@@ -1,4 +1,4 @@
-From 55ed199fdb55a1a600616ba14ad0feedcf828d86 Mon Sep 17 00:00:00 2001
+From 1a7e177a7315c856a2f0e3c2a17ee0fd9e297bc9 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Mon, 26 May 2025 21:11:14 +0200
Subject: [PATCH] Revert "cmake: Fix installation directories in
@@ -15,10 +15,10 @@ Signed-off-by: Peter Marko <peter.marko@siemens.com>
3 files changed, 7 insertions(+), 18 deletions(-)
diff --git a/configure.ac b/configure.ac
-index 40e75151..d21ebfe5 100644
+index aaa02e3..fb241bb 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -1061,17 +1061,6 @@ AC_SUBST(XML_PRIVATE_LIBS)
+@@ -1065,17 +1065,6 @@ AC_SUBST(XML_PRIVATE_LIBS)
AC_SUBST(XML_PRIVATE_CFLAGS)
AC_SUBST(XML_INCLUDEDIR)
@@ -37,7 +37,7 @@ index 40e75151..d21ebfe5 100644
AC_DEFINE_UNQUOTED([XML_SYSCONFDIR], ["$XML_SYSCONFDIR"],
[System configuration directory (/etc)])
diff --git a/libxml2-config.cmake.in b/libxml2-config.cmake.in
-index 4945dda4..31036805 100644
+index e040a75..dc0d6b8 100644
--- a/libxml2-config.cmake.in
+++ b/libxml2-config.cmake.in
@@ -24,17 +24,20 @@
@@ -66,7 +66,7 @@ index 4945dda4..31036805 100644
set(LIBXML2_LIBRARIES ${LIBXML2_LIBRARY})
set(LIBXML2_INCLUDE_DIRS ${LIBXML2_INCLUDE_DIR})
diff --git a/meson.build b/meson.build
-index 4c59211d..3e5f25d3 100644
+index 98bc6e3..3ef0bd0 100644
--- a/meson.build
+++ b/meson.build
@@ -599,9 +599,6 @@ config_cmake = configuration_data()
@@ -77,5 +77,5 @@ index 4c59211d..3e5f25d3 100644
-config_cmake.set('INSTALL_INCLUDEDIR', dir_include)
-config_cmake.set('INSTALL_LIBDIR', dir_lib)
config_cmake.set('VERSION', meson.project_version())
- config_cmake.set('WITH_HTTP', want_http.to_int().to_string())
- config_cmake.set('WITH_ICONV', want_iconv.to_int().to_string())
+ config_cmake.set10('BUILD_SHARED_LIBS',
+ get_option('default_library') != 'static')
@@ -1,4 +1,4 @@
-From 33d7969baf541326a35e2fbe31943c46af8c71db Mon Sep 17 00:00:00 2001
+From e546e423d69ec9b3c71167d3c3140fa1b9af93c7 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Tue, 27 May 2025 12:53:17 +0200
Subject: [PATCH] tree: Fix integer overflow in xmlBuildQName
@@ -14,11 +14,11 @@ CVE: CVE-2025-6021
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
- tree.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
+ tree.c | 1 +
+ 1 file changed, 1 insertion(+)
diff --git a/tree.c b/tree.c
-index 7454b07..22ec11c 100644
+index e14bc62..22ec11c 100644
--- a/tree.c
+++ b/tree.c
@@ -23,6 +23,7 @@
@@ -29,31 +29,3 @@ index 7454b07..22ec11c 100644
#ifdef LIBXML_ZLIB_ENABLED
#include <zlib.h>
-@@ -168,10 +169,10 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) {
- xmlChar *
- xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix,
- xmlChar *memory, int len) {
-- int lenn, lenp;
-+ size_t lenn, lenp;
- xmlChar *ret;
-
-- if (ncname == NULL) return(NULL);
-+ if ((ncname == NULL) || (len < 0)) return(NULL);
- if (prefix == NULL) return((xmlChar *) ncname);
-
- #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-@@ -182,8 +183,10 @@ xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix,
-
- lenn = strlen((char *) ncname);
- lenp = strlen((char *) prefix);
-+ if (lenn >= SIZE_MAX - lenp - 1)
-+ return(NULL);
-
-- if ((memory == NULL) || (len < lenn + lenp + 2)) {
-+ if ((memory == NULL) || ((size_t) len < lenn + lenp + 2)) {
- ret = xmlMalloc(lenn + lenp + 2);
- if (ret == NULL)
- return(NULL);
-2.34.1
-
@@ -1,4 +1,4 @@
-From 8c1054eacb430472068f21e4840749c384e8e866 Mon Sep 17 00:00:00 2001
+From 7e99fef6eae0642a3f1e511e4d24abf7d6d28f50 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Mon, 5 Dec 2022 17:02:32 +0000
Subject: [PATCH] add yocto-specific install-ptest target
@@ -12,7 +12,7 @@ Signed-off-by: Ross Burton <ross.burton@arm.com>
1 file changed, 10 insertions(+)
diff --git a/Makefile.am b/Makefile.am
-index 4cb9a5c..8adcd7e 100644
+index 6f98144..ecb3b54 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -26,6 +26,16 @@ check_PROGRAMS = \
similarity index 97%
rename from meta/recipes-core/libxml/libxml2_2.14.3.bb
rename to meta/recipes-core/libxml/libxml2_2.14.5.bb
@@ -21,7 +21,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt
file://CVE-2025-6021.patch \
"
-SRC_URI[archive.sha256sum] = "6de55cacc8c2bc758f2ef6f93c313cb30e4dd5d84ac5d3c7ccbd9344d8cc6833"
+SRC_URI[archive.sha256sum] = "24175ec30a97cfa86bdf9befb7ccf4613f8f4b2713c5103e0dd0bc9c711a2773"
SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273"
# Disputed as a security issue, but fixed in d39f780
Release notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.5 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- ...-installation-directories-in-libxml2.patch | 14 ++++---- .../libxml/libxml2/CVE-2025-6021.patch | 36 +++---------------- .../libxml/libxml2/install-tests.patch | 4 +-- .../{libxml2_2.14.3.bb => libxml2_2.14.5.bb} | 2 +- 4 files changed, 14 insertions(+), 42 deletions(-) rename meta/recipes-core/libxml/{libxml2_2.14.3.bb => libxml2_2.14.5.bb} (97%)