Commit Graph

153 Commits

Author SHA1 Message Date
github-actions[bot]
b4fdbf27f2
Merge master into staging-next 2023-09-09 06:01:15 +00:00
Moritz Angermann
a81e3dcd75 treewide: replace libc == "msvcrt" with isMinGW
msvcrt is only one of the libcs in MinGW. We therefore
replace explictly testing for msvcrt with the isMinGW
predicate. This lays the foundation for ucrt64 support.
2023-09-08 10:56:08 +00:00
Bobby Rong
3a4ca00c84
libxml2: 2.11.4 → 2.11.5
https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.11.4...v2.11.5
2023-08-25 20:14:35 +08:00
Jan Tojnar
7d9be8a366 libxml2: 2.10.4 → 2.11.4
https://gitlab.gnome.org/GNOME/libxml2/-/compare/2.10.4...2.11.4
2023-07-05 16:27:49 +02:00
Bobby Rong
40074520d1
libxml2: 2.10.3 → 2.10.4
https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.10.3...v2.10.4

- CVE-2023-29469: Hashing of empty dict strings isn't deterministic
- CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexType
2023-04-13 13:08:36 +08:00
Alyssa Ross
0807fca47e libxml2: restrict Python support in cross builds 2023-02-05 10:14:46 +00:00
Jan Tojnar
541a94784b libxml2: 2.10.2 → 2.10.3
https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.10.2...v2.10.3

CVE-2022-40304
CVE-2022-40303

Changelog-Reviewed-By: Jan Tojnar <jtojnar@gmail.com>
2022-10-26 23:22:36 +02:00
Jan Tojnar
2e18621606 libxml2: make amenable to auto-updates 2022-10-26 23:22:36 +02:00
Vladimír Čunát
36bb8d969a
libxml2: use older version during stdenv bootstrap on darwin
/cc the update PR #195748
2022-10-15 09:39:33 +02:00
Martin Weinelt
ef6a273c70
Merge pull request #195748 from jtojnar/libxml2 2022-10-13 18:43:05 +02:00
Jan Tojnar
2aff11165b libxml2: 2.10.0 → 2.10.2
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.1
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.2

https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.10.0...v2.10.2
2022-10-13 11:58:07 +02:00
Artturin
9069a064f8 libxml2: enable strictDeps and enable pythonSupport when cross 2022-10-07 16:31:39 +03:00
Jan Tojnar
1c93ab362b libxml2: 2.9.14 → 2.10.0
- Massive cleanups
- CVE-2022-2309
- More security fixes
- Removal of outdated development manpage libxml.3

https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.9.14...v2.10.0

- Python detection is broken by `strictDeps` for unknown reasons.
- Also replaced `moveToOutput` with more declarative `outputMan`.
2022-09-03 16:13:59 +02:00
Vladimír Čunát
e48c99ecbd
Merge #171744: libxml2: re-enable tests for darwin
...into staging
2022-07-29 19:31:25 +02:00
Janne Heß
c911240e9c
Revert "Add mingwW64-llvm cross-system." 2022-05-18 13:50:23 +02:00
Shea Levy
0f68ed163c
Merge branch 'mingwW64-clang' into staging 2022-05-18 06:30:21 -04:00
Sandro Jäckel
b4e8a4bbda
libxml2: update homepage 2022-05-11 11:46:58 +02:00
Shea Levy
504d38ae7b
cross: Allow Windows toolchains to use ucrt as libc. 2022-05-06 10:54:52 -04:00
Robert Scott
f87f5ae301 libxml2: re-enable tests for darwin
appears the lack of sandbox on most darwin machines allows the
tests to accidentally find /usr/lib/libxml2.dylib, which
causes problems
2022-05-06 00:55:53 +01:00
Niklas Hambüchen
207c4030f5 libxml2: 2.9.13 -> 2.9.14
Fixes CVE-2022-29824, see https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
2022-05-03 23:25:49 +00:00
Jan Tojnar
cb8aaea8fd libxml2: 2.9.12 → 2.9.13
Fixes CVE-2022-23308

https://mail.gnome.org/archives/xml/2022-February/msg00009.html
2022-02-21 14:55:24 +01:00
Jan Tojnar
7eb38d554c libxml2: fix configure flags
`$dev` will be substituted by empty string (would have to be `$(dev)`),
causing issues in 2.9.13. Let’s fix that and use the cannonical name.
2022-02-21 14:55:24 +01:00
Jan Tojnar
65ca2a4bbb libxml2: More cleanups 2022-02-21 14:55:24 +01:00
Jan Tojnar
9c57fa9fc1 libxml2: use autoreconfHook
Avoid stale autotools files and allow building from git easily.
2022-02-21 14:55:24 +01:00
Jan Tojnar
8570316d3d libxml2: do not disable working test
Must have been fixed for a while now.
2022-02-21 14:55:23 +01:00
Jan Tojnar
33ee72f4b1 libxml2: Add myself as a maintainer 2022-02-21 14:55:23 +01:00
Jan Tojnar
ce668865b9 libxml2: switch to gnome mirrors
New versions will only be published there.

Also add GNOME update script.
2022-02-21 14:55:23 +01:00
Jan Tojnar
8ca7bb10a8 libxml2: Format the expression 2022-02-21 14:55:23 +01:00
Emily
20a6d8a241 libxml2: use libiconv on Darwin
This fixes e.g. python3Packages.beautifulsoup4, which has tests relying
on the wider encoding support enabled by libiconv.

Fixes #137678.
2021-10-02 10:05:17 +09:00
Guillaume Girol
bf74dfbc54 libxml2: add strictDeps = true 2021-08-19 09:30:47 +02:00
Guillaume Girol
652f7fafd2 libxml2: fix static build 2021-08-19 09:30:46 +02:00
Jan Tojnar
7099f24c4a libxml2: Work around lxml API misuse 2021-05-21 18:57:38 -07:00
Andrew Childs
3e47747657 libxml2: cap MACOSX_DEPLOYMENT_TARGET at 10.16
libxml2 is used in bootstrapping, so the alternates solution of
running libtoolize is tricky here.
2021-05-17 00:27:03 +09:00
Jan Tojnar
d01a4e3fe9 libxml2: 2.9.10 → 2.9.12
https://mail.gnome.org/archives/xml/2021-May/msg00000.html

CVE-2021-3541
2021-05-13 23:12:59 -07:00
volth
bc0d605cf1 treewide: fix double quoted strings in meta.description
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
John Ericson
f52263ced0 treewide: Start to break up static overlay
We can use use `stdenv.hostPlatform.isStatic` instead, and move the
logic per package. The least opionated benefit of this is that it makes
it much easier to replace packages with modified ones, as there is no
longer any issue of overlay order.

CC @FRidh @matthewbauer
2021-01-03 19:18:16 +00:00
Drew Hess
81eddf1516 libxml2: upstream patch for Python 3.9. 2020-11-28 18:26:15 +01:00
Martin Weinelt
ab61f1622b libxml2: fix CVE-2020-24977
Fixes an out-of-bounds read when using xmllint with the --htmlout
parameter.

Fixes: CVE-2020-24977
2020-11-27 20:33:58 +01:00
John Wiegley
6a359b2333
libxml2Python: Darwin builds require libintl (better fix) 2020-08-06 15:52:57 -07:00
Daiderd Jordan
cc148a4b3e
libxml2: fix python2 build on darwin 2020-07-05 15:09:38 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Martin Milata
291c73568a libxml2: add patch for CVE-2019-20388 2020-03-12 23:43:47 +00:00
Andrew Dunham
147f32ac2b libxml2: add patch for CVE-2020-7595 2020-02-01 15:23:47 -08:00
Alyssa Ross
863fc6574d libxml2: don't propagate Python bindings 2020-01-13 16:46:02 +00:00
Robin Gloster
74c2020e8c
libxml2: fix further structuredAttrs issues 2019-12-30 11:13:38 +01:00
Robert Scott
c3c77ecfde libxml2: 2.9.9 -> 2.9.10
disable python test which was previously failing anyway, but in previous
versions it was being ignored
2019-11-11 01:18:39 +00:00
Chuck
c0cecd0e60 python3Packages.libxml2: Patch to work around python3 + utf-8 itstool crash
1. Gnumeric has unbalanced XML tags in its doc translations.
2. itstool's XML error handler tries to print this error with context.
3. libxml2's context snipper treats the data as bytes, not UTF-8.
4. python3Packages.libxml2 casts the context to a UTF-8 Python string.
5. itstool dereferences a null pointer.

This patch intervenes at #4.

In https://bugzilla.gnome.org/show_bug.cgi?id=789714#c4 , upstream
suggests that intervening at #3 would be better -- that each of the four
copies of xmlParserPrintFileContextInternal() have four additional UTF-8
problems, one of which is that the caret indicator ought to count
"unicode characters" not bytes.  But to position a caret correctly, a
character count is not sufficient -- this would need to use icu's BiDi
logic (with fallback to doing something wrong when libxml2 is configured
not to use icu) -- which makes a 'correct' fix a much larger project
than this simple band-aid.
2019-10-31 17:30:33 -07:00
Frederik Rietdijk
a51aa02c78 libxml2: use python3 for build and as default for bindings
Changing the default may cause breakage, however, users should have
already switched to `pythonPackages.libxml2` long ago.
2019-10-29 13:47:03 +01:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00