summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/libxml
Commit message (Collapse)AuthorAgeFilesLines
* libxml2: fix CVE-2025-6021hongxu2025-06-162-0/+60
| | | | | | | | | | | | | | | | | | | | According to [1] A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. Refer debian [2], backport a fix [3] from upstream [1] https://nvd.nist.gov/vuln/detail/CVE-2025-6021 [2] https://security-tracker.debian.org/tracker/CVE-2025-6021 [3] https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0 (From OE-Core rev: e3a6bf785656243b5adc0775f7480a1eb0e4ae4c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: revert commit breaking patchs in cmake filePeter Marko2025-05-272-0/+82
| | | | | | | | | | | | | | | | Make a revert of commit which breaks cross-compilation of depending components. This commit changes path calculation from relative to cmake file to absolute from includedir, which points then the host /usr/include. Submitted upstream ticket [1] to clarify how this should be fixed in libxml2 upstream. [1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/898#note_2452864 (From OE-Core rev: bc93853c8d2e1da10c000a477093e293fa637761) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.13.6 -> 2.14.3Peter Marko2025-05-273-9/+6
| | | | | | | | | | | | | | | | | | | | Handle CVE-2025-32414 and CVE-2025-32415. * rebased install-tests.patch * removed testsuite testThreads (merged into runtest.c) * https://gitlab.gnome.org/GNOME/libxml2/-/commit/481fd6bbee029e15a6a4015e5160a332d7c18cba * removed IPv6 option (as part of with ftp support removal) * https://gitlab.gnome.org/GNOME/libxml2/-/commit/dba1ed85a320c36807ee09f44d09fd30852b9370 * added testsuites testlimits testparser (already present before but not executed) License-Update: Mention contributors in Copyright https://gitlab.gnome.org/GNOME/libxml2/-/commit/4bd66d4549b2e8925a752e0daac3a189d2fec8f7 (From OE-Core rev: 6585649fdd2ab9e83dfd60eb77ff7821a1363d50) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.13.6 -> 2.13.8Divya Chellam2025-05-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | This includes CVE-fix for CVE-2025-32414 and CVE-2025-32415. Changelog: =========== https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7 https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8 Regressions * tree: Fix xmlTextMerge with NULL args * io: Fix compressed flag for uncompressed stdin * parser: Fix parsing of DTD content Security * [CVE-2025-32415] schemas: Fix heap buffer overflow inxmlSchemaIDCFillNodeTables * [CVE-2025-32414] python: Read at most len/4 characters. (Maks Verver) (From OE-Core rev: 0b24113405ab0bbb3200bb47fa8ed6abeaa7481b) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.13.5 -> 2.13.6hongxu2025-02-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6 Release notes Security [CVE-2025-24928] Fix stack-buffer-overflow in xmlSnprintfElements [CVE-2024-56171] Fix use-after-free after xmlSchemaItemListAdd pattern: Fix compilation of explicit child axis Regressions xmllint: Support compressed input from stdin uri: Fix handling of Windows drive letters reader: Fix return value of xmlTextReaderReadString again SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL Portability dict: Handle ENOSYS from getentropy gracefully Fix compilation with uclibc (Dario Binacchi) python: Declare init func with PyMODINIT_FUNC tests: Fix sanitizer version check on old Apple clang cmake: Work around broken sys/random.h in old macOS SDKs Build autotools: Set AC_CONFIG_AUX_DIR cmake: Always build Python module as shared library cmake: add missing Bcrypt link on Windows (Saleem Abdulrasool) cmake: Fix compatibility in package version file (From OE-Core rev: 86e16b1081fbe12b4f53fc72bfdff5240da7321a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.13.4 -> 2.13.5Guðni Már Gilbert2024-11-192-3/+3
| | | | | | | | | | | | | | | | | | | | | https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.5 Regressions * xmlIO: Fix reading from non-regular files like pipes * xmlreader: Fix return value of xmlTextReaderReadString * parser: Fix loading of parameter entities in external DTDs * parser: Fix downstream code that swaps DTDs * parser: Fix detection of duplicate attributes * string: Fix va_copy fallback Bug fixes * xpath: Fix parsing of non-ASCII names (From OE-Core rev: c6dc275850d5a98803eee7d4712bb66b19051c82) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.13.3 -> 2.13.4J. S2024-10-181-1/+1
| | | | | | | | | | Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.4 (From OE-Core rev: b8e00689bf3ceaa27c015df32a88ada27b1810a7) Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: 2.12.8 -> 2.13.3hongxu2024-08-231-4/+3
| | | | | | | | | | | | | * Remove Trio and updated Copyright to remove Trio [1] * Remove --with-fexceptions configuration option [2] [1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/7d6969d95509a94347d6f96167ac5420abafa291 [2] https://gitlab.gnome.org/GNOME/libxml2/-/commit/e349709ae7e07a2183304ccc9352b6ac86f62a18 (From OE-Core rev: 786a24228ee0793f43258133c7e5df6acb3e9de2) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Upgrade 2.12.7 -> 2.12.8Siddharth Doshi2024-06-241-1/+1
| | | | | | | | | | | | Changes between 2.12.7 -> 2.12.8 ================================ Regression Fixed: parser: Fix performance regression when parsing namespaces (From OE-Core rev: 15eb0b6531a97f85c1b098fb51de9126f2221248) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.12.6 -> 2.12.7Wang Mingyu2024-05-281-1/+1
| | | | | | | | | | | | | | Changelog: ========= - Fix buffer overread with 'xmllint --htmlout' - xmllint: Fix --pedantic option - save: Handle invalid parent pointers in xhtmlNodeDumpOutput (From OE-Core rev: 64e16e2ca71a4dcf285f3dc36789077aa3beaf50) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.12.5 -> 2.12.6Wang Mingyu2024-04-161-1/+1
| | | | | | | | | | | | | | Changelog: =========== - parser: Fix detection of duplicate attributes in XML namespace - xmlreader: Fix xmlTextReaderConstEncoding - html: Fix htmlCreatePushParserCtxt with encoding - xmllint: Return error code if XPath returns empty nodeset (From OE-Core rev: 0bc673b0de08e02ff01ec9ad3daf0bb41662da40) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.11.5 -> 2.12.5Alexander Kanavin2024-03-072-9/+9
| | | | | | | | | | License-Update: hash.c is rewritten and no longer carries a special copyright notice, but dict.c still does (Copyright file updated to reflect that) (From OE-Core rev: a14769d40bee751ac1dcd536789e8e346046e141) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/recipes: Switch to use inherit_deferRichard Purdie2024-01-181-1/+1
| | | | | | | | | | | | | | | | | Now that bitbake supports the use of inherit_defer, switch all conditional (variable based) inherits to use this instead. This leads to more a more deterministic user experience since there is no longer an immediate expansion and later changes to the variables in question (e.g. a bbappend) are accounted for. This patch tries to ensure the behaviour before/after remains as unchanged as it reasonably can, e.g. by always inherting populate_sdk_base. native and nativesdk continue to need to be inherited last, hence being used with inherit_defer in a handful of very specific cases. (From OE-Core rev: 451363438d38bd4552d5bcec4a92332f5819a5d4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnomebase.bbclass: Use meson as default buildsystemMarkus Volk2023-11-131-0/+1
| | | | | | | | | | | | | | | The vast majority of gnome recipes uses meson. Set it as default and override the few recipes that still use autotools. This way we can remove a lot of lines in meta-oe and more important it would not be needed to explicitly set GNOMEBASEBUILDCLASS = "meson" for newly created gnome recipe anymore. (From OE-Core rev: 8b061ea36f8b94b482c5867fe2ba7213288a5aa3) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: ignore disputed CVE-2023-45322Ross Burton2023-10-261-0/+3
| | | | | | | | | | | | | | | | This CVE is a use-after-free which theoretically can be an exploit vector, but this UAF only occurs when malloc() fails. As it's unlikely that the user can orchestrate malloc() failures at just the place to break on _this_ malloc and not others it is disputed that this is actually a security issue. The underlying bug has been fixed, and will be incorporated into the next release. (From OE-Core rev: b93dd888b861aa6df97cd78b70fa9f757cfcdf61) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.11.4 -> 2.11.5Wang Mingyu2023-09-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== ### Regressions --------------- - parser: Make xmlSwitchEncoding always skip the BOM - autotools: Improve iconv check ### Bug fixes -------------- - valid: Fix c1->parent pointer in xmlCopyDocElementContent - encoding: Always call ucnv_convertEx with flush set to false ### Portability --------------- - autotools: fix Python module file ext for cygwin/msys2 ### Tests ---------- - runtest: Fix compilation without LIBXML_HTML_ENABLED (From OE-Core rev: 9e1bcaac1da6907d6664c5628e7c6196cfa5fcc7) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve_check: convert CVE_CHECK_IGNORE to CVE_STATUSAndrej Valek2023-07-211-4/+0
| | | | | | | | | | | | | - Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version (From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Reviewed-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: update 2.10.4 -> 2.11.4Alexander Kanavin2023-06-275-476/+8
| | | | | | | | | | | | | Drop backports. Drop libxml-64bit.patch (no longer necessary). (From OE-Core rev: 24860598ba8557ea3a145f249938ea411f1ef1d8) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Do not use lld linker when building with tests on rv64Khem Raj2023-06-191-0/+2
| | | | | | | | | | | | lld ends up with errors on some tests | riscv64-yoe-linux-ld.lld: error: section size decrease is too large Therefore do not use lld when building ptests (From OE-Core rev: 154e81bb6b05b23c0c673b431cb7cee868421335) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.10.3 -> 2.10.4Wang Mingyu2023-04-201-1/+1
| | | | | | | | | | | | | | | | | | | | | Changelog: ========== ### Security - [CVE-2023-29469] Hashing of empty dict strings isn't deterministic - [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType - schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK ### Regressions - SAX2: Ignore namespaces in HTML documents - io: Fix "buffer full" error with certain buffer sizes (From OE-Core rev: 9ddbbf2f86f046784c3baa58de5606a73e9e24f4) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Disable icu tests on muslKhem Raj2023-04-201-2/+7
| | | | | | | | | | | | | these tests do not work with musl's iconv implementation and would need enabling icu support using --with-icu which we do not enable by default Additionally enable locale with musl too. (From OE-Core rev: 03980db15fa1de2f970705364c2316f17428a3aa) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade test data from 20080827 to 20130923Martin Jansa2022-12-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | | * and switch from tar.gz to tar, because the tar.gz archives upstream are regular tar as well now https://www.w3.org/XML/Test/ still has 3 separate URLs for .zip, .tar and .tar.gz, but both tar links return the same file: xmlts20130923.tar: POSIX tar archive (GNU) xmlts20130923.tar.gz: POSIX tar archive (GNU) xmlts20130923.zip: Zip archive data, at least v1.0 to extract, compression method=store -rw-r--r-- 1 martin martin 5.7M Sep 23 2013 xmlts20130923.tar -rw-r--r-- 1 martin martin 5.7M Sep 23 2013 xmlts20130923.tar.gz -rw-r--r-- 1 martin martin 1.6M Sep 23 2013 xmlts20130923.zip c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273 xmlts20130923.tar c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273 xmlts20130923.tar.gz f9510b3532926e1b4c2e54855b021e4b8a66ec98a5337dcf4ff07e8a41968deb xmlts20130923.zip (From OE-Core rev: 0ee43418ce37e52f1886b85ff2c7d8cdff9f2039) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: add more testingRoss Burton2022-12-093-1/+224
| | | | | | | | | | | Backport more test cases fixes from upstream, and add runsuite to the ptests. (From OE-Core rev: a6de5fa28fc90e0184d3d86822d06de5d93bbc44) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: upgrade 2.9.14 -> 2.10.3Ross Burton2022-12-0810-1930/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change ptest away from using the upstream Makefiles to manually running the tests: they're not actually integrated with automake anyway so this didn't gain us anything apart from patches we can't send upstream. Drops the following patches: - 0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch - 0001-Port-gentest.py-to-Python-3.patch - fix-execution-of-ptests.patch - remove-fuzz-from-ptests.patch - runtest.patch Add a simple patch to install the test binaries via the Makefile: - install-tests.patch The Python module is built differently and a number of patches no longer apply and appear to be redundant, remove: - python-sitepackages-dir.patch libxml-m4-use-pkgconfig.patch has been sent upstream now, mark as backport. Remove obsolete --without-docbook option. Remove obsolete xml2Conf.sh packaging. (From OE-Core rev: ec5f380a14246e31b2a1a12dda9fe2178b1e5f83) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: don't override XML_CATALOG_FILES in xmllint wrapper if already setRoss Burton2022-09-121-1/+2
| | | | | | | | | | | | | | The KDE build uses custom catalogs by setting XML_CATALOG_FILES, so this wrapper should not override that value if it has already been set. [RP: Add vardepsexclude since bitbake stores the expanded version of the variable name in the siginfo data which would expand to a full build path in the native case] (From OE-Core rev: a6be6d307fbe69248b4905214712d67bfddf6b92) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Port gentest.py to Python-3Martin Jansa2022-09-072-0/+825
| | | | | | | | | | | | | | | * but it still won't work well on hosts without libxml2, make sure to use pre-generated testapi.c in do_compile_ptest * this is reproducible with SOURCE_DATE_EPOCH set to 0 which e.g. meta-updater still sets by default for DISTROs which use it :(, see https://github.com/uptane/meta-updater/pull/35 (From OE-Core rev: 178cea1593dc6e9a7eb74842615356d90d79f78f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: wrap xmllint to use the correct XML cataloguesRoss Burton2022-08-251-0/+2
| | | | | | | | | | | | Install a wrapper around xmllint in native builds to set XML_CATALOG_FILES to the correct location of the XML catalogues, so that the callers of this script (like xmlto) don't need to do the same. (From OE-Core rev: 8159b47e7ddddaca57ade2ecf24d8ff9a0abf26a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Ignore CVE-2016-3709Khem Raj2022-08-161-0/+4
| | | | | | | | | | | This is fixed via a revert in 2.9.11 [1] [1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f (From OE-Core rev: 131b7010ae45b0c4e1c6a29dfc56b225d2ad2a69) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Upgrade 2.9.13 -> 2.9.14Jiaqing Zhao2022-05-073-111/+14
| | | | | | | | (From OE-Core rev: c4ba21f4012e8859fc793bec7df76e56eb8058ec) Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: update patch statusAlexander Kanavin2022-04-281-1/+3
| | | | | | | (From OE-Core rev: 2e21e1e5e2659b02a771ce986fc3194deeda9f4d) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: fix CVE-2022-23308 regressionJoe Slater2022-03-262-0/+102
| | | | | | | | | | | The fix for the CVE in 2.9.13 caused a regression which was addressed after 2.9.13. We import that patch here. (From OE-Core rev: f7fd194feb4f7993518388160acd5199fcfc3b26) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: update to 2.9.13Ralph Siemsen2022-03-133-226/+8
| | | | | | | | | | | - new version includes fix for CVE-2022-23308 - drop patche which was upstream - refresh patch (From OE-Core rev: d687f1ac2017a1cc94ac4733cd46755d5aabd120) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: move to gitlab.gnome.orgRalph Siemsen2022-03-131-4/+5
| | | | | | | | | | | | | | | The project has migrated from www.xmlsoft.org to gitlab.gnome.org. Update the homepage accordingly, and use gnomebase to construct the download URL, rather than including it in SRC_URI explicitly. Note that the download is now in .xz format rather than .gz, so the sha256sum is updated accordingly. Post-decompression tarballs are identical, so there is no change to the libxml2 code. (From OE-Core rev: 8bc17ceb997f8f31a03e5f5efc41c03ef1df3add) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Backport python3-lxml workaround patchCarlos Rafael Giani2022-02-032-0/+214
| | | | | | | | | | | This is a workaround for the following issue that affects python3-lxml: https://gitlab.gnome.org/GNOME/libxml2/-/issues/255 (From OE-Core rev: 2f52be7c42ea37243f9aea1898ef7052904f9290) Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: add missing Upstream-Status tagAlexander Kanavin2021-11-211-0/+1
| | | | | | | (From OE-Core rev: 9b79981f3c9a677121a46f4d6d8c899100fee753) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: mark patch as non-upstreamableAlexander Kanavin2021-11-071-1/+5
| | | | | | | (From OE-Core rev: be5be9e36dc76215f8563d87f5a6b09c1ac7190b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: submit patch upstreamAlexander Kanavin2021-11-031-1/+1
| | | | | | | | (From OE-Core rev: 62d0992ae831caa4b6bda5a300db5e8068480a7b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Use python3targetconfig to fix reproducibility issueRichard Purdie2021-10-131-1/+1
| | | | | | | | | | We're seeing pthread being linked sometimes and not others leading to non-reproducible target binaries. The reason is mixing the native python config with the target one. We should use the target one. (From OE-Core rev: 1bc5378db760963e2ad46542f2907dd6a592eb66) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Convert to new override syntaxRichard Purdie2021-08-021-14/+14
| | | | | | | | | | | | This is the result of automated script conversion: scripts/contrib/convert-overrides.py <oe-core directory> converting the metadata to use ":" as the override character instead of "_". (From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove redundant ${libdir}/cmake from FILES_${PN}-devRoss Burton2021-07-191-1/+1
| | | | | | | | | | | | Since oe-core 543e39ad "bitbake.conf: handle cmake -dev files packaging with default rules" (June 2018) there's no need for recipes to add ${libdir}/cmake or ${datadir}/cmake to FILES_${PN}-dev themselves. (From OE-Core rev: e6f62b8e639a79626d95568c070a410c24bce25e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Update to 2.9.12Tony Tascioglu2021-05-218-253/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop CVE patches which are fixed by the new upstream version. Modify conflicting patches to apply to the new versions: libxml2/libxml-m4-use-pkgconfig.patch libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch Drop fix-python39, which is merged upstream. Removed hunk for tstLastError.py from libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch since it has been fixed upstream by: 8c3e52e: Updated python/tests/tstLastError.py libxml2.registerErrorHandler(None,None): None is not acceptable as first argument failUnlessEqual replaced by assertEqual The checksums for the licence file changed because a typo was fixed across the files. The licence remains the same. The obsolete MD5 checksums for the tar files have been dropped in favor of SHA256. The new release also adds fuzz tests, which are removed from the makefile to allow the ptests to run. Fuzz testing is done upstream and there is no need to run them as part of ptests which are intended for functionality testing. (From OE-Core rev: c7c429d05ca51b0404f09981f6c9bcad7dc33222) Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Add bash dependency for ptests.Tony Tascioglu2021-05-181-1/+1
| | | | | | | | | | | | | | | | | Before, running ptests on core-image-minimal would result in an error due to missing /bin/bash: [ -d test ] || ln -s ../libxml2-2.9.10/test . make: /bin/bash: No such file or directory make: *** [Makefile:2105: runtests] Error 127 Changing the Makefile to use /bin/sh results in some of the tests failing, so I have added the missing dependancy on bash. (From OE-Core rev: d2e81298c446aec8d7fcf61fd5023ac30350f205) Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Reformat runtest.patchTony Tascioglu2021-05-181-20/+25
| | | | | | | | | | | | | | | Reformatted runtest.patch to allow it to be applied using git am. This makes it easier to apply the series of patches to the original git repo. There are no changes to the code of the patch other than the reformat. Previously, the patch claimed to be a backport, but I have not found an upstream commit so I've changed the Upstream-Status to pending. (From OE-Core rev: 0361d625e1573e846a2f03ed90a8b897bc405160) Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: add a patch to fix python 3.9 supportAlexander Kanavin2020-10-302-0/+95
| | | | | | | (From OE-Core rev: 0d0acc5fefc96ee0f0a856f7fa34caf92e03138f) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Fix CVE-2020-24977Ovidiu Panait2020-09-102-0/+42
| | | | | | | | | | | | | | | | | GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1). Reference: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 Upstream patch: https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 (From OE-Core rev: 92dc02b8f03f3586de0a2ec1463b189a3918e303) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Don't inherit 'features_check' in recipes that don't utilize itJacob Kroon2020-06-121-1/+1
| | | | | | | (From OE-Core rev: e5591eb5165b1b7287a12928e2b179ae2b5ce5d6) Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Update patch upstream statusRichard Purdie2020-02-151-1/+1
| | | | | | | (From OE-Core rev: aca3900b9302e619fa6cd3b8a7b3fcae3b2ffe8d) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Fix CVE-2019-20388Lee Chee Yang2020-02-152-0/+38
| | | | | | | | | | see: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 (From OE-Core rev: 12a5eb0ea6f530ad7be2e58d4091b4edadbf461b) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: fix CVE-2020-7595Anuj Mittal2020-02-052-0/+37
| | | | | | | (From OE-Core rev: f2f7aa9a495774fe5a2e3947584cb3503bd1eaf1) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: update to 2.9.10Alexander Kanavin2019-12-162-32/+34
| | | | | | | (From OE-Core rev: de72e0440bc36fab09a7e3c13d3967c97dcda66b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-24 18:15:04 +0000