diff options
Diffstat (limited to 'main/libxml2/APKBUILD')
| -rw-r--r-- | main/libxml2/APKBUILD | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD index 4e996061d90..b50fc885133 100644 --- a/main/libxml2/APKBUILD +++ b/main/libxml2/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Carlo Landmeter <clandmeter@alpinelinux.org> # Maintainer: Carlo Landmeter <clandmeter@alpinelinux.org> pkgname=libxml2 -pkgver=2.9.12 -pkgrel=1 +pkgver=2.9.14 +pkgrel=2 pkgdesc="XML parsing library, version 2" url="http://www.xmlsoft.org/" arch="all" @@ -17,13 +17,24 @@ if [ -z "$BOOTSTRAP" ]; then py_configure="--with-python=/usr/bin/python3" fi options="!strip" -source="http://xmlsoft.org/sources/libxml2-$pkgver.tar.gz - revert-Make-xmlFreeNodeList-non-recursive.patch +source="https://download.gnome.org/sources/libxml2/${pkgver%.*}/libxml2-$pkgver.tar.xz libxml2-2.9.8-python3-unicode-errors.patch - work-around-lxml-api-abuse.patch + $pkgname-CVE-2022-3209-1.patch::https://gitlab.gnome.org/GNOME/libxml2/-/commit/5930fe01963136ab92125feec0c6204d9c9225dc.patch + $pkgname-CVE-2022-3209-2.patch::https://gitlab.gnome.org/GNOME/libxml2/-/commit/a82ea25fc83f563c574ddb863d6c17d9c5abdbd2.patch + CVE-2022-40303.patch + CVE-2022-40304.patch " # secfixes: +# 2.9.14-r2: +# - CVE-2022-40303 +# - CVE-2022-40304 +# 2.9.14-r1: +# - CVE-2022-2309 +# 2.9.14-r0: +# - CVE-2022-29824 +# 2.9.13-r0: +# - CVE-2022-23308 # 2.9.11-r0: # - CVE-2021-3517 # - CVE-2021-3518 @@ -103,8 +114,10 @@ utils() { } sha512sums=" -df1c6486e80f0fcf3c506f3599bcfb94b620c00d0b5d26831bc983daa78d58ec58b5057b1ec7c1a26c694f40199c6234ee2a6dcabf65abfa10c447cb5705abbd libxml2-2.9.12.tar.gz -347178e432379d543683cba21b902e7305202c03e8dbd724ae395963d677096a5cfc4e345e208d498163ca5174683c167610fc2b297090476038bc2bb7c84b4f revert-Make-xmlFreeNodeList-non-recursive.patch +d08e6cafb289c499fdc5b3a12181e032a34f7a249bc66758859f964d3e71e19fd69be79921e1a9d8ab1e692d15b13f5fae95eeb10c3236974d89e218f5107606 libxml2-2.9.14.tar.xz a205c97fa1488fb8907cfa08b5f82e2055c80b86213dc3cc5c4b526fe6aa786bcc4e4eeb226c44635a1d021307b39e3940f706c42fb60e9e3e9b490a84164df7 libxml2-2.9.8-python3-unicode-errors.patch -5e2a80038cb7085fce27dfff2d92f651259124b1a899ce3b5dbb0f6f8e815e30d5256e447cd1dff227f535be0c13ce8cff0234cf0bee7ff75cd2245a8b65130a work-around-lxml-api-abuse.patch +17741ee5fcddb1a5d802a90fdbd7bd38a6f6e03ce11c2fe2fb92c0420e94dffd50846c653ffd69425517ccf287ec8830698201dd1cfd34200ea1fd7c5e115de8 libxml2-CVE-2022-3209-1.patch +5c02cc54bf3f1507f2851468397d28922d9d6aac32a8c4b31ca96792da56ba17b8bb3c4e1aca2b4bd720d922d761635d53d29791b0066b3329c48aa0359dbb1e libxml2-CVE-2022-3209-2.patch +feca63825d3678027f9be1b9f7377d95e067ae2ebc7556e4259cb89baa2a93b890fef2280be6db91017e8492eb08752f37f2620d9ef2a4684691d22fc3b3025d CVE-2022-40303.patch +5000106b69d8c10d018f9f5f0942e6565728b3ccbc2830d1f5076651e6e018c30281d481a76dcb5304bbed6f65663a2bff385eec941491b6d950e8de478947b0 CVE-2022-40304.patch " |