On Mon, May 31, 2021 at 12:34:54AM -0700, Nam Nguyen wrote: > > Here is a fresh diff with some additions: > > - move to gnome's gitlab to avoid using ftp (as suggested by tj@) > > - CONFIGURE_STYLE autoreconf > > - translate patches from Makefile.in --> Makefile.am
This is not correct. The gnome gitlab package has different content. libxml2-v2.9.12.tar.gz is not the official release. E.g. file customfo.xsl is an addition. http://www.xmlsoft.org/ provides an official download link to ftp://xmlsoft.org/libxml2/ . That is where the releases live as announced by the upstream project. Instead of using some unknown HTTPS certificate one should verify the PGP signature provided by the maintainers. Usually I add it to SUPDISTFILES so it is downloaded when updating. It reminds me to check it when I update a port. ok? bluhm Index: textproc/libxml/Makefile =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/Makefile,v retrieving revision 1.188 diff -u -p -r1.188 Makefile --- textproc/libxml/Makefile 12 May 2021 11:22:35 -0000 1.188 +++ textproc/libxml/Makefile 11 Jun 2021 14:30:46 -0000 @@ -3,15 +3,14 @@ COMMENT-main= XML parsing library COMMENT-python= Python bindings for libxml -VERSION= 2.9.10 -REVISION-main= 4 -REVISION-python= 5 +VERSION= 2.9.12 DISTNAME= libxml2-${VERSION} PKGNAME-main= libxml-${VERSION} PKGNAME-python= py3-libxml-${VERSION} -SHARED_LIBS += xml2 16.1 # 11.9 +SHARED_LIBS += xml2 17.0 # 11.9 CATEGORIES= textproc MASTER_SITES= ftp://xmlsoft.org/libxml/ +SUPDISTFILES = ${DISTFILES}.asc HOMEPAGE= http://xmlsoft.org/ Index: textproc/libxml/distinfo =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/distinfo,v retrieving revision 1.57 diff -u -p -r1.57 distinfo --- textproc/libxml/distinfo 1 Nov 2019 15:37:45 -0000 1.57 +++ textproc/libxml/distinfo 11 Jun 2021 14:31:10 -0000 @@ -1,2 +1,4 @@ -SHA256 (libxml2-2.9.10.tar.gz) = qv7hk/+4/gyC1K/vbvkZcsuvX+6hAO3C8mJ1BhG0vh8= -SIZE (libxml2-2.9.10.tar.gz) = 5624761 +SHA256 (libxml2-2.9.12.tar.gz) = yNZoHjjFbxcokshd3AhS4f1LU7Qgnn9Ovxf34urnHZI= +SHA256 (libxml2-2.9.12.tar.gz.asc) = RIeC1nGhqdxq52Ew84xYoMmpWeeZQnQSzG+JdEPGoJg= +SIZE (libxml2-2.9.12.tar.gz) = 5681632 +SIZE (libxml2-2.9.12.tar.gz.asc) = 488 Index: textproc/libxml/patches/patch-Makefile_in =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/patches/patch-Makefile_in,v retrieving revision 1.11 diff -u -p -r1.11 patch-Makefile_in --- textproc/libxml/patches/patch-Makefile_in 1 Nov 2019 15:37:45 -0000 1.11 +++ textproc/libxml/patches/patch-Makefile_in 11 Jun 2021 14:35:32 -0000 @@ -15,7 +15,7 @@ Index: Makefile.in LDADDS = $(STATIC_BINARIES) $(top_builddir)/libxml2.la $(THREAD_LIBS) $(Z_LIBS) $(LZMA_LIBS) $(ICONV_LIBS) $(M_LIBS) $(WIN32_EXTRA_LIBADD) man_MANS = xml2-config.1 libxml.3 m4datadir = $(datadir)/aclocal -@@ -880,7 +880,7 @@ cmake_DATA = libxml2-config.cmake +@@ -881,7 +881,7 @@ cmake_DATA = libxml2-config.cmake # Install the tests program sources as examples # BASE_DIR = $(datadir)/doc @@ -24,7 +24,7 @@ Index: Makefile.in EXAMPLES_DIR = $(BASE_DIR)/$(DOC_MODULE)/examples # -@@ -2089,7 +2089,7 @@ runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testap +@@ -2090,7 +2090,7 @@ runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testap testchar$(EXEEXT) testdict$(EXEEXT) runxmlconf$(EXEEXT) [ -d test ] || $(LN_S) $(srcdir)/test . [ -d result ] || $(LN_S) $(srcdir)/result . @@ -33,7 +33,7 @@ Index: Makefile.in $(CHECKER) ./testrecurse$(EXEEXT) && \ ASAN_OPTIONS="$$ASAN_OPTIONS:detect_leaks=0" $(CHECKER) ./testapi$(EXEEXT) && \ $(CHECKER) ./testchar$(EXEEXT) && \ -@@ -2616,6 +2616,7 @@ SVGtests : xmllint$(EXEEXT) +@@ -2618,6 +2618,7 @@ SVGtests : xmllint$(EXEEXT) grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0";\ else \ echo Testing $$name ; \ Index: textproc/libxml/patches/patch-configure_ac =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/patches/patch-configure_ac,v retrieving revision 1.4 diff -u -p -r1.4 patch-configure_ac --- textproc/libxml/patches/patch-configure_ac 14 Mar 2018 08:20:49 -0000 1.4 +++ textproc/libxml/patches/patch-configure_ac 11 Jun 2021 14:35:35 -0000 @@ -2,7 +2,7 @@ $OpenBSD: patch-configure_ac,v 1.4 2018/ Index: configure.ac --- configure.ac.orig +++ configure.ac -@@ -539,7 +539,7 @@ dnl Checks for library functions. +@@ -544,7 +544,7 @@ dnl Checks for library functions. AC_FUNC_STRFTIME AC_CHECK_FUNCS(strftime localtime gettimeofday ftime) AC_CHECK_FUNCS(stat signal) Index: textproc/libxml/patches/patch-parser_c =================================================================== RCS file: textproc/libxml/patches/patch-parser_c diff -N textproc/libxml/patches/patch-parser_c --- textproc/libxml/patches/patch-parser_c 11 May 2021 07:39:24 -0000 1.21 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,43 +0,0 @@ -$OpenBSD: patch-parser_c,v 1.21 2021/05/11 07:39:24 bluhm Exp $ - -https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076 -CVE-2020-7595 - -https://bugzilla.redhat.com/show_bug.cgi?id=1956522 -https://gitlab.gnome.org/GNOME/libxml2/commit/babe75030c7f64a37826bb3342317134568bef61 -CVE-2021-3537 - -Index: parser.c ---- parser.c.orig -+++ parser.c -@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, cons - else - c = 0; - while ((c != 0) && (c != end) && /* non input consuming loop */ -- (c != end2) && (c != end3)) { -+ (c != end2) && (c != end3) && -+ (ctxt->instate != XML_PARSER_EOF)) { - - if (c == 0) break; - if ((c == '&') && (str[1] == '#')) { -@@ -6194,6 +6195,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPt - SKIP_BLANKS; - cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid, - depth + 1); -+ if (cur == NULL) -+ return(NULL); - SKIP_BLANKS; - GROW; - } else { -@@ -6327,6 +6330,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPt - SKIP_BLANKS; - last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid, - depth + 1); -+ if (last == NULL) { -+ if (ret != NULL) -+ xmlFreeDocElementContent(ctxt->myDoc, ret); -+ return(NULL); -+ } - SKIP_BLANKS; - } else { - elem = xmlParseName(ctxt); Index: textproc/libxml/patches/patch-python_libxml_c =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/textproc/libxml/patches/patch-python_libxml_c,v retrieving revision 1.1 diff -u -p -r1.1 patch-python_libxml_c --- textproc/libxml/patches/patch-python_libxml_c 10 Jun 2020 22:54:58 -0000 1.1 +++ textproc/libxml/patches/patch-python_libxml_c 11 Jun 2021 14:35:37 -0000 @@ -5,7 +5,7 @@ https://gitlab.gnome.org/GNOME/libxml2/- Index: python/libxml.c --- python/libxml.c.orig +++ python/libxml.c -@@ -1620,6 +1620,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, +@@ -1621,6 +1621,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, PyObject *message; PyObject *result; char str[1000]; @@ -13,7 +13,7 @@ Index: python/libxml.c #ifdef DEBUG_ERROR printf("libxml_xmlErrorFuncHandler(%p, %s, ...) called\n", ctx, msg); -@@ -1636,12 +1637,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, +@@ -1637,12 +1638,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, str[999] = 0; va_end(ap);
