From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Thu, 27 May 2021 08:47:14 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lm9nW-0002sB-7C for lore@lore.pengutronix.de; Thu, 27 May 2021 08:47:14 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lm9nV-0000rP-Uh; Thu, 27 May 2021 08:47:13 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lm9m8-0005vV-Kd; Thu, 27 May 2021 08:45:48 +0200 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lm9m8-0006VJ-4i; Thu, 27 May 2021 08:45:48 +0200 Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lm9m8-00GxnZ-46; Thu, 27 May 2021 08:45:48 +0200 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Thu, 27 May 2021 08:45:48 +0200 Message-Id: <20210527064548.4043070-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210517160447.95609-2-ada@thorsis.com> References: <20210517160447.95609-2-ada@thorsis.com> MIME-Version: 1.0 Subject: Re: [ptxdist] [APPLIED] libxml2: version bump 2.9.10 -> 2.9.12 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Alexander Dahl Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as 03aeef516da3c961a26de8b56d0b8e0596a4f62a. Michael [sent from post-receive hook] On Thu, 27 May 2021 08:45:47 +0200, Alexander Dahl wrote: > Fixes quite some security and other issues. License text change was a > small typo only. Two patches removed have gone upstream. > > Signed-off-by: Alexander Dahl > Link: https://mail.gnome.org/archives/xml/2021-May/msg00000.html > Link: https://mail.gnome.org/archives/xml/2021-May/msg00003.html > Message-Id: <20210517160447.95609-2-ada@thorsis.com> > Signed-off-by: Michael Olbrich > > diff --git a/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch b/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch > deleted file mode 100644 > index 59c8647310bb..000000000000 > --- a/patches/libxml2-2.9.10/0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch > +++ /dev/null > @@ -1,28 +0,0 @@ > -From: Zhipeng Xie > -Date: Thu, 12 Dec 2019 17:30:55 +0800 > -Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities > - > -When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef > -return NULL which cause a infinite loop in xmlStringLenDecodeEntities > - > -Found with libFuzzer. > - > -Signed-off-by: Zhipeng Xie > ---- > - parser.c | 3 ++- > - 1 file changed, 2 insertions(+), 1 deletion(-) > - > -diff --git a/parser.c b/parser.c > -index d1c319631fc9..a34bb6cdd81b 100644 > ---- a/parser.c > -+++ b/parser.c > -@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, > - else > - c = 0; > - while ((c != 0) && (c != end) && /* non input consuming loop */ > -- (c != end2) && (c != end3)) { > -+ (c != end2) && (c != end3) && > -+ (ctxt->instate != XML_PARSER_EOF)) { > - > - if (c == 0) break; > - if ((c == '&') && (str[1] == '#')) { > diff --git a/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch b/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch > deleted file mode 100644 > index 1ca08621799a..000000000000 > --- a/patches/libxml2-2.9.10/0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch > +++ /dev/null > @@ -1,29 +0,0 @@ > -From: Zhipeng Xie > -Date: Tue, 20 Aug 2019 16:33:06 +0800 > -Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream > - > -When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun > -alloc a new schema for ctxt->schema and set vctxt->xsiAssemble > -to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize > -vctxt->xsiAssemble to 0 again which cause the alloced schema > -can not be freed anymore. > - > -Found with libFuzzer. > - > -Signed-off-by: Zhipeng Xie > ---- > - xmlschemas.c | 1 - > - 1 file changed, 1 deletion(-) > - > -diff --git a/xmlschemas.c b/xmlschemas.c > -index d19de6df5f50..59495c2738ab 100644 > ---- a/xmlschemas.c > -+++ b/xmlschemas.c > -@@ -28095,7 +28095,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { > - vctxt->nberrors = 0; > - vctxt->depth = -1; > - vctxt->skipDepth = -1; > -- vctxt->xsiAssemble = 0; > - vctxt->hasKeyrefs = 0; > - #ifdef ENABLE_IDC_NODE_TABLES_TEST > - vctxt->createIDCNodeTables = 1; > diff --git a/patches/libxml2-2.9.10/series b/patches/libxml2-2.9.10/series > deleted file mode 100644 > index fed72960d3b0..000000000000 > --- a/patches/libxml2-2.9.10/series > +++ /dev/null > @@ -1,8 +0,0 @@ > -# generated by git-ptx-patches > -#tag:base --start-number 1 > -#tag:upstream --start-number 1 > -0001-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch > -0002-Fix-memory-leak-in-xmlSchemaValidateStream.patch > -#tag:ptx --start-number 200 > -0200-xml2-config-is-not-SYSROOT-aware.patch > -# d6f49636e8813a3a9e46758f352fc667 - git-ptx-patches magic > diff --git a/patches/libxml2-2.9.10/0200-xml2-config-is-not-SYSROOT-aware.patch b/patches/libxml2-2.9.12/0200-xml2-config-is-not-SYSROOT-aware.patch > similarity index 100% > rename from patches/libxml2-2.9.10/0200-xml2-config-is-not-SYSROOT-aware.patch > rename to patches/libxml2-2.9.12/0200-xml2-config-is-not-SYSROOT-aware.patch > diff --git a/patches/libxml2-2.9.12/series b/patches/libxml2-2.9.12/series > new file mode 100644 > index 000000000000..05ba5ddea3dd > --- /dev/null > +++ b/patches/libxml2-2.9.12/series > @@ -0,0 +1,6 @@ > +# generated by git-ptx-patches > +#tag:base --start-number 1 > +#tag:upstream --start-number 1 > +#tag:ptx --start-number 200 > +0200-xml2-config-is-not-SYSROOT-aware.patch > +# b6720be956d1b4619bc1c347a0ceb1dd - git-ptx-patches magic > diff --git a/rules/libxml2.make b/rules/libxml2.make > index 1da248307b18..9eb1993b07c1 100644 > --- a/rules/libxml2.make > +++ b/rules/libxml2.make > @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBXML2) += libxml2 > # > # Paths and names > # > -LIBXML2_VERSION := 2.9.10 > -LIBXML2_MD5 := 10942a1dc23137a8aa07f0639cbfece5 > +LIBXML2_VERSION := 2.9.12 > +LIBXML2_MD5 := f433a39be087a9f0b197eb2307ad9f75 > LIBXML2 := libxml2-$(LIBXML2_VERSION) > LIBXML2_SUFFIX := tar.gz > LIBXML2_SOURCE := $(SRCDIR)/$(LIBXML2).$(LIBXML2_SUFFIX) > @@ -26,7 +26,7 @@ LIBXML2_LICENSE := MIT AND ISC > # The file 'COPYING' is just a symlink on the file 'Copyright' > LIBXML2_LICENSE_FILES := \ > file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \ > - file://hash.c;startline=6;endline=15;md5=96f7296605eae807670fb08947829969 > + file://hash.c;startline=6;endline=15;md5=e77f77b12cb69e203d8b4090a0eee879 > > LIBXML2_URL := \ > ftp://xmlsoft.org/libxml2/$(LIBXML2).$(LIBXML2_SUFFIX) \ _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de