diff --git a/SOURCES/libxslt-1.1.32-CVE-2023-40403.patch b/SOURCES/libxslt-1.1.32-CVE-2023-40403.patch index 3d5477c..d8a6c33 100644 --- a/SOURCES/libxslt-1.1.32-CVE-2023-40403.patch +++ b/SOURCES/libxslt-1.1.32-CVE-2023-40403.patch @@ -1,4 +1,4 @@ -From e494220e4a57e87e8561e6798f57f4dcf91762b3 Mon Sep 17 00:00:00 2001 +From 72b05dd35f10467b9c58a7eb1b548cef94453f3b Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Wed, 31 Aug 2022 15:29:57 +0200 Subject: [PATCH 1/5] Infrastructure to store extra data in source nodes @@ -13,8 +13,8 @@ Revert any changes to the source document after the transformation. libxslt/transform.c | 34 ++++++++++ libxslt/xsltInternals.h | 3 + libxslt/xsltutils.c | 135 ++++++++++++++++++++++++++++++++++++++++ - libxslt/xsltutils.h | 15 ++++- - 4 files changed, 186 insertions(+), 1 deletion(-) + libxslt/xsltutils.h | 13 ++++ + 4 files changed, 185 insertions(+) diff --git a/libxslt/transform.c b/libxslt/transform.c index f748f2df..8634b09e 100644 @@ -229,7 +229,7 @@ index 2154b238..a0d9d331 100644 * * * Generating profiling informations * diff --git a/libxslt/xsltutils.h b/libxslt/xsltutils.h -index 789865a6..df89aeb1 100644 +index 789865a6..0ba068d9 100644 --- a/libxslt/xsltutils.h +++ b/libxslt/xsltutils.h @@ -247,6 +247,19 @@ XSLTPUBFUN xmlXPathCompExprPtr XSLTCALL @@ -252,27 +252,11 @@ index 789865a6..df89aeb1 100644 /* * Profiling. */ -@@ -267,6 +280,7 @@ XSLTPUBFUN void XSLTCALL - * Sampling precision for profiling - */ - #define XSLT_TIMESTAMP_TICS_PER_SEC 100000l -+#endif - - /* - * Hooks for the debugger. -@@ -306,7 +320,6 @@ XSLTPUBFUN void XSLTCALL - - #ifdef __cplusplus - } --#endif - - #endif /* __XML_XSLTUTILS_H__ */ - -- 2.49.0 -From 5895aaae58025fa35a540f6f922f9137505f1e27 Mon Sep 17 00:00:00 2001 +From c563ed48d08db0322b8be09896c49ce233212a9e Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Wed, 31 Aug 2022 15:34:47 +0200 Subject: [PATCH 2/5] Store key status of source nodes as bit flag @@ -403,7 +387,7 @@ index c094e974..11d8c3e5 100644 } if (ret != NULL) diff --git a/libxslt/xsltutils.h b/libxslt/xsltutils.h -index df89aeb1..80194891 100644 +index 0ba068d9..4285814a 100644 --- a/libxslt/xsltutils.h +++ b/libxslt/xsltutils.h @@ -249,6 +249,7 @@ XSLTPUBFUN xmlXPathCompExprPtr XSLTCALL @@ -418,7 +402,7 @@ index df89aeb1..80194891 100644 2.49.0 -From 5bdb3e5c9a0a4bc42dd14fe07cf594298a79edce Mon Sep 17 00:00:00 2001 +From cee66d9c12805c0fda674118365c4d5130c598c7 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Wed, 31 Aug 2022 15:35:37 +0200 Subject: [PATCH 3/5] Store RVT ownership in 'compression' member @@ -658,7 +642,7 @@ index 39b488c0..e7a058cc 100644 2.49.0 -From 957e111edb935259e777c15e809b1d4de8ee2f3f Mon Sep 17 00:00:00 2001 +From c28cfebd3503133a17345fef6a0b24084cca78a0 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Wed, 31 Aug 2022 13:35:23 +0200 Subject: [PATCH 4/5] Make generate-id() deterministic @@ -857,7 +841,7 @@ index e7a058cc..ae9b76af 100644 /** diff --git a/libxslt/xsltutils.h b/libxslt/xsltutils.h -index 80194891..bae9ad75 100644 +index 4285814a..9709b63e 100644 --- a/libxslt/xsltutils.h +++ b/libxslt/xsltutils.h @@ -250,6 +250,7 @@ XSLTPUBFUN xmlXPathCompExprPtr XSLTCALL @@ -1006,7 +990,7 @@ index 00000000..8478f6af 2.49.0 -From 7eff64281f0bcd4c6a452dc04f3250037d28786e Mon Sep 17 00:00:00 2001 +From 9177859200d47e52571dfeaaf13c0674ca70cc85 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Wed, 31 Aug 2022 21:37:44 +0200 Subject: [PATCH 5/5] Clean up attributes in source doc @@ -1040,7 +1024,7 @@ index a631529c..8a424773 100644 cur = cur->children; } else { diff --git a/libxslt/xsltutils.h b/libxslt/xsltutils.h -index bae9ad75..98ca83a1 100644 +index 9709b63e..e60de8ec 100644 --- a/libxslt/xsltutils.h +++ b/libxslt/xsltutils.h @@ -248,9 +248,9 @@ XSLTPUBFUN xmlXPathCompExprPtr XSLTCALL diff --git a/SPECS/libxslt.spec b/SPECS/libxslt.spec index 55140d6..bcfce6a 100644 --- a/SPECS/libxslt.spec +++ b/SPECS/libxslt.spec @@ -8,7 +8,7 @@ Name: libxslt Summary: Library providing the Gnome XSLT engine Version: 1.1.32 -Release: 6.2%{?dist} +Release: 6.3%{?dist} License: MIT URL: http://xmlsoft.org/XSLT @@ -143,6 +143,9 @@ rm -vrf %{buildroot}%{_docdir} %endif # with python2 %changelog +* Thu Aug 07 2025 David King - 1.1.32-6.3 +- Fix misplaced endif (RHEL-107912) + * Tue Jun 03 2025 David King - 1.1.32-6.2 - Fix CVE-2023-40403 (aka 2022-4909) (RHEL-89374)