dev-libs/libxslt: drop 1.1.34-r2

Signed-off-by: Sam James <sam@gentoo.org>
author: Sam James <sam@gentoo.org> 2022-04-17 17:34:42 +0100
committer: Sam James <sam@gentoo.org> 2022-04-17 17:34:42 +0100
commit: e06a4aed9969ad025d82fadde2da1f4f7b98d2fd (patch)
tree: 9b2daac869b198665e2c3423c3498fe3fd529b51 /dev-libs/libxslt
parent: dev-libs/libxml2: drop 2.9.12-r5 (diff)
download: gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.tar.gz
gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.tar.bz2
gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.zip
4 files changed, 0 insertions, 388 deletions
diff --git a/dev-libs/libxslt/Manifest b/dev-libs/libxslt/Manifest
index 4a8fc6108e27..e925f79f8190 100644
--- a/dev-libs/libxslt/Manifest
+++ b/dev-libs/libxslt/Manifest
@@ -1,3 +1 @@
-DIST libxslt-1.1.34.tar.gz 3552258 BLAKE2B f043a0357e0705ab68041adf4031a6b3e0b5c3d396691c988a34963a0ee0ebe3bede2d1d7a0c5f0c42c046183653c94f4b51e10e35980a039c8cad446e84ad86 SHA512 1516a11ad608b04740674060d2c5d733b88889de5e413b9a4e8bf8d1a90d712149df6d2b1345b615f529d7c7d3fa6dae12e544da828b39c7d415e54c0ee0776b
-DIST libxslt-1.1.34.tar.gz.asc 488 BLAKE2B fff407ab2c2bbafa804e5a1f84ca447c706d75fd7489c99ac6040b625d0417a0e6c189be3457e6cc6ecd6b7860829875ea95a132fef24f8a532156361f8a5308 SHA512 9b155d4571daede99cdbf2813a85fb04812737b5e23d3f7c9840225b38f3dbf171623a21645daaee190e7ff9ba38bde932922e96a2a2312c203ffa9917c3baea
 DIST libxslt-1.1.35.tar.xz 1827548 BLAKE2B 9667a93e61f50098a512c1351bce2ee937fc5d29488d010b525122d28ffedc73e0930402f3df2d378161a031dc016a15f0f03bdc343f0c4aa5d0b5c454f8002d SHA512 9dd4a699235f50ae9b75b25137e387471635b4b2da0a4e4380879cd49f1513470fcfbfd775269b066eac513a1ffa6860c77ec42747168e2348248f09f60c8c96
diff --git a/dev-libs/libxslt/files/libxslt-1.1.34-CVE-2021-30560.patch b/dev-libs/libxslt/files/libxslt-1.1.34-CVE-2021-30560.patch
deleted file mode 100644
index dcda176c513a..000000000000
--- a/dev-libs/libxslt/files/libxslt-1.1.34-CVE-2021-30560.patch
+++ /dev/null
@@ -1,194 +0,0 @@
-https://gitlab.gnome.org/GNOME/libxslt/-/issues/56
-https://gitlab.gnome.org/GNOME/libxslt/-/commit/50f9c9cd3b7dfe9b3c8c795247752d1fdcadcac8
-https://gitlab.gnome.org/GNOME/libxslt/-/issues/51
-https://bugs.gentoo.org/790218
-
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sat, 12 Jun 2021 20:02:53 +0200
-Subject: [PATCH] Fix use-after-free in xsltApplyTemplates
-
-xsltApplyTemplates without a select expression could delete nodes in
-the source document.
-
-1. Text nodes with strippable whitespace
-
-Whitespace from input documents is already stripped, so there's no
-need to strip it again. Under certain circumstances, xsltApplyTemplates
-could be fooled into deleting text nodes that are still referenced,
-resulting in a use-after-free.
-
-2. The DTD
-
-The DTD was only unlinked, but there's no good reason to do this just
-now. Maybe it was meant as a micro-optimization.
-
-3. Unknown nodes
-
-Useless and dangerous as well, especially with XInclude nodes.
-See https://gitlab.gnome.org/GNOME/libxml2/-/issues/268
-
-Simply stop trying to uselessly delete nodes when applying a template.
-This part of the code is probably a leftover from a time where
-xsltApplyStripSpaces wasn't implemented yet. Also note that
-xsltApplyTemplates with a select expression never tried to delete
-nodes.
-
-Also stop xsltDefaultProcessOneNode from deleting nodes for the same
-reasons.
-
-This fixes CVE-2021-30560.
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -1895,7 +1895,7 @@ static void
- xsltDefaultProcessOneNode(xsltTransformContextPtr ctxt, xmlNodePtr node,
- 			  xsltStackElemPtr params) {
-     xmlNodePtr copy;
--    xmlNodePtr delete = NULL, cur;
-+    xmlNodePtr cur;
-     int nbchild = 0, oldSize;
-     int childno = 0, oldPos;
-     xsltTemplatePtr template;
-@@ -1968,54 +1968,13 @@ xsltDefaultProcessOneNode(xsltTransformContextPtr ctxt, xmlNodePtr node,
- 	    return;
-     }
-     /*
--     * Handling of Elements: first pass, cleanup and counting
-+     * Handling of Elements: first pass, counting
-      */
-     cur = node->children;
-     while (cur != NULL) {
--	switch (cur->type) {
--	    case XML_TEXT_NODE:
--	    case XML_CDATA_SECTION_NODE:
--	    case XML_DOCUMENT_NODE:
--	    case XML_HTML_DOCUMENT_NODE:
--	    case XML_ELEMENT_NODE:
--	    case XML_PI_NODE:
--	    case XML_COMMENT_NODE:
--		nbchild++;
--		break;
--            case XML_DTD_NODE:
--		/* Unlink the DTD, it's still reachable using doc->intSubset */
--		if (cur->next != NULL)
--		    cur->next->prev = cur->prev;
--		if (cur->prev != NULL)
--		    cur->prev->next = cur->next;
--		break;
--	    default:
--#ifdef WITH_XSLT_DEBUG_PROCESS
--		XSLT_TRACE(ctxt,XSLT_TRACE_PROCESS_NODE,xsltGenericDebug(xsltGenericDebugContext,
--		 "xsltDefaultProcessOneNode: skipping node type %d\n",
--		                 cur->type));
--#endif
--		delete = cur;
--	}
-+	if (IS_XSLT_REAL_NODE(cur))
-+	    nbchild++;
- 	cur = cur->next;
--	if (delete != NULL) {
--#ifdef WITH_XSLT_DEBUG_PROCESS
--	    XSLT_TRACE(ctxt,XSLT_TRACE_PROCESS_NODE,xsltGenericDebug(xsltGenericDebugContext,
--		 "xsltDefaultProcessOneNode: removing ignorable blank node\n"));
--#endif
--	    xmlUnlinkNode(delete);
--	    xmlFreeNode(delete);
--	    delete = NULL;
--	}
--    }
--    if (delete != NULL) {
--#ifdef WITH_XSLT_DEBUG_PROCESS
--	XSLT_TRACE(ctxt,XSLT_TRACE_PROCESS_NODE,xsltGenericDebug(xsltGenericDebugContext,
--	     "xsltDefaultProcessOneNode: removing ignorable blank node\n"));
--#endif
--	xmlUnlinkNode(delete);
--	xmlFreeNode(delete);
--	delete = NULL;
-     }
- 
-     /*
-@@ -4864,7 +4823,7 @@ xsltApplyTemplates(xsltTransformContextPtr ctxt, xmlNodePtr node,
-     xsltStylePreCompPtr comp = (xsltStylePreCompPtr) castedComp;
- #endif
-     int i;
--    xmlNodePtr cur, delNode = NULL, oldContextNode;
-+    xmlNodePtr cur, oldContextNode;
-     xmlNodeSetPtr list = NULL, oldList;
-     xsltStackElemPtr withParams = NULL;
-     int oldXPProximityPosition, oldXPContextSize;
-@@ -4998,73 +4957,9 @@ xsltApplyTemplates(xsltTransformContextPtr ctxt, xmlNodePtr node,
- 	else
- 	    cur = NULL;
- 	while (cur != NULL) {
--	    switch (cur->type) {
--		case XML_TEXT_NODE:
--		    if ((IS_BLANK_NODE(cur)) &&
--			(cur->parent != NULL) &&
--			(cur->parent->type == XML_ELEMENT_NODE) &&
--			(ctxt->style->stripSpaces != NULL)) {
--			const xmlChar *val;
--
--			if (cur->parent->ns != NULL) {
--			    val = (const xmlChar *)
--				  xmlHashLookup2(ctxt->style->stripSpaces,
--						 cur->parent->name,
--						 cur->parent->ns->href);
--			    if (val == NULL) {
--				val = (const xmlChar *)
--				  xmlHashLookup2(ctxt->style->stripSpaces,
--						 BAD_CAST "*",
--						 cur->parent->ns->href);
--			    }
--			} else {
--			    val = (const xmlChar *)
--				  xmlHashLookup2(ctxt->style->stripSpaces,
--						 cur->parent->name, NULL);
--			}
--			if ((val != NULL) &&
--			    (xmlStrEqual(val, (xmlChar *) "strip"))) {
--			    delNode = cur;
--			    break;
--			}
--		    }
--		    /* Intentional fall-through */
--		case XML_ELEMENT_NODE:
--		case XML_DOCUMENT_NODE:
--		case XML_HTML_DOCUMENT_NODE:
--		case XML_CDATA_SECTION_NODE:
--		case XML_PI_NODE:
--		case XML_COMMENT_NODE:
--		    xmlXPathNodeSetAddUnique(list, cur);
--		    break;
--		case XML_DTD_NODE:
--		    /* Unlink the DTD, it's still reachable
--		     * using doc->intSubset */
--		    if (cur->next != NULL)
--			cur->next->prev = cur->prev;
--		    if (cur->prev != NULL)
--			cur->prev->next = cur->next;
--		    break;
--		case XML_NAMESPACE_DECL:
--		    break;
--		default:
--#ifdef WITH_XSLT_DEBUG_PROCESS
--		    XSLT_TRACE(ctxt,XSLT_TRACE_APPLY_TEMPLATES,xsltGenericDebug(xsltGenericDebugContext,
--		     "xsltApplyTemplates: skipping cur type %d\n",
--				     cur->type));
--#endif
--		    delNode = cur;
--	    }
-+            if (IS_XSLT_REAL_NODE(cur))
-+		xmlXPathNodeSetAddUnique(list, cur);
- 	    cur = cur->next;
--	    if (delNode != NULL) {
--#ifdef WITH_XSLT_DEBUG_PROCESS
--		XSLT_TRACE(ctxt,XSLT_TRACE_APPLY_TEMPLATES,xsltGenericDebug(xsltGenericDebugContext,
--		     "xsltApplyTemplates: removing ignorable blank cur\n"));
--#endif
--		xmlUnlinkNode(delNode);
--		xmlFreeNode(delNode);
--		delNode = NULL;
--	    }
- 	}
-     }
- 
-GitLab
diff --git a/dev-libs/libxslt/files/libxslt-1.1.34-libxml2-2.9.12.patch b/dev-libs/libxslt/files/libxslt-1.1.34-libxml2-2.9.12.patch
deleted file mode 100644
index 635fb576d3de..000000000000
--- a/dev-libs/libxslt/files/libxslt-1.1.34-libxml2-2.9.12.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-https://gitlab.gnome.org/GNOME/libxslt/-/commit/9ae2f94df1721e002941b40665efb762aefcea1a
-https://gitlab.gnome.org/GNOME/libxslt/-/commit/824657768aea2cce9c23e72ba8085cb5e44350c7
-https://gitlab.gnome.org/GNOME/libxslt/-/commit/77c26bad0433541f486b1e7ced44ca9979376908
-
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 17 Aug 2020 03:42:11 +0200
-Subject: [PATCH] Stop using maxParserDepth XPath limit
-
-This will be removed again from libxml2.
---- a/tests/fuzz/fuzz.c
-+++ b/tests/fuzz/fuzz.c
-@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
-     xpctxt = tctxt->xpathCtxt;
- 
-     /* Resource limits to avoid timeouts and call stack overflows */
--    xpctxt->maxParserDepth = 15;
--    xpctxt->maxDepth = 100;
-+    xpctxt->maxDepth = 500;
-     xpctxt->opLimit = 500000;
- 
-     /* Test namespaces used in xpath.xml */
-@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
- 
- static void
- xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) {
--    ctxt->maxParserDepth = 15;
--    ctxt->maxDepth = 100;
-+    ctxt->maxDepth = 200;
-     ctxt->opLimit = 100000;
- }
- 
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 17 Aug 2020 04:27:13 +0200
-Subject: [PATCH] Transfer XPath limits to XPtr context
-
-Expressions like document('doc.xml#xpointer(evil_expr)') ignored the
-XPath limits.
---- a/libxslt/functions.c
-+++ b/libxslt/functions.c
-@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
- 	goto out_fragment;
-     }
- 
-+#if LIBXML_VERSION >= 20911 || \
-+    defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-+    xptrctxt->opLimit = ctxt->context->opLimit;
-+    xptrctxt->opCount = ctxt->context->opCount;
-+    xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth;
-+
-+    resObj = xmlXPtrEval(fragment, xptrctxt);
-+
-+    ctxt->context->opCount = xptrctxt->opCount;
-+#else
-     resObj = xmlXPtrEval(fragment, xptrctxt);
--    xmlXPathFreeContext(xptrctxt);
- #endif
- 
-+    xmlXPathFreeContext(xptrctxt);
-+#endif /* LIBXML_XPTR_ENABLED */
-+
-     if (resObj == NULL)
- 	goto out_fragment;
- 
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Wed, 26 Aug 2020 00:34:38 +0200
-Subject: [PATCH] Don't set maxDepth in XPath contexts
-
-The maximum recursion depth is hardcoded in libxml2 now.
---- a/libxslt/functions.c
-+++ b/libxslt/functions.c
-@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
-     defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-     xptrctxt->opLimit = ctxt->context->opLimit;
-     xptrctxt->opCount = ctxt->context->opCount;
--    xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth;
-+    xptrctxt->depth = ctxt->context->depth;
- 
-     resObj = xmlXPtrEval(fragment, xptrctxt);
- 
---- a/tests/fuzz/fuzz.c
-+++ b/tests/fuzz/fuzz.c
-@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
-     xpctxt = tctxt->xpathCtxt;
- 
-     /* Resource limits to avoid timeouts and call stack overflows */
--    xpctxt->maxDepth = 500;
-     xpctxt->opLimit = 500000;
- 
-     /* Test namespaces used in xpath.xml */
-@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
-     return 0;
- }
- 
--static void
--xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) {
--    ctxt->maxDepth = 200;
--    ctxt->opLimit = 100000;
--}
--
- xmlChar *
- xsltFuzzXslt(const char *data, size_t size) {
-     xmlDocPtr xsltDoc;
-@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) {
-         xmlFreeDoc(xsltDoc);
-         return NULL;
-     }
--    xsltSetXPathResourceLimits(sheet->xpathCtxt);
-+    sheet->xpathCtxt->opLimit = 100000;
-     sheet->xpathCtxt->opCount = 0;
-     if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) {
-         xsltFreeStylesheet(sheet);
-@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) {
-     xsltSetCtxtSecurityPrefs(sec, ctxt);
-     ctxt->maxTemplateDepth = 100;
-     ctxt->opLimit = 20000;
--    xsltSetXPathResourceLimits(ctxt->xpathCtxt);
-+    ctxt->xpathCtxt->opLimit = 100000;
-     ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount;
- 
-     result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt);
diff --git a/dev-libs/libxslt/libxslt-1.1.34-r2.ebuild b/dev-libs/libxslt/libxslt-1.1.34-r2.ebuild
deleted file mode 100644
index 5239f0691623..000000000000
--- a/dev-libs/libxslt/libxslt-1.1.34-r2.ebuild
+++ /dev/null
@@ -1,72 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/danielveillard.asc
-inherit libtool multilib-minimal verify-sig
-
-# Note: Please bump this in sync with dev-libs/libxml2.
-DESCRIPTION="XSLT libraries and tools"
-HOMEPAGE="http://www.xmlsoft.org/ https://gitlab.gnome.org/GNOME/libxslt"
-SRC_URI="ftp://xmlsoft.org/${PN}/${P}.tar.gz"
-SRC_URI+=" verify-sig? ( ftp://xmlsoft.org/${PN}/${P}.tar.gz.asc )"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="crypt debug examples static-libs"
-
-BDEPEND=">=virtual/pkgconfig-1
-	verify-sig? ( sec-keys/openpgp-keys-danielveillard )"
-RDEPEND="
-	>=dev-libs/libxml2-2.9.11:2[${MULTILIB_USEDEP}]
-	crypt? ( >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] )
-"
-DEPEND="${RDEPEND}"
-
-MULTILIB_CHOST_TOOLS=(
-	/usr/bin/xslt-config
-)
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/libxslt/xsltconfig.h
-)
-
-PATCHES=(
-	"${FILESDIR}"/${P}-libxml2-2.9.12.patch
-	"${FILESDIR}"/${P}-CVE-2021-30560.patch
-)
-
-src_prepare() {
-	default
-
-	DOCS=( AUTHORS ChangeLog FEATURES NEWS README TODO )
-
-	# Prefix always needs elibtoolize if not eautoreconf'd.
-	elibtoolize
-}
-
-multilib_src_configure() {
-	# Python bindings were dropped as they were Python 2 only at the time
-	ECONF_SOURCE="${S}" econf \
-		--with-html-dir="${EPREFIX}"/usr/share/doc/${PF} \
-		--with-html-subdir=html \
-		--without-python \
-		$(use_with crypt crypto) \
-		$(use_with debug) \
-		$(use_with debug mem-debug) \
-		$(use_enable static-libs static) \
-		"$@"
-}
-
-multilib_src_install() {
-	# "default" does not work here - docs are installed by multilib_src_install_all
-	emake DESTDIR="${D}" install
-}
-
-multilib_src_install_all() {
-	einstalldocs
-
-	find "${ED}" -type f -name "*.la" -delete || die
-}
author	Sam James <sam@gentoo.org>	2022-04-17 17:34:42 +0100
committer	Sam James <sam@gentoo.org>	2022-04-17 17:34:42 +0100
commit	e06a4aed9969ad025d82fadde2da1f4f7b98d2fd (patch)
tree	9b2daac869b198665e2c3423c3498fe3fd529b51 /dev-libs/libxslt
parent	dev-libs/libxml2: drop 2.9.12-r5 (diff)
download	gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.tar.gz gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.tar.bz2 gentoo-e06a4aed9969ad025d82fadde2da1f4f7b98d2fd.zip