Skip to content

Commit

Permalink
Merge pull request #2667 from sparklemotion/flavorjones-update-libxml…
Browse files Browse the repository at this point in the history
…2-2.10.3_backport-v1.13.x

dep: update libxml2 to v2.10.3 (backport to v1.13.x)
  • Loading branch information
flavorjones authored Oct 15, 2022
2 parents 21b4ac5 + cd9aeee commit 7b369e5
Show file tree
Hide file tree
Showing 11 changed files with 119 additions and 3,222 deletions.
11 changes: 11 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,17 @@ Nokogiri follows [Semantic Versioning](https://semver.org/), please see the [REA

---

## 1.13.9 / unreleased

### Security

* [CRuby] Vendored libxml2 is updated to address [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309), [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304), and [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303). See [GHSA-2qc6-mcvw-92cw](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2qc6-mcvw-92cw) for more information.

### Dependencies

* [CRuby] Vendored libxml2 is updated to [v2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.3) from v2.9.14.
* [CRuby] Vendored libxslt is updated to [v1.1.37](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.37) from v1.1.35.

## 1.13.8 / 2022-07-23

### Deprecated
Expand Down
12 changes: 6 additions & 6 deletions dependencies.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
libxml2:
version: "2.9.14"
sha256: "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"
# sha-256 hash provided in https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.14.sha256sum
version: "2.10.3"
sha256: "5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c"
# sha-256 hash provided in https://download.gnome.org/sources/libxml2/2.10/libxml2-2.10.3.sha256sum

libxslt:
version: "1.1.35"
sha256: "8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79"
# sha-256 hash provided in https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.sha256sum
version: "1.1.37"
sha256: "3a4b27dc8027ccd6146725950336f1ec520928f320f144eb5fa7990ae6123ab4"
# sha-256 hash provided in https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.37.sha256sum

zlib:
version: "1.2.12"
Expand Down
5 changes: 5 additions & 0 deletions ext/nokogiri/extconf.rb
Original file line number Diff line number Diff line change
Expand Up @@ -839,6 +839,11 @@ def configure
recipe.configure_options += ["RANLIB=/usr/bin/ranlib", "AR=/usr/bin/ar"]
end

if windows?
cflags = concat_flags(cflags, "-ULIBXSLT_STATIC", "-DIN_LIBXSLT")
cflags = concat_flags(cflags, "-ULIBEXSLT_STATIC", "-DIN_LIBEXSLT")
end

recipe.configure_options << if source_dir
"--config-cache"
else
Expand Down
3 changes: 3 additions & 0 deletions ext/nokogiri/xml_xpath_context.c
Original file line number Diff line number Diff line change
Expand Up @@ -373,7 +373,10 @@ new (VALUE klass, VALUE nodeobj)

Noko_Node_Get_Struct(nodeobj, xmlNode, node);

#if LIBXML_VERSION < 21000
/* deprecated in 40483d0 */
xmlXPathInit();
#endif

ctx = xmlXPathNewContext(node->doc);
ctx->node = node;
Expand Down
53 changes: 0 additions & 53 deletions patches/libxml2/0004-use-glibc-strlen.patch

This file was deleted.

Loading

0 comments on commit 7b369e5

Please sign in to comment.