diff --git a/libxml2-2.9.2-catalog-revert.patch b/libxml2-2.9.2-catalog-revert.patch new file mode 100644 index 0000000..b3de004 --- /dev/null +++ b/libxml2-2.9.2-catalog-revert.patch @@ -0,0 +1,31 @@ +From 0e6659ec960734b0b01aad196d4bdb4a3800b493 Mon Sep 17 00:00:00 2001 +From: Lubomir Rintel +Date: Thu, 16 Oct 2014 19:10:59 +0200 +Subject: [PATCH] Revert "Missing initialization for the catalog module" + +It's not correct to always load the default catalog. +https://bugzilla.redhat.com/show_bug.cgi?id=1153753 + +This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. + +--- + parser.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/parser.c b/parser.c +index 1d93967..67c9dfd 100644 +--- a/parser.c ++++ b/parser.c +@@ -14830,9 +14830,6 @@ xmlInitParser(void) { + #ifdef LIBXML_XPATH_ENABLED + xmlXPathInit(); + #endif +-#ifdef LIBXML_CATALOG_ENABLED +- xmlInitializeCatalog(); +-#endif + xmlParserInitialized = 1; + #ifdef LIBXML_THREAD_ENABLED + } +-- +1.9.3 + diff --git a/libxml2.spec b/libxml2.spec index 6c5f170..89adc87 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,7 +1,7 @@ Summary: Library providing XML and HTML support Name: libxml2 Version: 2.9.2 -Release: 1%{?dist}%{?extra_release} +Release: 2%{?dist}%{?extra_release} License: MIT Group: Development/Libraries Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz @@ -10,6 +10,7 @@ BuildRequires: python python-devel zlib-devel pkgconfig xz-devel URL: http://xmlsoft.org/ Patch0: libxml2-multilib.patch Patch1: libxml2-2.9.0-do-not-check-crc.patch +Patch2: libxml2-2.9.2-catalog-revert.patch %description This library allows to manipulate XML files. It includes support @@ -71,6 +72,7 @@ at parse time or later once the document has been modified. %patch0 -p1 # workaround for #877567 - Very weird bug gzip decompression bug in "recent" libxml2 versions %patch1 -p1 -b .do-not-check-crc +%patch2 -p1 -b .catalog-revert %build %configure @@ -156,6 +158,9 @@ rm -fr %{buildroot} %doc doc/python.html %changelog +* Thu Oct 16 2014 Lubomir Rintel - 2.9.2-2 +- Avoid corrupting the xml catalogs + * Thu Oct 16 2014 Daniel Veillard - 2.9.2-1 - upstream release of 2.9.1 - Fix for CVE-214-3660 billion laugh DOS