checking of identity-constraints
Patch8:         libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
# PATCH-FIX-UPSTREAM bsc#1185409 CVE-2021-3516 use-after-free in entities.c:xmlEncodeEntitiesInternal()
Patch9:         libxml2-CVE-2021-3516.patch
# PATCH-FIX-UPSTREAM bsc#1185410 CVE-2021-3517 heap-based buffer overflow entities.c:xmlEncodeEntitiesInternal()
Patch10:        libxml2-CVE-2021-3517.patch
# PATCH-FIX-UPSTREAM bsc#1185408 CVE-2021-3518 use-after-free in xinclude.c:xmlXIncludeDoProcess()
Patch11:        libxml2-CVE-2021-3518.patch
# PATCH-FIX-UPSTREAM bsc#1185698 CVE-2021-3537 NULL pointer dereference in valid.c:xmlValidBuildAContentModel
Patch12:        libxml2-CVE-2021-3537.patch
# PATCH-FIX-UPSTREAM bsc#1186015 CVE-2021-3541 Exponential entity expansion attack bypasses all existing protection mechanisms
Patch13:        libxml2-CVE-2021-3541.patch
# PATCH-FIX-UPSTREAM bsc#1196490 CVE-2022-23308 Use-after-free of ID and IDREF attributes
# - https://gitlab.gnome.org/GNOME/libxml2/-/commit/652dd12a858989b14eed4e84e453059cd3ba340e
Patch14:        libxml2-CVE-2022-23308.patch
# PATCH-FIX-UPSTREAM bsc#1199132 CVE-2022-29824 integer overflow leading to out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*)
# - https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
Patch15:         libxml2-CVE-2022-29824.patch

BuildRequires:  fdupes
BuildRequires:  pkgconfig
BuildRequires:  readline-devel
BuildRequires:  pkgconfig(liblzma)
BuildRequires:  pkgconfig(zlib)

%description
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

%package -n %{lname}
Summary:        A Library to Manipulate XML Files
Group:          System/Libraries

%description -n %{lname}
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

This library implements a number of existing standards related to
markup languages, including the XML standard, name spaces in XML, XML
Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and
XML catalogs. In most cases, libxml tries to implement the
specification in a rather strict way. To some extent, it provides
support for the following specifications, but does not claim to
implement them: DOM, FTP client, HTTP client, and SAX.

The library also supports RelaxNG. Support for W3C XML Schemas is in
progress.

%package tools
Summary:        Tools using libxml
Group:          Productivity/Text/Utilities
Provides:       %{name} = %{version}-%{release}
Obsoletes:      %{name} < %{version}-%{release}

%description tools
This package contains xmllint, a very useful tool proving libxml's power.

%package devel
Summary:        Development files for libxml2, an XML manipulation library
Group:          Development/Libraries/C and C++
Requires:       %{lname} = %{version}
Requires:       %{name}-tools = %{version}
Requires:       glibc-devel
Requires:       readline-devel
Requires:       pkgconfig(liblzma)
Requires:       pkgconfig(zlib)

%description devel
The XML C library can load and save extensible data structures
or manipulate any kind of XML files.

This subpackage contains header files for developing
applications that want to make use of libxml.

%package doc
Summary:        Documentation for libxml, an XML manipulation library
Group:          Documentation/HTML
Requires:       %{lname} = %{version}
BuildArch:      noarch

%description doc
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

%prep
%setup -q
%patch0
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1

%build
%configure \
    --disable-silent-rules \
    --disable-static \
    --docdir=%{_docdir}/%{name} \
    --with-html-dir=%{_docdir}/%{name}/html \
    --with-fexceptions \
    --with-history \
    --without-python \
    --enable-ipv6 \
    --with-sax1 \
    --with-regexps \
    --with-threads \
    --with-reader \
    --with-http
make %{?_smp_mflags} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}"

%install
%make_install BASE_DIR="%{_docdir}" DOC_MODULE="%{name}"
mkdir -p "%{buildroot}/%{_docdir}/%{name}"
cp -a AUTHORS NEWS README COPYING* Copyright TODO* %{buildroot}%{_docdir}/%{name}/
ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml
%fdupes %{buildroot}%{_datadir}

%check
# qemu-arm can't keep up atm, disabling check for arm
%ifnarch %{arm}
make %{?_smp_mflags} check
%endif

%post -n %{lname} -p /sbin/ldconfig
%postun -n %{lname} -p /sbin/ldconfig

%files -n %{lname}
%{_libdir}/lib*.so.*
%doc %dir %{_docdir}/%{name}
%doc %{_docdir}/%{name}/[ANRCT]*

%files tools
%{_bindir}/xmllint
%{_bindir}/xmlcatalog
%{_mandir}/man1/xmllint.1*
%{_mandir}/man1/xmlcatalog.1*

%files devel
%{_bindir}/xml2-config
%dir %{_datadir}/aclocal
%{_datadir}/aclocal/libxml.m4
%{_includedir}/libxml
%{_includedir}/libxml2
%{_libdir}/lib*.so
# libxml2.la is needed for the python-libxml2 build. Deleting it breaks build of python-libxml2.
%{_libdir}/libxml2.la
%{_libdir}/*.sh
%{_libdir}/pkgconfig/*.pc
%{_libdir}/cmake
%{_mandir}/man1/xml2-config.1%{ext_man}
%{_mandir}/man3/libxml.3%{ext_man}

%files doc
%{_datadir}/gtk-doc/html/*
%doc %{_docdir}/%{name}/examples
%doc %{_docdir}/%{name}/html
# owning these directories prevents gtk-doc <-> libxml2 build loop:
%dir %{_datadir}/gtk-doc
%dir %{_datadir}/gtk-doc/html

%changelog

Places

File libxml2.spec of Package libxml2.23977

Places