rpms/libxml2
6
0
Fork 0
Code Issues Pull Requests Releases Activity
38 Commits 9 Branches 70 Tags 654 KiB
c9s
Commit Graph

38 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Laura Barcziova
a2cbd6eb44 Bump release for RHEL-119283 
Related: RHEL-119283
 2025-11-13 15:12:14 +01:00
RHEL Packaging Agent
79a011bc91 Fix CVE-2025-9714: XPath depth check with recursive invocations 
The patch fixes XPath depth check to work properly with recursive
invocations. EXSLT functions like dyn:map or dyn:evaluate invoke
xmlXPathRunEval recursively, which could lead to stack overflows.
The fix keeps and restores the original depth value instead of
resetting it to zero.

CVE: CVE-2025-9714
Upstream fix: 677a42645e.patch
Resolves: RHEL-119283

This commit was backported by Jotnar, a Red Hat Enterprise Linux software maintenance AI agent.

Assisted-by: Jotnar
 2025-11-04 09:40:07 +00:00
David King
56e5f738b3 Fix CVE-2025-32414 (RHEL-99873) 
Resolves: RHEL-99873
 2025-08-05 20:41:42 +01:00
David King
7b50df77c1 Fix CVE-2025-32415 (RHEL-100182) 
Resolves: RHEL-100182
 2025-08-05 19:28:02 +01:00
David King
d22150e133 Fix CVE-2025-7425 (RHEL-102806) 
The patch is adapted from the Apple-provided version upstream: https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

As the Apple fork was a substantially different version, there were some
significant changes to the patch.

Resolves: RHEL-102806
 2025-07-30 17:42:20 +01:00
David King
b50b88b4b3 Fix CVE-2025-49794 and CVE-2025-49796 
RHEL-96405 and RHEL-96431.

Resolves: RHEL-96405
Resolves: RHEL-96431
 2025-07-07 18:47:08 +01:00
David King
1606e10e41 Fix CVE-2025-6021 (RHEL-96507) 
Resolves: RHEL-96507
 2025-07-02 16:43:38 +01:00
David King
fe82a7d33c Fix CVE-2025-24928 (RHEL-80142) 
Resolves: RHEL-80142
 2025-02-26 08:44:35 +00:00
David King
77f26d1051 Fix CVE-2024-56171 (RHEL-80127) 
Resolves: RHEL-80127
 2025-02-25 10:54:39 +00:00
David King
5cfe14a696 Fix CVE-2022-49043 (RHEL-76298) 
Resolves: RHEL-76298
 2025-02-11 12:15:21 +00:00
Tomas Pelka
fd60d1c809 Update main.fmf 2024-12-06 09:22:08 +00:00
Tomas Pelka
07b747b70f adjust main.fmf 2024-12-04 13:36:53 +00:00
vhumpa
b80014e19e Update main.fmf - use import method to get ALL the phases from our internal main.fmf 2024-11-26 11:22:47 +00:00
Tomas Pelka
7ba2064645 metada prep for RHIVOS 
RHELMISC-7566
 2024-10-30 17:12:45 +00:00
David King
6e322f82fb Fix CVE-2024-25062 (RHEL-29196) 
Resolves: RHEL-29196
 2024-04-29 09:13:47 +01:00
David King
b0d0f5e8a5 Fix CVE-2023-39615 (RHEL-5180) 
Resolves: RHEL-5180
 2023-09-20 16:40:02 +01:00
David King
adfe0fa27d Fix CVE-2023-29469 (#2186694) 
Resolves: #2186694
 2023-04-14 11:23:10 +01:00
David King
816b292018 Fix CVE-2023-28484 (#2186694) 
Resolves; #2186694
 2023-04-14 10:17:55 +01:00
David King
cd31becb83 Fix CVE-2022-40304 (#2136569) 
Resolves: #2136569
 2022-11-01 23:48:58 +00:00
David King
47f0327a38 Fix CVE-2022-40303 (#2136564) 
Resolves: #2136564
 2022-11-01 23:43:38 +00:00
David King
c861f20ebe Fix CVE-2022-29824 (#2082300) 
Resolves: #2082300
 2022-05-10 14:04:49 +01:00
David King
abcdcc82c9 Update to 2.9.13 (#2057665) 
Resolves: #2057665
 2022-02-24 12:13:42 +00:00
David King
c91236b3ee Ignore badfuncs in library 
The gethostbyname() call that rpminspect complains about is only used in
the cases that IPv6 is not available.
 2022-02-02 10:57:35 +00:00
Mohan Boddu
42d359bcd0 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags 
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-08-09 21:55:18 +00:00
Tomas Pelka
dd76ef5757 enabling gating for el9 2021-06-16 13:38:02 +02:00
David King
1c8fb09a37 Fix xmlNodeDumpOutputInternal regression (#1969892) 
Resolves: #1969892
 2021-06-10 10:04:06 +01:00
David King
519a1751df Fix xmlNodeDumpOutputInternal regression (#1969892) 
Resolves: #1969892
 2021-06-09 15:02:26 +01:00
David King
6fccb7eda6 Fix multiarch conflict in devel subpackage (#1964346) 
Resolves: #1964346
 2021-05-25 11:06:29 +01:00
David King
4c0e536172 Rebase to 2.9.12 (#1960623) 
Resolves: #1960623
Resolves: #1958784
Resolves: CVE-2021-3541
 2021-05-21 12:32:14 +01:00
David King
8431385faa Fix CVE-2021-3537 (#1957285) 
Resolves: #1957285
Resolves: CVE-2021-3537
 2021-05-14 09:53:49 +01:00
David King
86430a8e54 Fix CVE-2021-3518 (#1957029) 
Resolves: #1957029
Resolves: CVE-2021-3518
 2021-05-14 09:53:39 +01:00
David King
90e67115f4 Fix CVE-2021-3517 (#1957002) 
Resolves: #1957002
Resolves: CVE-2021-3517
 2021-05-14 09:53:31 +01:00
David King
e510538dd3 Fix CVE-2021-3516 (#1956969) 
Resolves: #1956969
Resolves: CVE-2021-3516
 2021-05-14 09:53:21 +01:00
Mohan Boddu
6d3235a29d - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-04-16 01:47:14 +00:00
DistroBaker
fa39c1eb0a Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/libxml2.git#aef32771cde4f8af27f36e842c427de4e5a1d88d
 2021-02-02 14:05:41 +00:00
Troy Dawson
9c10d76726 RHEL 9.0.0 Alpha bootstrap 
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/libxml2#cfc15dfe1a449af07eb17ef9451c09ccafd7f76a
 2020-11-16 13:10:44 -08:00
Petr Šabata
65567fea54 RHEL 9.0.0 Alpha bootstrap 
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/libxml2#80f8374a0fb119668afc63e16d1de3a636f05b40
 2020-10-15 18:10:15 +02:00
Release Configuration Management
1950154286 New branch setup 2020-10-08 17:35:16 +00:00