File python-libxml2-python.spec of Package libxml2 (Revision b565b399b4ce9077b13f007ad3fee4db)
Currently displaying revision b565b399b4ce9077b13f007ad3fee4db , Show latest
173
1
#
2
# spec file for package python-libxml2-python
3
#
4
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
5
#
6
# All modifications and additions to the file contributed by third parties
7
# remain the property of their copyright owners, unless otherwise agreed
8
# upon. The license for this file, and modifications and additions to the
9
# file, is the same license as for the pristine package itself (unless the
10
# license for the pristine package is not an Open Source License, in which
11
# case the license is the MIT License). An "Open Source License" is a
12
# license that conforms to the Open Source Definition (Version 1.9)
13
# published by the Open Source Initiative.
14
15
# Please submit bugfixes or comments via http://bugs.opensuse.org/
16
#
17
18
19
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
20
%define oldpython python
21
Name: python-libxml2-python
22
Version: 2.9.7
23
Release: 0
24
Summary: Python Bindings for libxml2
25
License: MIT
26
Group: Development/Libraries/Python
27
Url: http://xmlsoft.org
28
Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
29
30
Patch0: fix-perl.diff
31
Patch1: python3.6-verify_fd.patch
32
Patch2: libxml2-python3-unicode-errors.patch
33
# PATCH-FIX-UPSTREAM libxml2-python3-string-null-check.patch bsc#1065270 mgorse@suse.com -- don't return a NULL string for an invalid UTF-8 conversion.
34
Patch3: libxml2-python3-string-null-check.patch
35
# PATCH-FIX-UPSTREAM bsc#1102046 CVE-2018-14404 NULL pointer dereference in xpath.c:xmlXPathCompOpEval()
36
Patch4: libxml2-CVE-2018-14404.patch
37
# PATCH-FIX-UPSTREAM bsc#1105166 bsc#1088279 CVE-2018-14567 CVE-2018-9251 Fix infinite loop in LZMA decompression
38
Patch5: libxml2-CVE-2018-14567.patch
39
# PATCH-FIX-SUSE bsc#1135123 Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit
40
Patch6: libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
41
# PATCH-FIX-UPSTREAM bsc#1161517 CVE-2020-7595 Infinite loop in xmlStringLenDecodeEntities
42
Patch7: libxml2-CVE-2020-7595.patch
43
# PATCH-FIX-UPSTREAM bsc#1161521 CVE-2019-20388 Memory leak in xmlSchemaPreRun
44
Patch8: libxml2-CVE-2019-20388.patch
45
# PATCH-FIX-UPSTREAM bsc#1176179 CVE-2020-24977 xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal
46
Patch9: libxml2-CVE-2020-24977.patch
47
# PATCH-FIX-SUSE bsc#1178823 Avoid quadratic checking of identity-constraints
48
Patch10: libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
49
# PATCH-FIX-UPSTREAM bsc#1185409 CVE-2021-3516 use-after-free in entities.c:xmlEncodeEntitiesInternal()
50
Patch11: libxml2-CVE-2021-3516.patch
51
# PATCH-FIX-UPSTREAM bsc#1185410 CVE-2021-3517 heap-based buffer overflow entities.c:xmlEncodeEntitiesInternal()
52
Patch12: libxml2-CVE-2021-3517.patch
53
# PATCH-FIX-UPSTREAM bsc#1185408 CVE-2021-3518 use-after-free in xinclude.c:xmlXIncludeDoProcess()
54
Patch13: libxml2-CVE-2021-3518.patch
55
# PATCH-FIX-UPSTREAM bsc#1185698 CVE-2021-3537 NULL pointer dereference in valid.c:xmlValidBuildAContentModel
56
Patch14: libxml2-CVE-2021-3537.patch
57
# PATCH-FIX-UPSTREAM bsc#1186015 CVE-2021-3541 Exponential entity expansion attack bypasses all existing protection mechanisms
58
Patch15: libxml2-CVE-2021-3541.patch
59
# PATCH-FIX-UPSTREAM bsc#1196490 CVE-2022-23308 Use-after-free of ID and IDREF attributes
60
# - https://gitlab.gnome.org/GNOME/libxml2/-/commit/652dd12a858989b14eed4e84e453059cd3ba340e
61
Patch16: libxml2-CVE-2022-23308.patch
62
# PATCH-FIX-UPSTREAM bsc#1199132 CVE-2022-29824 integer overflow leading to out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*)
63
# - https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
64
Patch17: libxml2-CVE-2022-29824.patch
65
# PATCH-FIX-UPSTREAM bsc#1201978 CVE-2016-3709 Cross-site scripting vulnerability
66
Patch18: libxml2-CVE-2016-3709.patch
67
# PATCH-FIX-UPSTREAM Fix integer overflows with XML_PARSE_HUGE (bsc#1204366, CVE-2022-40303)
68
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/ffaec75809a315457891a0e54f8828bc6e056067
69
Patch19: libxml2-CVE-2022-40303.patch
70
# PATCH-FIX-UPSTREAM Fix dict corruption caused by entity reference cycles (bsc#1204367, CVE-2022-40304)
71
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/644a89e080bced793295f61f18aac8cfad6bece2
72
Patch20: libxml2-CVE-2022-40304.patch
73
# PATCH-FIX-UPSTREAM [CVE-2023-29469, bsc#1210412] Hashing of empty dict strings isn't deterministic
74
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/09a2dd453007f9c7205274623acdd73747c22d64
75
Patch21: libxml2-CVE-2023-29469.patch
76
# PATCH-FIX-UPSTREAM [CVE-CVE-2023-28484, bsc#1210411] NULL dereference in xmlSchemaFixupComplexType
77
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f
78
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/4c6922f763ad958c48ff66f82823ae21f2e92ee6
79
Patch22: libxml2-CVE-2023-28484-1.patch
80
Patch23: libxml2-CVE-2023-28484-2.patch
81
# PATCH-FIX-UPSTREAM CVE-2023-39615 bsc#1214768
82
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/d0c3f01e110d54415611c5fa0040cdf4a56053f9
83
Patch24: libxml2-CVE-2023-39615.patch
84
# PATCH-FIX-UPSTREAM [CVE-2023-45322 bsc#1216129] use-after-free in xmlUnlinkNode() in tree.c
85
# https://gitlab.gnome.org/GNOME/libxml2/-/commit/d39f78069dff496ec865c73aa44d7110e429bce9
86
Patch25: libxml2-CVE-2023-45322.patch
87
88
BuildRequires: %{python_module devel}
89
BuildRequires: %{python_module xml}
90
BuildRequires: pkgconfig
91
BuildRequires: python-rpm-macros
92
BuildRequires: pkgconfig(libxml-2.0)
93
Requires: libxml2-2 = %{version}
94
%ifpython2
95
Obsoletes: libxml2-python < %{version}
96
Provides: libxml2-python = %{version}
97
Obsoletes: %{oldpython}-libxml2 < %{version}
98
Provides: %{oldpython}-libxml2 = %{version}
99
%endif
100
%python_subpackages
101
102
%description
103
The libxml2-python package contains a module that permits applications
104
written in the Python programming language to use the interface
105
supplied by the libxml2 library to manipulate XML files.
106
107
This library allows manipulation of XML files. It includes support for
108
reading, modifying, and writing XML and HTML files. There is DTD
109
support that includes parsing and validation even with complex DTDs,
110
either at parse time or later once the document has been modified.
111
112
%prep
113
%setup -q -n libxml2-%{version}
114
%patch0
115
%patch1 -p1
116
%patch2 -p1
117
%patch3 -p1
118
%patch4 -p1
119
%patch5 -p1
120
%patch6 -p1
121
%patch7 -p1
122
%patch8 -p1
123
%patch9 -p1
124
%patch10 -p1
125
%patch11 -p1
126
%patch12 -p1
127
%patch13 -p1
128
%patch14 -p1
129
%patch15 -p1
130
%patch16 -p1
131
%patch17 -p1
132
%patch18 -p1
133
%patch19 -p1
134
%patch20 -p1
135
%patch21 -p1
136
%patch22 -p1
137
%patch23 -p1
138
%patch24 -p1
139
%patch25 -p1
140
141
%build
142
export CFLAGS="%{optflags} -fno-strict-aliasing"
143
%configure \
144
--with-fexceptions \
145
--with-history \
146
--enable-ipv6 \
147
--with-sax1 \
148
--with-regexps \
149
--with-threads \
150
--with-reader \
151
--with-http
152
153
pushd python
154
%python_build
155
popd
156
157
%install
158
pushd python
159
%python_install
160
popd
161
chmod a-x python/tests/*.py
162
# Unwanted doc stuff
163
rm -fr %{buildroot}%{_datadir}/doc
164
rm -f python/tests/Makefile*
165
166
%files %{python_files}
167
%doc python/TODO
168
%doc python/libxml2class.txt
169
%doc python/tests
170
%{python_sitearch}/*
171
172
%changelog
173