From 7d88b2b5982ea9d77772d99c85c1645879c98b3f Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Tue, 3 Mar 2026 11:24:11 +0100 Subject: [PATCH] overlay coreos/user-patches: Drop unnecessary dev-libs/libxslt patches Signed-off-by: Krzesimir Nowak --- .../dev-libs/libxslt/CVE-2025-7424.patch | 99 ------------------- .../user-patches/dev-libs/libxslt/README.md | 2 - 2 files changed, 101 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/CVE-2025-7424.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/README.md diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/CVE-2025-7424.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/CVE-2025-7424.patch deleted file mode 100644 index 62a34fa61d..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/CVE-2025-7424.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 345d6826d0eae6f0a962456b8ed6f6a1bad0877d Mon Sep 17 00:00:00 2001 -From: David Kilzer -Date: Sat, 24 May 2025 15:06:42 -0700 -Subject: [PATCH] libxslt: Type confusion in xmlNode.psvi between stylesheet - and source nodes - -* libxslt/functions.c: -(xsltDocumentFunctionLoadDocument): -- Implement fix suggested by Ivan Fratric. This copies the xmlDoc, - calls xsltCleanupSourceDoc() to remove pvsi fields, then adds the - xmlDoc to tctxt->docList. -- Add error handling for functions that may return NULL. -* libxslt/transform.c: -- Remove static keyword so this can be called from - xsltDocumentFunctionLoadDocument(). -* libxslt/transformInternals.h: Add. -(xsltCleanupSourceDoc): Add declaration. - -Fixes #139. ---- - libxslt/functions.c | 16 +++++++++++++++- - libxslt/transform.c | 3 ++- - libxslt/transformInternals.h | 9 +++++++++ - 3 files changed, 26 insertions(+), 2 deletions(-) - create mode 100644 libxslt/transformInternals.h - -diff --git a/libxslt/functions.c b/libxslt/functions.c -index 72a58dc4..11ec039f 100644 ---- a/libxslt/functions.c -+++ b/libxslt/functions.c -@@ -34,6 +34,7 @@ - #include "numbersInternals.h" - #include "keys.h" - #include "documents.h" -+#include "transformInternals.h" - - #ifdef WITH_XSLT_DEBUG - #define WITH_XSLT_DEBUG_FUNCTION -@@ -125,7 +126,20 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, - /* - * This selects the stylesheet's doc itself. - */ -- doc = tctxt->style->doc; -+ doc = xmlCopyDoc(tctxt->style->doc, 1); -+ if (doc == NULL) { -+ xsltTransformError(tctxt, NULL, NULL, -+ "document() : failed to copy style doc\n"); -+ goto out_fragment; -+ } -+ xsltCleanupSourceDoc(doc); /* Remove psvi fields. */ -+ idoc = xsltNewDocument(tctxt, doc); -+ if (idoc == NULL) { -+ xsltTransformError(tctxt, NULL, NULL, -+ "document() : failed to create xsltDocument\n"); -+ xmlFreeDoc(doc); -+ goto out_fragment; -+ } - } else { - goto out_fragment; - } -diff --git a/libxslt/transform.c b/libxslt/transform.c -index 54ef821b..38c2dce6 100644 ---- a/libxslt/transform.c -+++ b/libxslt/transform.c -@@ -43,6 +43,7 @@ - #include "xsltlocale.h" - #include "pattern.h" - #include "transform.h" -+#include "transformInternals.h" - #include "variables.h" - #include "numbersInternals.h" - #include "namespaces.h" -@@ -5757,7 +5758,7 @@ xsltCountKeys(xsltTransformContextPtr ctxt) - * - * Resets source node flags and ids stored in 'psvi' member. - */ --static void -+void - xsltCleanupSourceDoc(xmlDocPtr doc) { - xmlNodePtr cur = (xmlNodePtr) doc; - void **psviPtr; -diff --git a/libxslt/transformInternals.h b/libxslt/transformInternals.h -new file mode 100644 -index 00000000..d0f42823 ---- /dev/null -+++ b/libxslt/transformInternals.h -@@ -0,0 +1,9 @@ -+/* -+ * Summary: set of internal interfaces for the XSLT engine transformation part. -+ * -+ * Copy: See Copyright for the status of this software. -+ * -+ * Author: David Kilzer -+ */ -+ -+void xsltCleanupSourceDoc(xmlDocPtr doc); --- -2.39.5 (Apple Git-154) - diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/README.md deleted file mode 100644 index 7dd3ad0ced..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/dev-libs/libxslt/README.md +++ /dev/null @@ -1,2 +0,0 @@ -The libxslt project in unmaintained, so we will need to carry the -patch indefinitely.