openembedded-core.git/meta/recipes-core/libxml, branch daisy Mirror of openembedded-core libxml2: fix python packaging for nativesdk 2014-10-09T20:16:32+00:00 Paul Eggleton paul.eggleton@linux.intel.com 2014-06-05T09:46:17+00:00 360fc811ff843c63f796e958517a5152f07e851d We enable the python module in nativesdk-libxml2, but the python binary used is in the native sysroot and thus you get the module installed in the wrong path. Even with that fixed the python files are still unpackaged, so create an ${PN}-python package and add them to it. (This does not affect the libxml target build at all since python is disabled for that.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
We enable the python module in nativesdk-libxml2, but the python binary
used is in the native sysroot and thus you get the module installed in
the wrong path. Even with that fixed the python files are still
unpackaged, so create an ${PN}-python package and add them to it. (This
does not affect the libxml target build at all since python is disabled
for that.)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: fix CVE-2014-0191 2014-05-29T12:42:07+00:00 Maxin B. John maxin.john@enea.com 2014-05-07T12:24:15+00:00 51f674ab1f7dac049060c58f89e84c5d1275a87b It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. Reference: https://access.redhat.com/security/cve/CVE-2014-0191 (From OE-Core rev: 674bd59d5e357a4aba18c472ac21712a660a84af) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A remote attacker could provide a
specially-crafted XML file that, when processed, would lead to the
exhaustion of CPU and memory resources or file descriptors.

Reference: https://access.redhat.com/security/cve/CVE-2014-0191

(From OE-Core rev: 674bd59d5e357a4aba18c472ac21712a660a84af)

Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: remove patch for CVE-2012-2871 2013-09-17T13:13:04+00:00 Ross Burton ross.burton@intel.com 2013-09-17T09:22:17+00:00 e6c60252ab4ba6842f63c6b8a519a85f2ff238fb This CVE patch is actually against Chromium as they ship an internal fork of libxml2 and breaks ABI. The real issue has been resolved in libxslt 1.1.27, and we're shipping 1.1.28. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
This CVE patch is actually against Chromium as they ship an internal fork of
libxml2 and breaks ABI.  The real issue has been resolved in libxslt 1.1.27, and
we're shipping 1.1.28.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream-Status: Correct capitalization 2013-07-18T14:14:40+00:00 Saul Wold sgw@linux.intel.com 2013-07-15T23:44:42+00:00 2d5c457bf888771891e9c29e82ec5a5cecace528 Signed-off-by: Saul Wold <sgw@linux.intel.com> 
Signed-off-by: Saul Wold <sgw@linux.intel.com>
libxml2: Add ptest 2013-07-09T14:56:14+00:00 Mihaela Sendrea mihaela.sendrea@enea.com 2013-07-04T14:23:43+00:00 22cf4cc85fbe21a53ca4684b0b06b9af20b2ecc5 Install libxml2 test suite and run it as ptest. Signed-off-by: Mihaela Sendrea <mihaela.sendrea@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> 
Install libxml2 test suite and run it as ptest.

Signed-off-by: Mihaela Sendrea <mihaela.sendrea@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
libxml2: added python dependency to nativesdk 2013-06-10T21:51:27+00:00 Felipe F. Tonello eu@felipetonello.com 2013-06-07T17:18:01+00:00 4f2b3e3831bdc5707eacdab571ab207d8b09953e This is necessary since libxml2 has python dependency. This patch will fix this error: ... /path/to/build/system/4.7.2/ld: cannot find -lpython2.7 ... ERROR: Task 4152 (virtual:nativesdk:meta/recipes-core/libxml/libxml2_2.9.0.bb, do_compile) failed with exit code '1' Signed-off-by: Felipe F. Tonello <eu@felipetonello.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> 
This is necessary since libxml2 has python dependency.

This patch will fix this error:
...
/path/to/build/system/4.7.2/ld: cannot find -lpython2.7
...
ERROR: Task 4152 (virtual:nativesdk:meta/recipes-core/libxml/libxml2_2.9.0.bb, do_compile) failed with exit code '1'

Signed-off-by: Felipe F. Tonello <eu@felipetonello.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
libxml2: Update to 2.9.1 2013-05-12T07:40:57+00:00 Saul Wold sgw@linux.intel.com 2013-05-07T20:53:17+00:00 3b4fe8c1b681d5e5bb1d1a7c6d68016681667873 Copyright date and generalize authors clause Signed-off-by: Saul Wold <sgw@linux.intel.com> 
Copyright date and generalize authors clause

Signed-off-by: Saul Wold <sgw@linux.intel.com>
libxml2 CVE-2012-2871 2012-12-14T23:17:21+00:00 Li Wang li.wang@windriver.com 2012-12-13T05:54:21+00:00 bc601f96f34ad17a87f599b58e502ec1b2c13fa3 the patch come from: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \ /include/libxml/tree.h?r1=56276&r2=149930 libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871 [YOCTO #3580] [ CQID: WIND00376779 ] Upstream-Status: Pending Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> 
the patch come from:
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \
/include/libxml/tree.h?r1=56276&r2=149930

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
does not properly support a cast of an unspecified variable during handling
of XSL transforms, which allows remote attackers to cause a denial of service
or possibly have unknown other impact via a crafted document, related to the
_xmlNs data structure in include/libxml/tree.h.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871

[YOCTO #3580]
[ CQID: WIND00376779 ]
Upstream-Status: Pending

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
libxml2: update PR to contain INC_PR to reflect the update of inc file 2012-12-04T10:51:44+00:00 Zhenhua Luo b19537@freescale.com 2012-12-04T09:57:11+00:00 4c18e34f113bc46b0619fc8576475694224f8b40 Signed-off-by: Zhenhua Luo <b19537@freescale.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Zhenhua Luo <b19537@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: add --with-fexceptions in configure flags to support exception handling in C++ programs 2012-12-03T14:45:09+00:00 Zhenhua Luo b19537@freescale.com 2012-11-30T08:31:57+00:00 ff5552a8432298c32aec2ace72656b0d7059dad3 Without this flag, the library has a problem with C++ programs using exception handling. Signed-off-by: Zhenhua Luo <b19537@freescale.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Without this flag, the library has a problem with C++ programs using exception handling.

Signed-off-by: Zhenhua Luo <b19537@freescale.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>