summaryrefslogtreecommitdiff
path: root/textproc/libxml2/files (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Revert "textproc/libxml2: Update to 2.14.4"Charlie Li5 days6-162/+33
| | | | | | | | | Commit goes way beyond strictly security purposes and is not approved by desktop@. PR: 279705 This reverts commit a18dfb61a2c96a01f9536d70ad0f69390981833d.
* textproc/libxml2: Update to 2.14.4Daniel Engberg5 days6-33/+162
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes multiple CVEs: CVE-2025-32415 CVE-2025-32414 CVE-2025-27113 CVE-2025-24928 CVE-2024-56171 Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.4 Backport upstream commits: 19de8b47b1fe4b87b06bc6b89f5ee9697870a0ad 5700d989cc18889e1601c651ad69a41af8b32073 d3e33dc214276498e73b61188be02b2863c9670a cf52139b4170be13b51b62da11c208dc66e6eff0 356542324fa439de544b5e419b91ae68d42c306c References: https://gitlab.gnome.org/GNOME/libxml2/-/commit/19de8b47b1fe4b87b06bc6b89f5ee9697870a0ad https://gitlab.gnome.org/GNOME/libxml2/-/commit/5700d989cc18889e1601c651ad69a41af8b32073 https://gitlab.gnome.org/GNOME/libxml2/-/commit/d3e33dc214276498e73b61188be02b2863c9670a https://gitlab.gnome.org/GNOME/libxml2/-/commit/cf52139b4170be13b51b62da11c208dc66e6eff0 https://gitlab.gnome.org/GNOME/libxml2/-/commit/356542324fa439de544b5e419b91ae68d42c306c PR: 279705, 287391 Approved by: ports-sec (tz) via PR 287391 Exp-runs by: antoine (previous iterations)
* textproc/py-pylibxml2: rm patch that scans garbageDon Lewis2025-05-231-35/+0
| | | | | | | | | | | | | | | | | | Remove a local patch that scans stack garbage for a pattern and then uses the pointer after the array has been filled with actual data. This can cause random segfaults. The patch is under textproc/libxml2, but the patched file is only used by textproc/py-pylibxml2. The UTF-8 issue this was intended to fix was fixed upstream in a more comprehensive way in 2.11.0 with this commit: https://gitlab.gnome.org/GNOME/libxml2/-/commit/76c6da420923f2721a2e16adfcef8707a2454a1b PR: 286439 279034 Approved by: desktop (makc) Tested by: vvd MFH: 2025Q2
* textproc/libxml2: Update to 2.11.6Daniel Engberg2024-01-125-73/+45
| | | | | | | | | Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.11.6/NEWS PR: 273210 Reviewed by: fluffy Approved by: desktop (arrowd) Exp-run by: antoine
* textproc/libxml2: update to 2.10.1 release (+)Dima Panov2022-08-274-115/+21
| | | | | Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.0 \ https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.1
* textproc/{,py-}libxml2: switch back to autotoolsCharlie Li2022-04-106-51/+69
| | | | | | | | | | | | | | | | See notes in Makefile and linked PRs. While here, disable the ICU option by default. CFLAGS for libicu are passed to libxml2's consumers when the option is enabled. As icu's API is not stable between versions, PORTREVISION bumps can get missed. Additionally, properly exclude all OPTIONS from py-libxml2 and prevent do-configure from unnecessarily running. Co-authored-by: diizzy PR: 262853, 262940, 262877 Approved by: fluffy (mentor)
* textproc/libxml2: Update to 2.9.13 and migrate to CMakeDaniel Engberg2022-03-2516-471/+132
| | | | | | | | | | | | | | | | Depend on ICU and (lib)readline to follow other distros Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.13 I'd like to thank both tcberner and mandree for reviewing, suggesting improvements and helping out in general. I'd also like thank antoine for doing exp-runs. PR: 262288 Reviewed by: tcberner, mandree Approved by: desktop (tcberner) Differential Revision: https://reviews.freebsd.org/D34338 Exp-run by: antoine
* textproc/libxml2: Update to 2.9.12Daniel Engberg2021-06-2211-303/+353
| | | | | | PR: 256436 Reviewed by: arrowd Tested by: arrowd
* textproc/libxml2: add upstream fix for CVE-2021-3541Yasuhiro Kimura2021-05-231-0/+67
| | | | | | | | | | | This is relapted to parameter entities expansion and following the line of the billion laugh attack. Somehow in that path the counting of parameters was missed and the normal algorithm based on entities "density" was useless. PR: 256094 Obtained from: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e Security: CVE-2021-3541
* textproc/libxml2: fix build with VALIDATION option offAdriaan de Groot2021-05-051-0/+39
| | | | | | | | | | | | | | Grab two commits from upstream that fix the build when --no-valid is passed to configure; in the ports build that translates to the VALIDATION option turned off. These come straight from GNOME GitLab, although I've bunged them into one patch-* file. Not bumping PORTREVISION, since with this option off it would never have built, and with the option on the resulting package is unchanged. PR: 253596
* textproc/libxml2: ship patches via files/ due to gitlabTobias C. Berner2020-11-304-0/+193
| | | | | | | | | | | | - gitlab has a tendency to change checksum of patches due to metadata changes - switch to including the patches in the tree directly instead of using PATCH_FILES PR: 251040 Submitted by: daniel.engberg.lists@pyret.net Reported by: David Armstrong <bink19th@pm.me> Notes: svn path=/head/; revision=556670
* textproc/libxml2: update to 2.9.10Tobias C. Berner2019-11-236-17/+17
| | | | | | | | | | PR: 24004 Exp-run by: antoine Reviewed by: madpilot Differential Revision: https://reviews.freebsd.org/D22410 Notes: svn path=/head/; revision=518268
* Workaround https://bugzilla.gnome.org/show_bug.cgi?id=789714Antoine Brodin2019-03-081-0/+35
| | | | | | | | PR: 234633 Obtained from: Fedora / openSuse Notes: svn path=/head/; revision=495019
* textproc/libxml2: update to 2.9.8Steve Wills2019-01-0111-63/+45
| | | | | | | | PR: 233804 Exp-run by: antoine Notes: svn path=/head/; revision=489055
* Remove usage of _PyVerify_fd().Koop Mast2018-10-251-0/+30
| | | | | | | | | | | | | This function appears to be removed in python 3.5.0. Instead of adding a version check like the submitter proposed. Grab the upstream patch instead that just removes the function usage. PR: 224902 Submitted by: Michael Zhilin <mizhka@gmail.com> Obtained from: libxml2 upstream Notes: svn path=/head/; revision=482978
* textproc/libxml2: update to 2.9.7Steve Wills2017-12-131-57/+0
| | | | | | | | | | | | | PR: 222893 PR: 224189 Reported by: Walter Hop <walter@lifeforms.nl> Approved by: gnome@ (kwm) Exp-run by: antoine MFH: 2017Q4 Security: 76e59f55-4f7a-4887-bcb0-11604004163a Notes: svn path=/head/; revision=456210
* Update libxml2 to 2.9.4.Koop Mast2016-08-281-0/+57
| | | | | | | | | | | | | | | | Add license block. Pull extra patch to fix NULL pointer deref. [1] Changelog: https://mail.gnome.org/archives/xml/2016-May/msg00023.html PR: 209806 Submitted by: pi@ Obtained from: upstream [1] MFH: 2016Q3 Security: e195679d-045b-4953-bb33-be0073ba2ac6 Notes: svn path=/head/; revision=421031
* New release to fix a number of CVE's.Koop Mast2015-11-204-222/+6
| | | | | | | | | | | CVE-2015-1819 is also listed in the release notes of 2.9.3 but that issue was fixed in a previous commit and documented in another vuxml entry. MFH: 2015Q4 Security: e5423caf-8fb8-11e5-918c-bcaec565249c Notes: svn path=/head/; revision=402102
* Fix libxml2 CVE-2015-1819Koop Mast2015-07-011-0/+171
| | | | | | | | | | | doc/ tree tested by: wblock@ Obtained from: libxml2 upstream MFH: 2015Q3 Security: 9c7177ff-1fe1-11e5-9a01-bcaec565249c Notes: svn path=/head/; revision=391064
* Remove $FreeBSD$ from patches files everywhere.Mathieu Arnold2015-05-221-3/+0
| | | | | | | | With hat: portmgr Sponsored by: Absolight Notes: svn path=/head/; revision=387082
* Fix regression introduced in CVE-201403660 fix.Koop Mast2014-10-291-12/+26
| | | | | | | | Submitted by: gjb@ Obtained from: libxml2 upstream Notes: svn path=/head/; revision=371693
* patch-parser.c:Koop Mast2014-10-202-30/+48
| | | | | | | | | | | | | | Replace allready applied patch with new patch from upstream to unbreak the xmlcatalog command. patch-uri.c: Revert uri.c commit that causes the document chain to fail. Reported by: antoine@ Tested by: bapt@ MFH: 2014Q4 Notes: svn path=/head/; revision=371269
* Update to 2.9.2.Koop Mast2014-10-183-196/+8
| | | | | | | | | | This release fixes CVE-2014-3660 (DoS). MFH: 2014Q4 Security: 0642b064-56c4-11e4-8b87-bcaec565249c Notes: svn path=/head/; revision=371120
* Update to libxml2 2.9.1 [1]Koop Mast2014-05-1310-474/+253
| | | | | | | | | | | | This version fixes CVE-2013-2877. Add upstream patch for CVE-2014-0191. CVE's Reported by: Akinori MUSHA <knu@iDaemons.org> Obtained from: GNOME dev repo [1], libxml2 upstream [2] MFH: 2014Q2 Notes: svn path=/head/; revision=353989
* The FreeBSD x11@ and graphics team proudly presentsNiclas Zeising2014-04-161-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a zeising, kwm production, with help from dumbbell, bdrewery: NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE This update switches over to use the new xorg stack by default on FreeBSD 9 and 10 stable, on osversions where vt(9) is available. It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in /etc/make.conf . FreeBSD 8-STABLE and released versions of FreeBSD still use the old version. A package repository with binary packages for new xorg will be available soon. This patch also contains updates of libxcb and related ports, pixman, as well as some drivers and utilities. Bump portrevisions for xf86-* ports, as well as virtualbox-ose-additions due to xserver version change. Apart from these updates, the way shared libraries are handled has been changed for all xorg ports, as well as libxml2 and freetype, which means ltverhack is gone and as a consequence shared libraries have been bumped. The plan is that this change will make library bumps less likely in the future. All affected ports have had their portrevisions bumped as a consequence of this. Fix some issues where WITH_NEW_XORG weren't detected properly on CURRENT. Update instructions, hardware support, and more notes can be found on https://wiki.freebsd.org/Graphics Thanks to: all testers, bdrewery and the FreeBSD x11@ team exp-run by: bdrewery [1] PR: ports/187602 [1] Approved by: portmgr (bdrewery), core (jhb) Notes: svn path=/head/; revision=351411
* - Add STAGEDIR support.Hiroki Sato2013-11-251-0/+21
| | | | | | | | - Use *_CONFIGURE_WITH. - Add workaround for an iconv incompatibility on 10.X and later. Notes: svn path=/head/; revision=334822
* Fix build with LZMA. All supported versions have liblzma in the base.Jung-uk Kim2013-04-182-0/+18
| | | | | | | | Approved by: gnome (mezz) Feature safe: yes Notes: svn path=/head/; revision=316079
* Update to 2.8.0. [1]Koop Mast2013-03-2910-114/+418
| | | | | | | | | | | | Add patch to fix CVE-2013-0338 and CVE-2013-0339. [2] Convert to OptionsNG, rename patches to standard form. [1] Notified by: swills@ [2] Obtained from: gnome team repo [1] Security: 843a4641-9816-11e2-9c51-080027019be0 Notes: svn path=/head/; revision=315540
* - Revert previous change to add -pthread since libxml2 is not threaded, but isSteve Wills2012-09-301-11/+0
| | | | | | | | | | | | thread-safe, so -pthread is not needed here, but in threaded programs that use libxml2 Pointed out by: ale@ Discussed with: marcus, kwm Pointyhat to: swills Notes: svn path=/head/; revision=305080
* - Build with -pthread and include -pthread in xml2-config --libs output when ↵Steve Wills2012-09-251-0/+11
| | | | | | | | | | | threads are enabled PR: ports/171353 Discussed with: marcus, kwm Approved by: marcus Notes: svn path=/head/; revision=304839
* Merge the patch-Makefile.in into patch-aa which already patched Makefile.in.Koop Mast2012-08-162-18/+18
| | | | Notes: svn path=/head/; revision=302652
* Compile static libxml2.a with -fPIC so 3rd party shared libs canDmitry Sivachenko2012-08-161-0/+11
| | | | | | | | | link statically with libxml2.a. OK from: mezz Notes: svn path=/head/; revision=302617
* Document and fix a off-by-one vulnability in libxml2.Koop Mast2012-05-181-0/+41
| | | | | | | | Obtained from: libxml upstream Security: b8ae4659-a0da-11e1-a294-bcaec565249c Notes: svn path=/head/; revision=296901
* Fix libxml2 heap buffer overflow vulnability.Koop Mast2012-02-271-0/+25
| | | | | | | | | PR: ports/164270 Submitted by: kj <b4039413@nwldx.com> Security: 57f1a624-6197-11e1-b98c-bcaec565249c Notes: svn path=/head/; revision=292333
* Remove obsolete patch, for freebsd6.Koop Mast2011-10-251-22/+0
| | | | | | | | PR: ports/162011 Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru> Notes: svn path=/head/; revision=284301
* Re-enable symbol versioning. This fixes the undefined symbols.Koop Mast2010-11-271-4/+13
| | | | | | | | | PR: ports/152616 ports/152612 Submitted by: Christoph Moench-Tegeder <cmt@burggraben.net> Pascal Stumpf <Pascal.Stumpf@cubes.de> Notes: svn path=/head/; revision=265281
* Update to 2.7.8.Joe Marcus Clarke2010-11-271-11/+0
| | | | Notes: svn path=/head/; revision=265249
* Use USE_CSTD=gnu89 to build libxml2.Koop Mast2010-10-091-0/+11
| | | | | | | | | | | When build with Clang it tries to use C99 math functions we don't have. Also fix a symbol collision with the python bindings that got exposed by a Clang bug. With hat: gnome Notes: svn path=/head/; revision=262707
* Presenting GNOME 2.30.1 for FreeBSD. The offical release notes for thisKoop Mast2010-05-103-41/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | release can be found at http://library.gnome.org/misc/release-notes/2.30/ . This release brings initial PackageKit support, Upower (replaces power management part of hal), cuse4bsd integration with HAL and cheese, and a faster Evolution. Sadly GNOME 2.30.x will be the last release with FreeBSD 6.X support. This will also be the last of the 2.x releases. The next release will be the highly-anticipated GNOME 3.0 which will bring with it a new UI experience. Currently, there are a few bugs with GNOME 2.30 that may be of note for our users. Be sure to consult the UPGRADING note or the 2.30 upgrade FAQ at http://www.freebsd.org/gnome/docs/faq230.html for specific upgrading instructions, and the up-to-date list of known issues. This release features commits by avl, ahze, bland, marcus, mezz, and myself. The FreeBSD GNOME Team would like to thank Anders F Bjorklund for doing the initual packagekit porting. And the following contributors & testers for there help with this release: Eric L. Chen Vladimir Grebenschikov Sergio de Almeida Lenzi DomiX walder crsd Kevin Oberman Michal Varga Pavel Plesov Bapt kevin and ITetcu for two exp-run PR: ports/143852 ports/145347 ports/144980 ports/145830 ports/145511 Notes: svn path=/head/; revision=254099
* libxml2 knows too much about zlib internals. Beginning from zlib 1.2.2.3Xin LI2010-03-171-0/+20
| | | | | | | | | | | | | | | | | | the zlib authors has provided a 'gzdirect' function to detect whether the current gzFile descriptor is still providing a stream from uncompression, so use it instead of rolling own. The upcoming zlib 1.2.4 update will break the current libxml2 usage. Patch was the same as Mark Adler provided to libxml2 maintainers at: http://osdir.com/ml/svn-commits-list/2010-01/msg05723.html PR: ports/144828 Approved by: mezz (freebsd-gnome@) Notes: svn path=/head/; revision=251188
* Build thread-safe library and do it in the right way to not break other ports.Alex Dupre2009-12-012-4/+35
| | | | | | | | Reviewed by: marcus Approved by: marcus Notes: svn path=/head/; revision=245050
* Update to 2.7.6.Joe Marcus Clarke2009-10-101-3/+12
| | | | Notes: svn path=/head/; revision=242638
* Update to 2.7.5.Joe Marcus Clarke2009-09-261-16/+0
| | | | | | | Feature safe: yes Notes: svn path=/head/; revision=242133
* Add a upstream patch that fixes runtime problem with inkscape.Koop Mast2009-09-161-0/+16
| | | | | | | | | | Noticed by: Ashish SHUKLA <wahjava.ml@gmail.com> Submitted by: Romain Tarti`ere <romain@blogreen.org> [1] Obtained from: Gnome Git [1] Feature safe: yes Notes: svn path=/head/; revision=241528
* Update to 2.7.4.Joe Marcus Clarke2009-09-122-92/+15
| | | | Notes: svn path=/head/; revision=241282
* Fix security bugs CVE-2009-2416 and CVE-2009-2414.Joe Marcus Clarke2009-08-241-0/+79
| | | | | | | | | | | PR: 137980 Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> Obtained from: http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg678527.html Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 Notes: svn path=/head/; revision=240235
* Update to 2.7.3.Jeremy Messenger2009-02-072-64/+0
| | | | Notes: svn path=/head/; revision=227744
* Presenting GNOME 2.24 for FreeBSD.Joe Marcus Clarke2009-01-104-460/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See http://library.gnome.org/misc/release-notes/2.24/ for the general release notes. On the FreeBSD front, this release introduces Fuse support in HAL, adds multi-CPU support to libgtop, WebKit updates, and fixes some long-standing seahorse and gnome-keyring bugs. The documentation updates to the website are forthcoming. This release features commits by adamw, ahze, kwm, mezz, and myself. It would not have been possible without are contributors and testers: Alexander Loginov Craig Butler [1] Dmitry Marakasov [6] Eric L. Chen Joseph S. Atkinson Kris Moore Lapo Luchini [7] Nikos Ntarmos Pawel Worach Romain Tartiere TAOKA Fumiyoshi [3] Yasuda Keisuke Zyl aZ [4] bf [2] [5] Florent Thoumie Peter Wemm pluknet PR: 125857 [1] 126993 [2] 130031 [3] 127399 [4] 127661 [5] 124302 [6] 129570 [7] 129936 123790 Notes: svn path=/head/; revision=225629
* Fix two integer overflow vulnerabilities, bump the PORTREVISION.Jeremy Messenger2008-11-192-0/+64
| | | | | | | | | | Submitted by: pluknet <pluknet@gmail.com> Obtained from: https://bugzilla.redhat.com/show_bug.cgi?id=470480 https://bugzilla.redhat.com/show_bug.cgi?id=470466 Security: http://secunia.com/Advisories/32773/ Notes: svn path=/head/; revision=223047
* Fix the two security issues, bump the PORTREVISION.Jeremy Messenger2008-10-202-0/+431
| | | | | | | | | Obtained from: libxml2-2.6.31-1.3mdv2008.1.src.rpm Security: CVE-2008-3281 CVE-2008-3529 Notes: svn path=/head/; revision=221838
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-26 16:30:35 +0000