Commit Graph

112 Commits

Author SHA1 Message Date
Martin Milata 291c73568a libxml2: add patch for CVE-2019-20388 2020-03-12 23:43:47 +00:00
Andrew Dunham 147f32ac2b libxml2: add patch for CVE-2020-7595 2020-02-01 15:23:47 -08:00
Alyssa Ross 863fc6574d libxml2: don't propagate Python bindings 2020-01-13 16:46:02 +00:00
Robin Gloster 74c2020e8c
libxml2: fix further structuredAttrs issues 2019-12-30 11:13:38 +01:00
Robert Scott c3c77ecfde libxml2: 2.9.9 -> 2.9.10
disable python test which was previously failing anyway, but in previous
versions it was being ignored
2019-11-11 01:18:39 +00:00
Chuck c0cecd0e60 python3Packages.libxml2: Patch to work around python3 + utf-8 itstool crash
1. Gnumeric has unbalanced XML tags in its doc translations.
2. itstool's XML error handler tries to print this error with context.
3. libxml2's context snipper treats the data as bytes, not UTF-8.
4. python3Packages.libxml2 casts the context to a UTF-8 Python string.
5. itstool dereferences a null pointer.

This patch intervenes at #4.

In https://bugzilla.gnome.org/show_bug.cgi?id=789714#c4 , upstream
suggests that intervening at #3 would be better -- that each of the four
copies of xmlParserPrintFileContextInternal() have four additional UTF-8
problems, one of which is that the caret indicator ought to count
"unicode characters" not bytes.  But to position a caret correctly, a
character count is not sufficient -- this would need to use icu's BiDi
logic (with fallback to doing something wrong when libxml2 is configured
not to use icu) -- which makes a 'correct' fix a much larger project
than this simple band-aid.
2019-10-31 17:30:33 -07:00
Frederik Rietdijk a51aa02c78 libxml2: use python3 for build and as default for bindings
Changing the default may cause breakage, however, users should have
already switched to `pythonPackages.libxml2` long ago.
2019-10-29 13:47:03 +01:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
volth f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Will Dietz 96890e2390 libxml2: 2.9.8 -> 2.9.9 2019-01-03 14:36:08 -06:00
Matthew Bauer 245f25586b libxml2: only use static output with both shared & static
The static output should only get created when both enableShared and
enableStatic are set. Otherwise there would be libraries missing from
the main output when enableShared = false & enableStatic = true. This
can cause issues in some packages that don’t know about libxml2’s
static output.

(cherry picked from commit 2bd6bb0a4bf21005d8877c735709cd21d22e05bd)
(cherry picked from commit 1421a39c1e62584d346185ad49484b11b7703dc1)
2018-11-13 06:57:54 -06:00
Frederik Rietdijk d0d04c26d7 libxml2: support python3 2018-10-17 10:00:20 +02:00
John Ericson 0828e2d8c3 treewide: Remove usage of remaining redundant platform compatability stuff
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
2018-08-30 17:20:32 -04:00
Andreas Rammhold 06e7a48f45
libxml2: fix CVE-2018-14567 & CVE-2018-14404
Since the already added patch for CVE-2018-9251 also affects
CVE-2018-14567 I renamed the applied patch accordingly.
2018-08-15 22:54:52 +02:00
Tim Steinbach 99fb65fb11
libxml2: Fix CVE-2018-9251 2018-08-05 18:20:33 -04:00
John Ericson e517da3929 libxml2: Use `enableFeature` 2018-08-02 15:10:43 -04:00
John Ericson 5be14c5c74 libxml2: Remove crossAttrs 2018-07-24 18:36:59 -04:00
Matthew Bauer 916f096911
Merge pull request #43890 from matthewbauer/mingw-fixes
Mingw fixes
2018-07-21 17:04:20 -04:00
Matthew Bauer 92daacc9b0 libxml2: support all platforms
Mingw/Windows support works out of the box.
2018-07-21 10:10:47 -04:00
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Antoine Eiche 5bfdf34bed libxml2: add enableStatic argument
If `enableStatic` is set to true, the output `static` contains the
static library.
2018-06-22 21:00:20 +02:00
Orivej Desh ea69fba953 Revert "libxml2: add static output"
This reverts commit 1897c352f5 on master.

This is a mass rebuild that should go through staging.
2018-06-13 16:07:54 +00:00
Antoine Eiche 1897c352f5 libxml2: add static output 2018-06-13 09:20:02 +02:00
Ryan Mulligan 3157bd3dc9 libxml2: 2.9.7 -> 2.9.8
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.9.8 in filename of file in /nix/store/cjycf1wx5a5l22a9kwhpnnh2h9i7pahk-libxc-4.0.4
2018-03-14 19:51:48 -07:00
Will Dietz 158c3c4864 libxml2: disable tests also 2018-02-13 09:44:41 -06:00
Jan Tojnar 98ff9fca29
libxml2: 2.9.5 → 2.9.7 2017-11-23 05:28:39 +01:00
Ben Gamari 09ce1ebd8f libxml2: Don't run tests when cross-compiling 2017-10-27 20:32:25 -04:00
Orivej Desh 604ca93182 libxml2: 2.9.4 -> 2.9.5 2017-09-15 17:28:31 +00:00
Tuomas Tynkkynen 1ff422aa23 treewide: Add man & info outputs where necessary (instead of doc)
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
John Ericson 8ca8293dbc libxml2: Don't use stdenv.cross 2017-06-28 00:51:59 -04:00
Dan Peebles 1a4ca220e1 treewide: fix assorted issues revealed by the meta checker
Turns out a couple of the licenses were wrong, as well as being strings.
2017-04-28 23:07:42 -04:00
Vladimír Čunát 5ad81ab09c
libxml2: bugfix updates from git upstream
This should solve CVE-2016-5131 and some other bugs, but not what Suse
calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497
The bugzilla discussion seems to indicate that the CVE is referenced
incorrectly and only shows reproducing when using command-line flags
that are considered "unsafe".

CVE-2016-9318 also remains unfixed, as I consider their reasoning OK:
https://lwn.net/Alerts/714411/

/cc #22826.
2017-02-16 20:18:17 +01:00
Peter Hoeg 52d6927413 libxml2: add optional icu support 2017-02-11 18:16:38 +08:00
Frederik Rietdijk 6b70ac81bb libxml2: supportPython -> pythonSupport
since that is more commonly used in Nixpkgs.
2016-11-08 17:10:05 +01:00
Franz Pletz 64902aebb0
libxml2: add patch to fix CVE-2016-4658
cc #20078
2016-11-03 02:45:18 +01:00
Frederik Rietdijk 47a95edc1e libxml2: use python2 2016-10-18 23:14:31 +02:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Vladimír Čunát dc13593b9f libxml2: disable checks on Darwin
Apparently they won't work there.
2016-05-27 09:45:46 +02:00
Vladimír Čunát f4bddaf51f libxml2: doCheck = true
That wouldn't uncover the problem fixed in parent commit,
but it shouldn't hurt.
2016-05-26 15:09:28 +02:00
Vladimír Čunát 3069606108 libxml2: fixup validation problems with 2.9.4
... by reverting an upstream commit
/cc #15697.

I should make some distro pay me for digging into such things :-)
2016-05-26 13:49:08 +02:00
Graham Christensen 772851ff46 libxml2: 2.9.3 -> 2.9.4 for three CVEs (close #15697)
- CVE-2016-4447: libxml2: Heap-based buffer underreads due to xmlParseName
   https://bugzilla.redhat.com/show_bug.cgi?id=1338686

 - CVE-2016-4448 libxml2: Format string vulnerability
   https://bugzilla.redhat.com/show_bug.cgi?id=1338700

 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content
   https://bugzilla.redhat.com/show_bug.cgi?id=1338701

and many other fixed issues, available at http://www.xmlsoft.org/news.html
2016-05-25 18:28:52 +02:00
Vladimír Čunát 7a005601d4 Merge branch 'master' to resolve conflicts 2016-05-05 08:25:38 +02:00
Vladimír Čunát 94eba25103 libxml2: fix on mingw, without DLLs ATM
After closure-size merge we need to disable python support,
as python upstream doesn't support cross-building linux -> mingw.
2016-04-23 10:52:02 +02:00
Karn Kallio c4ab7e2cd4 libxml2 : Have exec_prefix match the location of bin/xml2-config. 2016-04-21 13:00:21 +02:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Jakob Gillich aee934b3aa libxml2: security update 2.9.2 -> 2.9.3 (close #12197) 2016-01-07 10:18:34 +01:00
Luca Bruno e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Vladimír Čunát 38313d5d87 libxml2,libxslt: split into multiple outputs
Fixed all references, hopefully.
libxml2Python is slightly hacky now, but it seems to work.
2015-10-05 13:44:16 +02:00
Eelco Dolstra e939757609 libxml2: Move docs to separate output
This reduces the size of "out" from 8.6 to 2.4 MB.
2015-07-26 13:36:22 +02:00
Eelco Dolstra eae17c3743 Revert "libxml2: Refactor and fix library propagation"
This reverts commit 287ec76b8f.
2015-06-04 14:54:51 +02:00