diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest index 5df8ded35f..9a31fb7e0c 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/Manifest @@ -1,6 +1,7 @@ DIST libxml2-2.13.7.tar.xz 2424236 BLAKE2B 464097c4b579f964a42909e26b3c2702d7b40c3029628c8980a1ea7a43867dda3c4bdf38b63557f971b20b125a5fc0ac7031bad5df10b1bc25380e995f7707b4 SHA512 6e69ed38cdf2aaa5df7e26b654a7aadd2d80131619184380bafc6a22811acb6b7286c819175c3b37edb194019a93ba6085852a0281934d6bb36d0b52ce138541 DIST libxml2-2.13.8.tar.xz 2423128 BLAKE2B 9abe12acb2b619f8649dc4472c39d4c59074a83538bf1a534163737bf9e99e6387fec53404392c325102da1e77f53606f2679c47b7136d7f7541a8fcc6bcd995 SHA512 668e556404693f17e074bc31e2caa5e50bf003ee3cd81b61a51ea25e76efd7eff7ec70ff603eed87b9d9e9b2299673e6e8871798264113e660e703b74b58458f DIST libxml2-2.14.4.tar.xz 2325848 BLAKE2B 6ee7e4f35e6f15124fe1ceb55758236229f87e05344c55e82c419f8e8dba763adbd25746c038d13189dfadc3bb023fd8891251e78e9c9046d42961829d93b885 SHA512 5991223bdd6c84886bba8fb81c4e48bf92c8bc3571262ffa8c7673a10efeebceafc1dee362624417dca146982d030ee8d0ccda41f4c82d3074845f74ef6da5d4 +DIST libxml2-2.14.5.tar.xz 2327528 BLAKE2B cab1d75abfa4dcbceb4b4394664adae9edd1ace7fe33d027e7e6861139a176282ff9e33b46d8b5801032cbe5e75196198d3ddfc2c58fb1dca0942aa06f63decf SHA512 9777fe0eb788a185f13617f74a2e2ffcc2128a6b179d491c06ddbb876d9bb38c951d3d7c2371d184a97143b9b2d8d6eca19fb7fcbbbe4bfa90e728f4bb1cbdf7 DIST xmlts20130923.tar.gz 641522 BLAKE2B 63a47bc69278ef510cd0b3779aed729e1b309e30efa0015d28ed051cc03f9dfddb447ab57b07b3393e8f47393d15473b0e199c34cb1f5f746b15ddfaa55670be SHA512 d5c4d26b324ed21f4e0641cd7f8b76dbf9de80df8b519982e44d41c960df29fd03618e02e9693b2d11ad06d19c4a965274c95a048ec3b9653eacb919a7f8b733 DIST xsts-2002-01-16.tar.gz 6894439 BLAKE2B 1e9ec63d2c104655e64249e07440a04d862fcbcd4d4e19745d81b34994319b510a531c9d6df1491fae1e90b5d0764f0f1a827251ca8df5d613178b0eab01ef25 SHA512 43300af6d39c1e2221b0ed7318fe14c7464eeb6eb030ed1e22eb29b4ab17f014e2a4c8887c3a46ae5d243e3072da27f00f4e285498ae6f1288177d38d1108288 DIST xsts-2004-01-14.tar.gz 2761085 BLAKE2B 41545995fb3a65d053257c376c07d45ffd1041a433bfbdb46d4dd87a5afb60c18c8629a3d988323f9e7a1d709775b5a7e5930276a7121c0725a22705c0976e36 SHA512 32854388d7e720ad67156baf50bf2bae7bd878ca3e35fd7e44e57cad3f434f69d56bbbedd61509f8a1faf01c9eae74a078df8fe130780b182c05c05cb1c39ebe diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49794-CVE-2025-49796.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49794-CVE-2025-49796.patch new file mode 100644 index 0000000000..bb8d7c1175 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49794-CVE-2025-49796.patch @@ -0,0 +1,182 @@ +From 81cef8c5b5aec2acdf5707e57a6db0c8d1d0abca Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Fri, 4 Jul 2025 14:28:26 +0200 +Subject: [PATCH] [CVE-2025-49794] [CVE-2025-49796] schematron: Fix + xmlSchematronReportOutput + +Fix use-after-free (CVE-2025-49794) and type confusion (CVE-2025-49796) +in xmlSchematronReportOutput. + +Fixes #931. +Fixes #933. +--- + result/schematron/cve-2025-49794_0.err | 2 ++ + result/schematron/cve-2025-49796_0.err | 2 ++ + schematron.c | 49 ++++++++++++++------------ + test/schematron/cve-2025-49794.sct | 10 ++++++ + test/schematron/cve-2025-49794_0.xml | 6 ++++ + test/schematron/cve-2025-49796.sct | 9 +++++ + test/schematron/cve-2025-49796_0.xml | 3 ++ + 7 files changed, 58 insertions(+), 23 deletions(-) + create mode 100644 result/schematron/cve-2025-49794_0.err + create mode 100644 result/schematron/cve-2025-49796_0.err + create mode 100644 test/schematron/cve-2025-49794.sct + create mode 100644 test/schematron/cve-2025-49794_0.xml + create mode 100644 test/schematron/cve-2025-49796.sct + create mode 100644 test/schematron/cve-2025-49796_0.xml + +diff --git a/result/schematron/cve-2025-49794_0.err b/result/schematron/cve-2025-49794_0.err +new file mode 100644 +index 00000000..57752310 +--- /dev/null ++++ b/result/schematron/cve-2025-49794_0.err +@@ -0,0 +1,2 @@ ++./test/schematron/cve-2025-49794_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: ++./test/schematron/cve-2025-49794_0.xml fails to validate +diff --git a/result/schematron/cve-2025-49796_0.err b/result/schematron/cve-2025-49796_0.err +new file mode 100644 +index 00000000..bf875ee0 +--- /dev/null ++++ b/result/schematron/cve-2025-49796_0.err +@@ -0,0 +1,2 @@ ++./test/schematron/cve-2025-49796_0.xml:2: element boo0: schematron error : /librar0/boo0 line 2: ++./test/schematron/cve-2025-49796_0.xml fails to validate +diff --git a/schematron.c b/schematron.c +index da603402..6e2ceeb7 100644 +--- a/schematron.c ++++ b/schematron.c +@@ -1414,27 +1414,15 @@ exit: + * * + ************************************************************************/ + +-static xmlNodePtr ++static xmlXPathObjectPtr + xmlSchematronGetNode(xmlSchematronValidCtxtPtr ctxt, + xmlNodePtr cur, const xmlChar *xpath) { +- xmlNodePtr node = NULL; +- xmlXPathObjectPtr ret; +- + if ((ctxt == NULL) || (cur == NULL) || (xpath == NULL)) + return(NULL); + + ctxt->xctxt->doc = cur->doc; + ctxt->xctxt->node = cur; +- ret = xmlXPathEval(xpath, ctxt->xctxt); +- if (ret == NULL) +- return(NULL); +- +- if ((ret->type == XPATH_NODESET) && +- (ret->nodesetval != NULL) && (ret->nodesetval->nodeNr > 0)) +- node = ret->nodesetval->nodeTab[0]; +- +- xmlXPathFreeObject(ret); +- return(node); ++ return(xmlXPathEval(xpath, ctxt->xctxt)); + } + + /** +@@ -1480,25 +1468,40 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, + (child->type == XML_CDATA_SECTION_NODE)) + ret = xmlStrcat(ret, child->content); + else if (IS_SCHEMATRON(child, "name")) { ++ xmlXPathObject *obj = NULL; + xmlChar *path; + + path = xmlGetNoNsProp(child, BAD_CAST "path"); + + node = cur; + if (path != NULL) { +- node = xmlSchematronGetNode(ctxt, cur, path); +- if (node == NULL) +- node = cur; ++ obj = xmlSchematronGetNode(ctxt, cur, path); ++ if ((obj != NULL) && ++ (obj->type == XPATH_NODESET) && ++ (obj->nodesetval != NULL) && ++ (obj->nodesetval->nodeNr > 0)) ++ node = obj->nodesetval->nodeTab[0]; + xmlFree(path); + } + +- if ((node->ns == NULL) || (node->ns->prefix == NULL)) +- ret = xmlStrcat(ret, node->name); +- else { +- ret = xmlStrcat(ret, node->ns->prefix); +- ret = xmlStrcat(ret, BAD_CAST ":"); +- ret = xmlStrcat(ret, node->name); ++ switch (node->type) { ++ case XML_ELEMENT_NODE: ++ case XML_ATTRIBUTE_NODE: ++ if ((node->ns == NULL) || (node->ns->prefix == NULL)) ++ ret = xmlStrcat(ret, node->name); ++ else { ++ ret = xmlStrcat(ret, node->ns->prefix); ++ ret = xmlStrcat(ret, BAD_CAST ":"); ++ ret = xmlStrcat(ret, node->name); ++ } ++ break; ++ ++ /* TODO: handle other node types */ ++ default: ++ break; + } ++ ++ xmlXPathFreeObject(obj); + } else if (IS_SCHEMATRON(child, "value-of")) { + xmlChar *select; + xmlXPathObjectPtr eval; +diff --git a/test/schematron/cve-2025-49794.sct b/test/schematron/cve-2025-49794.sct +new file mode 100644 +index 00000000..7fc9ee3d +--- /dev/null ++++ b/test/schematron/cve-2025-49794.sct +@@ -0,0 +1,10 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/test/schematron/cve-2025-49794_0.xml b/test/schematron/cve-2025-49794_0.xml +new file mode 100644 +index 00000000..debc64ba +--- /dev/null ++++ b/test/schematron/cve-2025-49794_0.xml +@@ -0,0 +1,6 @@ ++ ++ ++ ++ ++ ++ +diff --git a/test/schematron/cve-2025-49796.sct b/test/schematron/cve-2025-49796.sct +new file mode 100644 +index 00000000..e9702d75 +--- /dev/null ++++ b/test/schematron/cve-2025-49796.sct +@@ -0,0 +1,9 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/test/schematron/cve-2025-49796_0.xml b/test/schematron/cve-2025-49796_0.xml +new file mode 100644 +index 00000000..be33c4ec +--- /dev/null ++++ b/test/schematron/cve-2025-49796_0.xml +@@ -0,0 +1,3 @@ ++ ++ ++ +-- +2.49.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49795.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49795.patch new file mode 100644 index 0000000000..bc84978053 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-49795.patch @@ -0,0 +1,69 @@ +From 62048278a4c5fdf14d287dfb400005c0a0caa69f Mon Sep 17 00:00:00 2001 +From: Michael Mann +Date: Sat, 21 Jun 2025 12:11:30 -0400 +Subject: [PATCH] [CVE-2025-49795] schematron: Fix null pointer dereference + leading to DoS + +Fixes #932 +--- + result/schematron/zvon16_0.err | 3 +++ + schematron.c | 5 +++++ + test/schematron/zvon16.sct | 7 +++++++ + test/schematron/zvon16_0.xml | 5 +++++ + 4 files changed, 20 insertions(+) + create mode 100644 result/schematron/zvon16_0.err + create mode 100644 test/schematron/zvon16.sct + create mode 100644 test/schematron/zvon16_0.xml + +diff --git a/result/schematron/zvon16_0.err b/result/schematron/zvon16_0.err +new file mode 100644 +index 00000000..3d052409 +--- /dev/null ++++ b/result/schematron/zvon16_0.err +@@ -0,0 +1,3 @@ ++XPath error : Unregistered function ++./test/schematron/zvon16_0.xml:2: element book: schematron error : /library/book line 2: Book ++./test/schematron/zvon16_0.xml fails to validate +diff --git a/schematron.c b/schematron.c +index 1de25deb..da603402 100644 +--- a/schematron.c ++++ b/schematron.c +@@ -1506,6 +1506,11 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt, + select = xmlGetNoNsProp(child, BAD_CAST "select"); + comp = xmlXPathCtxtCompile(ctxt->xctxt, select); + eval = xmlXPathCompiledEval(comp, ctxt->xctxt); ++ if (eval == NULL) { ++ xmlXPathFreeCompExpr(comp); ++ xmlFree(select); ++ return ret; ++ } + + switch (eval->type) { + case XPATH_NODESET: { +diff --git a/test/schematron/zvon16.sct b/test/schematron/zvon16.sct +new file mode 100644 +index 00000000..f03848aa +--- /dev/null ++++ b/test/schematron/zvon16.sct +@@ -0,0 +1,7 @@ ++ ++ ++ ++ Book test ++ ++ ++ +diff --git a/test/schematron/zvon16_0.xml b/test/schematron/zvon16_0.xml +new file mode 100644 +index 00000000..551e2d65 +--- /dev/null ++++ b/test/schematron/zvon16_0.xml +@@ -0,0 +1,5 @@ ++ ++ ++ Test Author ++ ++ +-- +2.49.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6021.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6021.patch index 8c5e83e680..215519a0a6 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6021.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6021.patch @@ -1,31 +1,29 @@ -From ebe46ba82340cea8f030e0c0b3bb89aabad83674 Mon Sep 17 00:00:00 2001 -Message-ID: +From 17d950ae33c23f87692aa179bacedb6743f3188a Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Tue, 27 May 2025 12:53:17 +0200 -Subject: [PATCH] tree: Fix integer overflow in xmlBuildQName - -This issue affects memory safety and might receive a CVE ID later. +Subject: [PATCH] [CVE-2025-6021] tree: Fix integer overflow in xmlBuildQName Fixes #926. - -(cherry picked from commit acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0) --- - tree.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) + tree.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/tree.c b/tree.c -index f097cf87..76112e22 100644 +index f097cf87..5bc95b8a 100644 --- a/tree.c +++ b/tree.c -@@ -22,6 +22,7 @@ - #include - #include - #include -+#include - #include +@@ -47,6 +47,10 @@ + #include "private/error.h" + #include "private/tree.h" - #ifdef LIBXML_ZLIB_ENABLED -@@ -167,10 +168,10 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) { ++#ifndef SIZE_MAX ++ #define SIZE_MAX ((size_t)-1) ++#endif ++ + int __xmlRegisterCallbacks = 0; + + /************************************************************************ +@@ -167,10 +171,10 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) { xmlChar * xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, xmlChar *memory, int len) { @@ -38,7 +36,7 @@ index f097cf87..76112e22 100644 if (prefix == NULL) return((xmlChar *) ncname); #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -@@ -181,8 +182,10 @@ xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, +@@ -181,8 +185,10 @@ xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, lenn = strlen((char *) ncname); lenp = strlen((char *) prefix); @@ -50,8 +48,6 @@ index f097cf87..76112e22 100644 ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2); if (ret == NULL) return(NULL); - -base-commit: 3a1c25f5e7bbf8180690cf5c4c5a9fc1caf55c62 -- -2.50.0 +2.49.1 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6170.patch b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6170.patch new file mode 100644 index 0000000000..df01188e03 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/files/libxml2-2.13.8-CVE-2025-6170.patch @@ -0,0 +1,102 @@ +From 5e9ec5c107d3f5b5179c3dbc19df43df041cd55b Mon Sep 17 00:00:00 2001 +From: Michael Mann +Date: Fri, 20 Jun 2025 23:05:00 -0400 +Subject: [PATCH] [CVE-2025-6170] Fix potential buffer overflows of interactive + shell + +Fixes #941 +--- + debugXML.c | 15 ++++++++++----- + result/scripts/long_command | 8 ++++++++ + test/scripts/long_command.script | 6 ++++++ + test/scripts/long_command.xml | 1 + + 4 files changed, 25 insertions(+), 5 deletions(-) + create mode 100644 result/scripts/long_command + create mode 100644 test/scripts/long_command.script + create mode 100644 test/scripts/long_command.xml + +diff --git a/debugXML.c b/debugXML.c +index ed56b0f8..452b9573 100644 +--- a/debugXML.c ++++ b/debugXML.c +@@ -1033,6 +1033,10 @@ xmlCtxtDumpOneNode(xmlDebugCtxtPtr ctxt, xmlNodePtr node) + xmlCtxtGenericNodeCheck(ctxt, node); + } + ++#define MAX_PROMPT_SIZE 500 ++#define MAX_ARG_SIZE 400 ++#define MAX_COMMAND_SIZE 100 ++ + /** + * xmlCtxtDumpNode: + * @output: the FILE * for the output +@@ -2795,10 +2799,10 @@ void + xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + FILE * output) + { +- char prompt[500] = "/ > "; ++ char prompt[MAX_PROMPT_SIZE] = "/ > "; + char *cmdline = NULL, *cur; +- char command[100]; +- char arg[400]; ++ char command[MAX_COMMAND_SIZE]; ++ char arg[MAX_ARG_SIZE]; + int i; + xmlShellCtxtPtr ctxt; + xmlXPathObjectPtr list; +@@ -2856,7 +2860,8 @@ xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + cur++; + i = 0; + while ((*cur != ' ') && (*cur != '\t') && +- (*cur != '\n') && (*cur != '\r')) { ++ (*cur != '\n') && (*cur != '\r') && ++ (i < (MAX_COMMAND_SIZE - 1))) { + if (*cur == 0) + break; + command[i++] = *cur++; +@@ -2871,7 +2876,7 @@ xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + while ((*cur == ' ') || (*cur == '\t')) + cur++; + i = 0; +- while ((*cur != '\n') && (*cur != '\r') && (*cur != 0)) { ++ while ((*cur != '\n') && (*cur != '\r') && (*cur != 0) && (i < (MAX_ARG_SIZE-1))) { + if (*cur == 0) + break; + arg[i++] = *cur++; +diff --git a/result/scripts/long_command b/result/scripts/long_command +new file mode 100644 +index 00000000..e6f00708 +--- /dev/null ++++ b/result/scripts/long_command +@@ -0,0 +1,8 @@ ++/ > b > b > Object is a Node Set : ++Set contains 1 nodes: ++1 ELEMENT a:c ++b > Unknown command This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_comm ++b > b > Unknown command ess_currents_of_time_and_existence ++b > ++Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_prof ++b > +\ No newline at end of file +diff --git a/test/scripts/long_command.script b/test/scripts/long_command.script +new file mode 100644 +index 00000000..00f6df09 +--- /dev/null ++++ b/test/scripts/long_command.script +@@ -0,0 +1,6 @@ ++cd a/b ++set ++xpath //*[namespace-uri()="foo"] ++This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_command_please_dont_crash foo ++set Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_profound_emotion_and_every_grand_aspiration_that_propels_our_species_ever_onward_through_the_relentless_currents_of_time_and_existence ++save - +diff --git a/test/scripts/long_command.xml b/test/scripts/long_command.xml +new file mode 100644 +index 00000000..1ba44016 +--- /dev/null ++++ b/test/scripts/long_command.xml +@@ -0,0 +1 @@ ++ +-- +2.49.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.7.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.7.ebuild index e926396894..fd02ad0f40 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.7.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.7.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{10..13} ) PYTHON_REQ_USE="xml(+)" inherit autotools python-r1 multilib-minimal -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r1.ebuild index bf99e8749a..ce318bca07 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r1.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r1.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{11..14} ) PYTHON_REQ_USE="xml(+)" inherit autotools python-r1 multilib-minimal -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r2.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r2.ebuild new file mode 100644 index 0000000000..8faab5ffc8 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8-r2.ebuild @@ -0,0 +1,195 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Note: Please bump in sync with dev-libs/libxslt + +PYTHON_COMPAT=( python3_{11..14} ) +PYTHON_REQ_USE="xml(+)" +inherit autotools python-r1 multilib-minimal + +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20130923.tar.gz" + +DESCRIPTION="XML C parser and toolkit" +HOMEPAGE="https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home" +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://gitlab.gnome.org/GNOME/libxml2" + inherit git-r3 +else + inherit gnome.org + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +SRC_URI+=" + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + https://www.w3.org/XML/Test/${XMLCONF_TARBALL} + ) +" +S="${WORKDIR}/${PN}-${PV%_rc*}" + +LICENSE="MIT" +SLOT="2" +IUSE="examples icu lzma +python readline static-libs test" +RESTRICT="!test? ( test )" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +RDEPEND=" + virtual/libiconv + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +if [[ ${PV} == 9999 ]] ; then + BDEPEND+=" dev-build/gtk-doc-am" +fi + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +PATCHES=( + "${FILESDIR}"/${PN}-2.12.9-icu-pkgconfig.patch + "${FILESDIR}"/${PN}-2.13.8-CVE-2025-49794-CVE-2025-49796.patch + "${FILESDIR}"/${PN}-2.13.8-CVE-2025-49795.patch + "${FILESDIR}"/${PN}-2.13.8-CVE-2025-6021.patch + "${FILESDIR}"/${PN}-2.13.8-CVE-2025-6170.patch + +) + +src_unpack() { + if [[ ${PV} == 9999 ]] ; then + git-r3_src_unpack + else + local tarname=${P/_rc/-rc}.tar.xz + + # ${A} isn't used to avoid unpacking of test tarballs into ${WORKDIR}, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${tarname} + + if [[ -n ${PATCHSET_VERSION} ]] ; then + unpack ${PN}-${PATCHSET_VERSION}.tar.xz + fi + fi + + cd "${S}" || die + + if use test ; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + # Please do not remove, as else we get references to PORTAGE_TMPDIR + # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. + #elibtoolize + + eautoreconf +} + +multilib_src_configure() { + libxml2_configure() { + ECONF_SOURCE="${S}" econf \ + $(use_with icu) \ + $(use_with lzma) \ + $(use_enable static-libs static) \ + $(multilib_native_use_with readline) \ + $(multilib_native_use_with readline history) \ + --with-legacy \ + "$@" + } + + # Build python bindings separately + libxml2_configure --without-python + + multilib_is_native_abi && use python && + python_foreach_impl run_in_build_dir libxml2_configure --with-python +} + +libxml2_py_emake() { + pushd "${BUILD_DIR}"/python >/dev/null || die + + emake top_builddir="${NATIVE_BUILD_DIR}" "$@" + + popd >/dev/null || die +} + +multilib_src_compile() { + default + + if multilib_is_native_abi && use python ; then + NATIVE_BUILD_DIR="${BUILD_DIR}" + python_foreach_impl run_in_build_dir libxml2_py_emake all + fi +} + +multilib_src_test() { + ln -s "${S}"/xmlconf || die + + emake check + + multilib_is_native_abi && use python && + python_foreach_impl run_in_build_dir libxml2_py_emake check +} + +multilib_src_install() { + emake DESTDIR="${D}" install + + multilib_is_native_abi && use python && + python_foreach_impl run_in_build_dir libxml2_py_emake DESTDIR="${D}" install + + # Hack until automake release is made for the optimise fix + # https://git.savannah.gnu.org/cgit/automake.git/commit/?id=bde43d0481ff540418271ac37012a574a4fcf097 + multilib_is_native_abi && use python && python_foreach_impl python_optimize +} + +multilib_src_install_all() { + einstalldocs + + if ! use examples ; then + rm -rf "${ED}"/usr/share/doc/${PF}/examples || die + rm -rf "${ED}"/usr/share/doc/${PF}/python/examples || die + fi + + rm -rf "${ED}"/usr/share/doc/${PN}-python-${PVR} || die + + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ -n "${ROOT}" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # Need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}/etc/xml/catalog" + + # We don't want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e "${CATALOG}" ]]; then + [[ -d "${EROOT}/etc/xml" ]] || mkdir -p "${EROOT}/etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8.ebuild index 0b52015688..7b35f65a41 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.13.8.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{11..14} ) PYTHON_REQ_USE="xml(+)" inherit autotools python-r1 multilib-minimal -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" @@ -23,7 +23,7 @@ if [[ ${PV} == 9999 ]] ; then inherit git-r3 else inherit gnome.org - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" fi SRC_URI+=" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4-r1.ebuild index f8c49ee9c2..4c63126c61 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4-r1.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4-r1.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{11..14} ) PYTHON_REQ_USE="xml(+)" inherit python-r1 meson-multilib -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4.ebuild index cea637a5d7..738064b3f7 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.4.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{11..14} ) PYTHON_REQ_USE="xml(+)" inherit python-r1 meson-multilib -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.5.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.5.ebuild new file mode 100644 index 0000000000..738064b3f7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-2.14.5.ebuild @@ -0,0 +1,183 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Note: Please bump in sync with dev-libs/libxslt + +PYTHON_COMPAT=( python3_{11..14} ) +PYTHON_REQ_USE="xml(+)" +inherit python-r1 meson-multilib + +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_NAME_1="xmlschema2002-01-16" +XSTS_NAME_2="xmlschema2004-01-14" +XSTS_TARBALL_1="xsts-2002-01-16.tar.gz" +XSTS_TARBALL_2="xsts-2004-01-14.tar.gz" +XMLCONF_TARBALL="xmlts20130923.tar.gz" + +DESCRIPTION="XML C parser and toolkit" +HOMEPAGE="https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home" +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://gitlab.gnome.org/GNOME/libxml2" + inherit git-r3 +else + inherit gnome.org + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +SRC_URI+=" + test? ( + ${XSTS_HOME}/${XSTS_NAME_1}/${XSTS_TARBALL_1} + ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} + https://www.w3.org/XML/Test/${XMLCONF_TARBALL} + ) +" +S="${WORKDIR}/${PN}-${PV%_rc*}" + +LICENSE="MIT" +# see so_version = v_maj + v_min_compat for subslot +SLOT="2/16" +IUSE="icu +python readline static-libs test" +RESTRICT="!test? ( test )" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +RDEPEND=" + virtual/libiconv + >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] + icu? ( >=dev-libs/icu-51.2-r1:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) +" +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +MULTILIB_CHOST_TOOLS=( + /usr/bin/xml2-config +) + +PATCHES=( + "${FILESDIR}"/libxml2-2.14.2-no-git.patch +) + +src_unpack() { + if [[ ${PV} == 9999 ]] ; then + git-r3_src_unpack + else + local tarname=${P/_rc/-rc}.tar.xz + + # ${A} isn't used to avoid unpacking of test tarballs into ${WORKDIR}, + # as they are needed as tarballs in ${S}/xstc instead and not unpacked + unpack ${tarname} + + if [[ -n ${PATCHSET_VERSION} ]] ; then + unpack ${PN}-${PATCHSET_VERSION}.tar.xz + fi + fi + + cd "${S}" || die + + if use test ; then + cp "${DISTDIR}/${XSTS_TARBALL_1}" \ + "${DISTDIR}/${XSTS_TARBALL_2}" \ + "${S}"/xstc/ \ + || die "Failed to install test tarballs" + unpack ${XMLCONF_TARBALL} + fi +} + +src_prepare() { + default + + sed -e "/^dir_doc/ s/meson.project_name()$/\'${PF}\'/" -i meson.build || die +} + +python_configure() { + local emesonargs=( + $(meson_feature icu) + $(meson_native_use_feature readline) + $(meson_native_use_feature readline history) + -Dpython=enabled + ) + mkdir "${BUILD_DIR}" || die + pushd "${BUILD_DIR}" >/dev/null || die + meson_src_configure + popd >/dev/null || die +} + +multilib_src_configure() { + local emesonargs=( + -Ddefault_library=$(multilib_native_usex static-libs both shared) + $(meson_feature icu) + $(meson_native_use_feature readline) + $(meson_native_use_feature readline history) + -Dpython=disabled + + # There has been a clean break with a soname bump. + # It's time to deal with the breakage. + # bug #935452 + -Dlegacy=disabled + ) + meson_src_configure + + if multilib_is_native_abi && use python ; then + python_foreach_impl python_configure + fi +} + +python_compile() { + pushd "${BUILD_DIR}" >/dev/null || die + meson_src_compile + popd >/dev/null || die +} + +multilib_src_compile() { + meson_src_compile + + if multilib_is_native_abi && use python ; then + python_foreach_impl python_compile + fi +} + +multilib_src_test() { + meson_src_test + + if multilib_is_native_abi && use python ; then + python_foreach_impl meson_src_test + fi +} + +python_install() { + pushd "${BUILD_DIR}" >/dev/null || die + meson_src_install + python_optimize + popd >/dev/null || die +} + +multilib_src_install() { + if multilib_is_native_abi && use python ; then + python_foreach_impl python_install + fi + + meson_src_install +} + +pkg_postinst() { + # We don't want to do the xmlcatalog during stage1, as xmlcatalog will not + # be in / and stage1 builds to ROOT=/tmp/stage1root. This fixes bug #208887. + if [[ -n "${ROOT}" ]]; then + elog "Skipping XML catalog creation for stage building (bug #208887)." + else + # Need an XML catalog, so no-one writes to a non-existent one + CATALOG="${EROOT}/etc/xml/catalog" + + # We don't want to clobber an existing catalog though, + # only ensure that one is there + # + if [[ ! -e "${CATALOG}" ]]; then + [[ -d "${EROOT}/etc/xml" ]] || mkdir -p "${EROOT}/etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > "${CATALOG}" + einfo "Created XML catalog in ${CATALOG}" + fi + fi +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-9999.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-9999.ebuild index 2487d92bd5..1d1ab606ab 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-9999.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/libxml2/libxml2-9999.ebuild @@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{11..14} ) PYTHON_REQ_USE="xml(+)" inherit python-r1 meson-multilib -XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" +XSTS_HOME="https://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" XSTS_NAME_2="xmlschema2004-01-14" XSTS_TARBALL_1="xsts-2002-01-16.tar.gz"