From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <development+bounces-172-archive=lists.ipfire.org@lists.ipfire.org>
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZRC7K2DGPz3364
	for <archive@lists.ipfire.org>; Mon, 31 Mar 2025 13:45:17 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature RSA-PSS (4096 bits))
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZRC7F5Fy5z2xS5
	for <development@lists.ipfire.org>; Mon, 31 Mar 2025 13:45:13 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4ZRC7F02vCzHP;
	Mon, 31 Mar 2025 13:45:12 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1743428713;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=KJjZQ11C/EsU1d+QnW9QJOJ+IbsDgjwOB8hreNevd8Q=;
	b=o+oBaAkmIzt1VqEH3Gx9oQoXDjD/QnEZLLxCG4BHOZtEXHnPsUY7hz5+e7H7hekGRl9jLJ
	AcFo6DztOQW7V6BA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa;
	t=1743428713;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=KJjZQ11C/EsU1d+QnW9QJOJ+IbsDgjwOB8hreNevd8Q=;
	b=F+xjteUmR5mYLT/ayqU9DwY14zdx/WAh19NPdluV68UvVB9haiMIq6HblNoOh8OxxgfQ+t
	6k1JWuAMT8dxF7UQ+vFWGTdZv19LwwLVCQimiipdFwWcXaHIcYC3Hmocbkw1APgpaMifkG
	5IW0qf0Q1g8MpYgc/S2nsyCItD5GmLJ+/dJ4J/7GOr/C8fxp8K7Z/AP3aE0J19Na93imjF
	tQtAkyvUe2D8GgesW5GoQM0BnDxzEJS2KWDOZFTRHnc2GypBTfmtVq/y4T02uQMZadLg9r
	pexjFLmrM2cDB4sq7KmQphtw6QScedeAXkwpS67U8qR/XXF7AUkSrAlv60nTDA==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH 01/10] libxml2: Update to version 2.14.0
Date: Mon, 31 Mar 2025 15:45:00 +0200
Message-ID: <20250331134509.3327239-1-adolf.belka@ipfire.org>
Precedence: list
List-Id: <development.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
 <mailto:development+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
 <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development+help@lists.ipfire.org?subject=help>
Sender: <development@lists.ipfire.org>
Mail-Followup-To: <development@lists.ipfire.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

- Update from version 2.13.5 to 2.14.0
- Update of rootfile
- sobump so ran find-dependencies. apache2, clamav, collectd, libvirt, libxslt, nfs,
   rng-tools, rrdtool and tshark are all linked against the lib bump. So additional
   patches are in this set to bump the PAK_VER and ship the addons and to ship the
   linkied core packages. Hope it is done correctly. Let me know if not.
- 2 CVE fixes added into version 2.13.6
- Changelog
    2.14.0
      Major changes
	The HTML tokenizer now conforms fully to HTML5. Several non-standard
	 syntax warnings were removed. Note that HTML5 tree construction isn't
	 implemented yet.
	Binary compatibility is restricted to versions 2.14 or newer. On ELF
	 systems, the soname was bumped from libxml2.so.2 to libxml2.so.16.
	The serialization API will now take user-provided or default encodings
	 into account when serializing attribute values, matching the
	 serialization of text and avoiding unnecessary escaping.
	The XML parser won't try to merge consecutive CDATA sections as before
	 to align with web standards. Each CDATA section will create exactly one
	 node or SAX callback.
	Support for RELAX NG can now be disabled with a new configuration
	 option independently of XML Schemas support. It is still enabled by
	 default.
	The "legacy" configuration option won't enable support for HTTP and
	 LZMA anymore. These features will be removed in the next release.
	Parts of the xmllint executable were refactored, allowing the
	 combination of more options. OOM errors should be reported reliably now.
	Several improvements were made to the build systems. Meson is fully
	 supported now.
	Parts of the buffering code were reworked and simplified.
	Overflow checks before reallocations were hardenend.
	Some unprefixed symbols were renamed to avoid namespace pollution.
      New features
	Input callbacks can now be set on a parser context and an improved API
	 to create parser input is available. The following new functions,
	 taking a parser input object, were added:
		- xmlCtxtParseDocument
		- xmlCtxtParseContent as replacement for xmlParseBalancedChunkMemory
		  and xmlParseInNodeContext
		- xmlCtxtParseDtd
	The xmlSave API now has additional options to replace global settings.
	Parser options XML_PARSE_UNZIP, XML_PARSE_NO_SYS_CATALOG and
	 XML_PARSE_CATALOG_PI were added.
	An API function to install a custom character encoding converter is
	 now available. This makes it possible to use ICU for encoding conversion
	 even if libxml2 was compiled without ICU support, see example/icu.c.
      Deprecations
	Access to many public struct members is now deprecated. Several accessor
	 functions were added to use instead.
	More internal functions were deprecated.
      Removals
	Metadata about the HTML4 content model was removed from the htmlElemDesc
	 struct and related functions were deprecated.
	The FTP module and related functions were removed.
	Support for the range and point extensions of the xpointer() scheme
	 was removed. The rest of the XPointer implementation isn't affected.
	 The xpointer() scheme now behaves like the xpath1() scheme.
	Several legacy symbols and the functions in xmlunicode.h were removed.
	ELF version information was removed.
	The shell was moved from libxml2 to xmllint. Several related functions
	 are no longer available.
	The libxml.m4 file containing autoconf macros was removed.
	The --with-tree configuration option was removed.
	The hack to detect single-threaded programs under glibc was removed.
      Planned removals
	Support for HTTP and LZMA compression is planned to be removed in the
	 2.15 release.
	The following features are considered for removal:
		- Modules API (xmlmodule.h)
		- Schematron support
		- Support for zlib compressed file I/O
		- Legacy Windows build system in win32
	RELAX NG support is still in a bad state and a long-term removal
	 candidate.
    2.13.7
      Regressions
	- tree: Fix xmlTextMerge with NULL args
	- io: Fix `compressed` flag for uncompressed stdin
	- parser: Fix parsing of DTD content
    2.13.6
      Security
	- [CVE-2025-24928] Fix stack-buffer-overflow in xmlSnprintfElements
	- [CVE-2024-56171] Fix use-after-free after xmlSchemaItemListAdd
	- pattern: Fix compilation of explicit child axis
      Regressions
	- xmllint: Support compressed input from stdin
	- uri: Fix handling of Windows drive letters
	- reader: Fix return value of xmlTextReaderReadString again
	- SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL
      Portability
	- dict: Handle ENOSYS from getentropy gracefully
	- Fix compilation with uclibc (Dario Binacchi)
	- python: Declare init func with PyMODINIT_FUNC
	- tests: Fix sanitizer version check on old Apple clang
	- cmake: Work around broken sys/random.h in old macOS SDKs
      Build
	- autotools: Set AC_CONFIG_AUX_DIR
	- cmake: Always build Python module as shared library
	- cmake: add missing `Bcrypt` link on Windows (Saleem Abdulrasool)
	- cmake: Fix compatibility in package version file

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/libxml2 | 5 ++---
 lfs/libxml2                     | 6 +++---
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/config/rootfiles/common/libxml2 b/config/rootfiles/common/libxml2
index 7fa288199..589b5b752 100644
--- a/config/rootfiles/common/libxml2
+++ b/config/rootfiles/common/libxml2
@@ -53,10 +53,9 @@
 #usr/lib/cmake/libxml2/libxml2-config.cmake
 #usr/lib/libxml2.la
 #usr/lib/libxml2.so
-usr/lib/libxml2.so.2
-usr/lib/libxml2.so.2.13.5
+usr/lib/libxml2.so.16
+usr/lib/libxml2.so.16.0.0
 #usr/lib/pkgconfig/libxml-2.0.pc
-#usr/share/aclocal/libxml.m4
 #usr/share/doc/libxml2
 #usr/share/doc/libxml2/xmlcatalog.html
 #usr/share/doc/libxml2/xmllint.html
diff --git a/lfs/libxml2 b/lfs/libxml2
index 5ecea8db7..c1014f56f 100644
--- a/lfs/libxml2
+++ b/lfs/libxml2
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.13.5
+VER        = 2.14.0
 
 THISAPP    = libxml2-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 46c280630638e2c8009c593bbbcf90ccbfffe9ddcc99987c4d91c2223043759f2b4d6511b31b2357c5250ac3b40d96ef05c17b4d2adc61972665f8a0d899dfe8
+$(DL_FILE)_BLAKE2 = 4e210661b10b846cf80c2ba393209fd2bde1e7f8e4a024eff2e6a90369969e7a7696e2cb77197fe63f63fae959bcaed052d5c5107603f0c64a16d6ceeab6b43c
 
 install : $(TARGET)
 
-- 
2.49.0