- Update from version 2.11.4 to 2.12.3 - Update of rootfile - Changelog 2.12.3: Dec 12 2023 ### Regressions - parser: Fix namespaces redefined from default attributes ### Build fixes - include: Rename XML_EMPTY helper macro - include: Move declaration of xmlInitGlobals - include: Add missing includes - include: Move globals from xmlsave.h to parser.h - include: Readd circular dependency between tree.h and parser.h 2.12.2: Dec 5 2023 ### Regressions - parser: Fix invalid free in xmlParseBalancedChunkMemoryRecover - globals: Disable TLS in static Windows builds - html: Reenable buggy detection of XML declarations - tree: Fix regression when copying DTDs - parser: Make CRLF increment line number ### Build fixes - build: Disable compiler TLS by default - cmake: Update config.h.cmake.in - tests: Fix tests --with-valid --without-xinclude 2.12.1: Nov 23 2023 ### Regressions - hash: Fix deletion of entries during scan - parser: Only enable SAX2 if there are SAX2 element handlers ### Build fixes - autotools: Stop checking for snprintf - dict: Fix '__thread' before 'static' - fix: pthread weak references in globals.c (Mike Dalessio) - tests: Fix build with older MSVC 2.12.0: Nov 16 2023 ### Major changes Most of the known issues leading to quadratic behavior in the XML parser were fixed. Internal hash tables were rewritten to reduce memory consumption. Starting with this release, it should be enough to add the --with-legacy configuration option to provide maximum ABI compatibility. For example, if a code module was removed from the default configuration, the option will add stubs for the removed symbols. libxml2 will now store global variables in thread-local storage if supported by the compiler. This avoids allocating the data lazily which can result in a fatal error condition. A new API function xmlCheckThreadLocalStorage was added so the allocation can be checked earlier if compiler TLS is not supported. To prepare for future improvements, some API functions now expect or return a const xmlError struct. Several cyclic dependencies in public header files were fixed. As a result, certain headers won't include other headers as before. Refactoring of the encoding code has been mostly completed. Calling xmlSwitchEncoding from client code is now fully supported, for example to override the encoding for the push parser. When parsing data from memory, libxml2 will now stream data chunk by chunk instead of copying the whole buffer (possibly twice with encodings), reducing peak memory consumption considerably. A new API function xmlCtxtSetMaxAmplification was added to allow parsing of files that would otherwise trigger the billion laughs protection. Several bugs in the regex determinism checks were fixed. Invalid XML Schemas which previous versions erroneously accepted will now be rejected. ### Deprecations - globals: Deprecate xmlLastError - parser: Deprecate global parser options - win32: Deprecate old Windows build system ### Bug fixes - parser: Stop switching to ISO-8859-1 on encoding errors - parser: Support encoded external PEs in entity values - string: Fix UTF-8 validation in xmlGetUTF8Char - SAX2: Allow multiple top-level elements - parser: Update line number after coalescing text nodes - parser: Check for truncated multi-byte sequences ### Improvements - error: Make more xmlError structs constant - parser: Remove redundant IS_CHAR check in xmlCurrentChar - parser: Fix stack handling in xmlParseTryOrFinish - parser: Protect against quadratic default attribute expansion - parser: Missing checks for disableSAX - entities: Make xmlFreeEntity public - examples: Don't use sprintf - encoding: Suppress -Wcast-align warnings - parser: Use hash tables to avoid quadratic behavior - parser: Don't skip CR in xmlCurrentChar - dict: Rewrite dictionary hash table code - hash: Rewrite hash table code - malloc-fail: Report malloc failure in xmlFARegExec - malloc-fail: Report malloc failure in xmlRegEpxFromParse - parser: Simplify xmlStringCurrentChar - regexp: Fix status codes and handle invalid UTF-8 - error: Make xmlGetLastError return a const error - html: Fix logic in htmlAutoClose - globals: Move globals back to correct header files - globals: Use thread-local storage if available - globals: Rework global state destruction on Windows - globals: Define globals using macros - globals: Introduce xmlCheckThreadLocalStorage - globals: Make xmlGlobalState private - threads: Move library initialization code to threads.c - debug: Remove debugging code - globals: Move code from threads.c to globals.c - parser: Avoid undefined behavior in xmlParseStartTag2 - schemas: Fix memory leak of annotations in notations - dict: Update hash function - dict: Use thread-local storage for PRNG state - dict: Use xoroshiro64** as PRNG - xmllint: Fix error messages - parser: Fix detection of null bytes - parser: Improve error handling in push parser - parser: Don't check inputNr in xmlParseTryOrFinish - parser: Remove push parser debugging code - tree: Fix copying of DTDs - legacy: Add stubs for disabled modules - parser: Allow to set maximum amplification factor - entities: Don't change doc when encoding entities - parser: Never use UTF-8 encoding handler - encoding: Remove debugging code - malloc-fail: Fix unsigned integer overflow in xmlTextReaderPushData - html: Remove encoding hack in htmlCreateFileParserCtxt - parser: Decode all data in xmlCharEncInput - parser: Stream data when reading from memory - parser: Optimize xmlLoadEntityContent - parser: Don't overwrite EOF parser state - parser: Simplify input pointer updates - parser: Don't reinitialize parser input members - encoding: Move rawconsumed accounting to xmlCharEncInput - parser: Rework encoding detection - parser: Always create UTF-8 in xmlParseReference - html: Remove some debugging code in htmlParseTryOrFinish - malloc-fail: Fix memory leak in xmlCompileAttributeTest - parser: Recover more input from encoding errors - malloc-fail: Handle malloc failures in xmlAddEncodingAlias - malloc-fail: Fix null-deref with xmllint --copy - xpath: Ignore entity ref nodes when computing node hash - malloc-fail: Fix null deref after xmlXIncludeNewRef - SAX: Always validate xml:ids - Stop using sprintf - Fix compiler warning on GCC < 8 - regexp: Fix determinism checks - regexp: Fix checks for eliminated transitions - regexp: Simplify xmlFAReduceEpsilonTransitions - regexp: Fix cycle check in xmlFAReduceEpsilonTransitions - schemas: Fix filename in xmlSchemaValidateFile - schemas: Fix line numbers in streaming validation - writer: Add error check in xmlTextWriterEndDocument - encoding: Stop calling xmlEncodingErr - xmlIO: Remove some calls to xmlIOErr - parser: Improve handling of encoding and IO errors - parser: Move xmlFatalErr to parserInternals.c - encoding: Rework error codes - .gitignore: Split up and rearrange .gitignore files - .gitignore: Add runsuite.log - Stop calling xmlMemoryDump - examples: Don't call xmlCleanupParser and xmlMemoryDump - xpath: Remove remaining references to valueFrame ### Portability - python: Make it compatible with python3.12 (Daniel Garcia Moreno) ### Build systems - cmake: Check whether static linking dependencies found in config files (James Le Cuirot) - autotools: Make --with-minimum disable lzma support - build: Remove some GCC warnings - Handle NOCONFIG case when setting locations from CMake target properties (Markus Rickert) - cmake: Generate better pkg-config file for SYSROOT builds under CMake (James Le Cuirot) - autoconf: Include non-pkg-config dependency flags in the pkg-config file (James Le Cuirot) - autoconf: Don't bake build time CFLAGS into pkg-config file (James Le Cuirot) - build: Generate better pkg-config files for static-only builds (James Le Cuirot) - build: Generate better pkg-config file for SYSROOT builds (James Le Cuirot) - autoconf: Allow custom --with-icu configure option ### Tests - tests: Also test xmlNextChar in testchar.c - tests: Start with testparser.c for extra tests - fuzz: Raise rss_limit_mb - fuzz: Test xmlTextReaderRead after EOF or failure - fuzz: Test XML_PARSE_XINCLUDE | XML_PARSE_VALID - tests: Handle entities in SAX tests - fuzz: Disable XML_PARSE_SAX1 option in xml fuzzer - tests: Add more tests for redefined attributes - hash: Add hash table tests - tests: Add ATTRIBUTE_NO_SANITIZE_INTEGER macro - fuzz: Allow to fuzz without push, reader or output modules - gitlab-ci: Add a "medium" config build - python: Fix tests on MinGW - test: Add push parser test with overridden encoding - testapi: test_xmlSAXDefaultVersion() leaves xmlSAX2DefaultVersionValue set to 1 with LIBXML_SAX1_ENABLED (David Kilzer) - gitlab-ci: Lower _XOPEN_SOURCE value - testapi: Don't set http_proxy environment variable - test: Add push parser tests for split UTF-8 sequences - xinclude: Lower initial table size when fuzzing - tests: Test streaming schema validation - runtest: Skip element name in schema error messages ### Documentation - doc: Add notes about runtest to MAINTAINERS.md - doc: Don't document internal macros in xmlversion.h - doc: Allow 'unsigned' without 'int' - doc: Improve documentation of configuration options 2.11.6: Nov 16 2023 ### Regressions - threads: Fix --with-thread-alloc - xinclude: Fix 'last' pointer in xmlXIncludeCopyNode ### Bug fixes - parser: Fix potential use-after-free in xmlParseCharDataInternal 2.11.5: Aug 9 2023 ### Regressions - parser: Make xmlSwitchEncoding always skip the BOM - autotools: Improve iconv check ### Bug fixes - valid: Fix c1->parent pointer in xmlCopyDocElementContent - encoding: Always call ucnv_convertEx with flush set to false ### Portability - autotools: fix Python module file ext for cygwin/msys2 (Christoph Reiter) ### Tests - runtest: Fix compilation without LIBXML_HTML_ENABLED
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libxml2 | 2 +- lfs/libxml2 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/common/libxml2 b/config/rootfiles/common/libxml2 index 1a8ecd1e5..61e001ce7 100644 --- a/config/rootfiles/common/libxml2 +++ b/config/rootfiles/common/libxml2 @@ -54,7 +54,7 @@ #usr/lib/libxml2.la #usr/lib/libxml2.so usr/lib/libxml2.so.2 -usr/lib/libxml2.so.2.11.4 +usr/lib/libxml2.so.2.12.3 #usr/lib/pkgconfig/libxml-2.0.pc #usr/share/aclocal/libxml.m4 #usr/share/doc/libxml2 diff --git a/lfs/libxml2 b/lfs/libxml2 index 5ca438121..b9298a7ff 100644 --- a/lfs/libxml2 +++ b/lfs/libxml2 @@ -24,7 +24,7 @@
include Config
-VER = 2.11.4 +VER = 2.12.3
THISAPP = libxml2-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 5d7e6388291a8473195131f5cb22aee9a4182f28fd8eed468c449b762d363cfb1713a7466c1f98e96cf819ed8f78e13a6ba930c2fadd8d63869b6efe8e8be8a8 +$(DL_FILE)_BLAKE2 = 12a7c25d2a13d839aac918268b0948a9bd3c352bc29dd09bb975a9b4ff99d299a0e157b1a90f01bdce8ddc36ede9a6834b0dc26635ac775a41bd28d9b2ad7cff
install : $(TARGET)
- libxml2 since version 2.12.0 has removed a variable that was specified in the apache apache mod_xml2enc code. - This dependency caused the apache2 build to fail with the updated libxml2. - This patch removes the dependency. It will be able to be removed when the next apache update is carried out as the patch was created from an apache commit.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/apache2 | 1 + ...emove_dependency_on_xmlstring_header.patch | 24 +++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
diff --git a/lfs/apache2 b/lfs/apache2 index 9a0ad38a9..c1973e6d5 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -75,6 +75,7 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "<Layout IPFire>" >> $(DIR_APP)/config.layout diff --git a/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch b/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch new file mode 100644 index 000000000..c190a2648 --- /dev/null +++ b/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch @@ -0,0 +1,24 @@ +diff -Naur httpd-2.4.58-orig/changes-entries/xmlchar.txt httpd-2.4.58/changes-entries/xmlchar.txt +--- httpd-2.4.58-orig/changes-entries/xmlchar.txt 1970-01-01 01:00:00.000000000 +0100 ++++ httpd-2.4.58/changes-entries/xmlchar.txt 2023-12-18 12:31:00.719087460 +0100 +@@ -0,0 +1,2 @@ ++ *) mod_xml2enc: Tolerate libxml2 2.12.0 and later. ++ [ttachi <tachihara AT hotmail.com>] +diff -Naur httpd-2.4.58-orig/modules/filters/mod_xml2enc.c httpd-2.4.58/modules/filters/mod_xml2enc.c +--- httpd-2.4.58-orig/modules/filters/mod_xml2enc.c 2020-02-21 01:33:40.000000000 +0100 ++++ httpd-2.4.58/modules/filters/mod_xml2enc.c 2023-12-18 12:32:34.248535392 +0100 +@@ -206,11 +206,11 @@ + } + } + } +- ++ + /* to sniff, first we look for BOM */ + if (ctx->xml2enc == XML_CHAR_ENCODING_NONE) { +- ctx->xml2enc = xmlDetectCharEncoding((const xmlChar*)ctx->buf, +- ctx->bytes); ++ ctx->xml2enc = xmlDetectCharEncoding((const unsigned char*)ctx->buf, ++ ctx->bytes); + if (HAVE_ENCODING(ctx->xml2enc)) { + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(01432) + "Got charset from XML rules.") ;