Commit Graph

222 Commits

Author SHA1 Message Date
Grimmauld
4907a03712 libxml2: 2.15.2 -> 2.15.3
Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.15.3/NEWS

Fixes CVE-2026-6732
Other security issues fixed here seem to not have CVEs assigned (yet)

(cherry picked from commit efef7d2661)
(cherry picked from commit 2c2c8a3587)
2026-06-22 08:21:28 +02:00
Gutyina Gergő
fc4320f330 libxml2: 2.15.1 -> 2.15.2 2026-03-12 14:23:19 +01:00
nixpkgs-ci[bot]
e217c74eac Merge staging-next into staging 2026-02-06 18:16:24 +00:00
Markus Sütter
196b385317 various: add meta.identifier.cpeParts to a batch of packages 2026-02-02 09:22:55 +01:00
Vladimír Čunát
74ff6c1f7b libxml2: fix a typo in comment 2026-01-25 09:45:35 +01:00
Gutyina Gergő
607ad26f4e libxml2_13: fix CVE-2026-0989 2026-01-22 01:30:26 +01:00
Gutyina Gergő
ebb4591d1b libxml2_13: fix CVE-2026-0992 2026-01-22 01:29:55 +01:00
Gutyina Gergő
41afd44087 libxml2_13: fix CVE-2026-0990 2026-01-22 01:29:55 +01:00
Gutyina Gergő
7cc14c925e libxml2: fix CVE-2026-0989 2026-01-22 01:29:50 +01:00
Gutyina Gergő
071d403124 libxml2: fix CVE-2026-0992 2026-01-17 01:53:56 +01:00
Gutyina Gergő
11c38aaf92 libxml2: fix CVE-2026-0990 2026-01-17 01:53:08 +01:00
Gutyina Gergő
ba124b47f5 libxml2_13: 2.13.8 -> 2.13.9 2026-01-17 01:45:21 +01:00
David McFarland
4882387194 libxml2: fix cygwin build 2025-12-05 20:31:47 -04:00
Grimmauld
49b98b13f9 libxml2: 2.15.0 -> 2.15.1 2025-10-31 17:06:51 +01:00
Niklas Korz
dedd3c3f53 libxml2: use fetchpatch instead of fetchpatch2 2025-10-07 15:12:34 +02:00
Niklas Korz
8d0a521e51 libxml2: fix attribute normalization regression 2025-10-07 12:53:20 +02:00
Grimmauld
c017fa968d libxml2: 2.14.6 -> 2.15.0
Rel notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.15.0

closes https://github.com/NixOS/nixpkgs/issues/444172
2025-10-02 19:52:27 +02:00
Grimmauld
8b1c8c4038 libxml2: 2.14.5 -> 2.14.6
Rel notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.6

Security:
- regexp: Avoid integer overflow and OOB array access
- tree: Guard against atype corruption

This is deliberately only 2.14.6 and not 2.15.0.
The 2.15.x update will need some extra care to not break things.
2025-09-19 17:58:47 +02:00
Wolfgang Walther
90604d95bc Merge branch 'staging-next' into staging 2025-07-24 14:33:09 +02:00
Wolfgang Walther
5a0711127c treewide: run nixfmt 1.0.0 2025-07-24 13:55:40 +02:00
Gutyina Gergő
2da008e2ee libxml2_13: add patch for CVE-2025-6170 2025-07-19 00:31:02 +02:00
Gutyina Gergő
5d3c18107a libxml2_13: add patch for CVE-2025-49795 2025-07-19 00:31:01 +02:00
Gutyina Gergő
5b78736472 libxml2_13: add patch for CVE-2025-49794 and CVE-2025-49796 2025-07-19 00:31:01 +02:00
Gutyina Gergő
348be18ac4 libxml2_13: add patch for CVE-2025-6021 2025-07-19 00:31:01 +02:00
Gutyina Gergő
dbdc8ca8f4 libxml2_13: freeze update script 2025-07-19 00:31:01 +02:00
Gutyina Gergő
4c5c6be10f libxml2_13: init 2025-07-19 00:31:00 +02:00
Gutyina Gergő
febeabf314 libxml2: prepare for multiple versions 2025-07-19 00:30:51 +02:00
Gutyina Gergő
e67ade88a3 libxml2: rename default.nix to common.nix 2025-07-19 00:28:02 +02:00
Gutyina Gergő
2fc3989948 libxml2: remove python2 support, don't check for python3 2025-07-19 00:28:02 +02:00
Gutyina Gergő
8dc10e9c4f libxml2: remove with lib; 2025-07-19 00:28:01 +02:00
Gutyina Gergő
037387d4ba libxml2: get rid of generic arguments 2025-07-19 00:28:01 +02:00
Grimmauld
ba80420bcc libxml2: 2.14.4-unstable-2025-06-20 -> 2.14.5
Release notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.5

schematron: Fix memory safety issues in xmlSchematronReportOutput
Schematron: Fix null pointer dereference leading to DoS (Michael Mann)
Fix potential buffer overflows of interactive shell (Michael Mann)

Fixes CVE-2025-49794, CVE-2025-49796, CVE-2025-49795, CVE-2025-6170
2025-07-16 20:10:19 +02:00
nixpkgs-ci[bot]
04de8eaaf8 Merge staging-next into staging 2025-07-04 06:07:14 +00:00
Vladimír Čunát
2253811f9e libxslt: Fix three security issues (#418055) 2025-07-03 10:23:14 +02:00
hellodword
54c298cc6a libxml2: Fix MinGW Build 2025-06-30 14:38:07 +00:00
qbisi
5ce9f8bc2f libxml2: 2.14.3 -> 2.14.4-unstable-06-20
Diff: 5133461b05...356542324f

This diff includes several bug fixes related to the CMake config file.
2025-06-24 05:19:38 +08:00
Jan Tojnar
77b52c3520 libxml2: Apply ABI breaking patch from Chromium needed for libxslt CVE fixes 2025-06-18 09:47:59 +02:00
Yureka
2c5c02846e libxml2: bump to tip of 2.14 branch 2025-06-08 13:45:33 +02:00
misilelab
e258dc4b32 libxml2: 2.13.8 -> 2.14.3
https://discourse.gnome.org/t/libxml2-2-14-0-released/28025
https://discourse.gnome.org/t/libxml2-2-14-1-released/28170
https://discourse.gnome.org/t/libxml2-2-14-2-released/28426
https://discourse.gnome.org/t/libxml2-2-14-3-released/28862

Signed-off-by: misilelab <misileminecord@gmail.com>
2025-05-15 02:41:44 +09:00
Grimmauld
038d842673 libxml2: 2.13.6 -> 2.13.8
Fixes CVE-2025-32415 [1] and CVE-2025-32414 [2]

Release notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8

[1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/890
[2] https://gitlab.gnome.org/GNOME/libxml2/-/issues/889
2025-04-17 23:19:51 +02:00
7c6f434c
3635cd61be libxml2: add zlib support option (#384768) 2025-04-09 07:52:21 +00:00
aleksana
c75a2bda2f libxml2: add zlib support option 2025-02-24 21:35:07 +08:00
Thomas Gerbet
29e1bcac1f libxml: 2.13.5 -> 2.13.6
Fixes CVE-2025-24928 and CVE-2024-56171.

https://discourse.gnome.org/t/libxml2-2-13-6-released/27138
2025-02-19 10:53:31 +01:00
Silvan Mosberger
667d42c00d treewide: format all inactive Nix files
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.

Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.

A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.

This commit was automatically created and can be verified using

    nix-build a08b3a4d19.tar.gz \
      --argstr baseRev 57b193d8dd
    result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:27:17 +01:00
Silvan Mosberger
84d4f874c2 treewide: format all inactive Nix files
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.

Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.

A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.

This commit was automatically created and can be verified using

    nix-build a08b3a4d19.tar.gz \
      --argstr baseRev 78e9caf153
    result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:23:58 +01:00
Sergei Trofimovich
bde88ba1b7 libxml2: 2.13.4 -> 2.13.5
Changes: https://discourse.gnome.org/t/libxml2-2-13-5-released/25040
2024-11-15 06:30:50 +00:00
Artturin
f0e657f3b1 Merge branch 'master' into staging-next 2024-09-25 06:05:01 +03:00
Artturin
e0464e4788 treewide: replace stdenv.is with stdenv.hostPlatform.is
In preparation for the deprecation of `stdenv.isX`.

These shorthands are not conducive to cross-compilation because they
hide the platforms.

Darwin might get cross-compilation for which the continued usage of `stdenv.isDarwin` will get in the way

One example of why this is bad and especially affects compiler packages
https://www.github.com/NixOS/nixpkgs/pull/343059

There are too many files to go through manually but a treewide should
get users thinking when they see a `hostPlatform.isX` in a place where it
doesn't make sense.

```
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv.is" "stdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv'.is" "stdenv'.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "clangStdenv.is" "clangStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "gccStdenv.is" "gccStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenvNoCC.is" "stdenvNoCC.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "inherit (stdenv) is" "inherit (stdenv.hostPlatform) is"
fd --type f "\.nix" | xargs sd --fixed-strings "buildStdenv.is" "buildStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "effectiveStdenv.is" "effectiveStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "originalStdenv.is" "originalStdenv.hostPlatform.is"
```
2024-09-25 00:04:37 +03:00
Fabián Heredia Montiel
1773086605 libxml2: 2.13.3 → 2.13.4 2024-09-18 16:33:50 -06:00
Jade Lovelace
5dfdb09561 tree-wide: remove eelco as maintainer from things he no longer maintains
While preparing this change, I read the git blame on all of the files I
touched. I saw a working lifetime of building this system which we use
every day and love dearly and keep maintained ourselves. I saw commits
from a 14 year range between 2003 to 2017!! I could not be more thankful
for Eelco's work on building large parts of the foundation of nixpkgs
that all of us rely on now.

However, the end date of that range of the files I looked at the blame
on was 2017. I did not see surviving code from any newer date than that.
Looking at the Git logs, Eelco has been working on other things, and
that's totally fine.

However, it means that our maintenance metadata is out of date on a lot
of packages, and *that*'s the reason I am submitting this change. There
are a lot of packages that don't have anyone with their name on them to
be pinged if they need attention, even if they have had recent activity
(although it is never clear if recent activity was just someone fixing
it because ZHF or because the package actually matters to them).
There are a lot of packages with storied history that maybe don't need
to be in the set anymore at all since they have not been touched in
years; or maybe they are simply finished.

Empty maintainer lists should be a sign that we need to figure out who
maintains it or potentially remove it if it has rotted, and allowing the
maintainer list to be empty if it is already not maintained is part of a
healthy repository ecology.

Either way, I would like to have the maintenance metadata not mislead
anyone into sending Eelco emails about packages he doesn't, in practice,
work on anymore. I have not removed his name from everything; there are
some things that he is the upstream for or has worked on more recently,
for instance, like Nix, which I have left alone.
2024-08-21 01:17:45 -07:00