summaryrefslogtreecommitdiff
path: root/gnu/packages/xml.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/xml.scm')
-rw-r--r--gnu/packages/xml.scm58
1 files changed, 11 insertions, 47 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index eccef0d898..200de67f61 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -1,11 +1,11 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016, 2018 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
@@ -59,17 +59,16 @@
(define-public expat
(package
(name "expat")
- (version "2.2.1")
- (replacement expat-2.2.4)
+ (version "2.2.5")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/expat/expat/"
version "/expat-" version ".tar.bz2"))
(sha256
(base32
- "11c8jy1wvllvlk7xdc5cm8hdhg0hvs8j0aqy6s702an8wkdcls0q"))))
+ "1xpd78sp7m34jqrw5x13bz7kgz0n6aj15wn4zj4gfx3ypbpk5p6r"))))
(build-system gnu-build-system)
- (home-page "http://www.libexpat.org/")
+ (home-page "https://libexpat.github.io/")
(synopsis "Stream-oriented XML parser library written in C")
(description
"Expat is an XML parser library written in C. It is a
@@ -77,18 +76,6 @@ stream-oriented parser in which an application registers handlers for
things the parser might find in the XML document (like start tags).")
(license license:expat)))
-(define expat-2.2.4 ; Fix CVE-{2016-9063,2017-9233,2017-11742} & other issues.
- (package
- (inherit expat)
- (version "2.2.4")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://sourceforge/expat/expat/"
- version "/expat-" version ".tar.bz2"))
- (sha256
- (base32
- "17h1fb9zvqvf0sr78j211bngc6jpql5wzar8fg9b52jzjvdqbb83"))))))
-
(define-public libebml
(package
(name "libebml")
@@ -113,17 +100,14 @@ hierarchical form with variable field lengths.")
(define-public libxml2
(package
(name "libxml2")
- (version "2.9.4")
- (replacement libxml2/fixed)
+ (version "2.9.7")
(source (origin
(method url-fetch)
(uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
version ".tar.gz"))
- (patches (search-patches "libxml2-CVE-2016-4658.patch"
- "libxml2-CVE-2016-5131.patch"))
(sha256
(base32
- "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz"))))
+ "034hylzspvkm0p4bczqbf8q05a7r2disr8dz725x4bin61ymwg7n"))))
(build-system gnu-build-system)
(home-page "http://www.xmlsoft.org/")
(synopsis "C parser for XML")
@@ -143,21 +127,6 @@ hierarchical form with variable field lengths.")
project (but it is usable outside of the Gnome platform).")
(license license:x11)))
-(define libxml2/fixed
- (package
- (inherit libxml2)
- (source
- (origin
- (inherit (package-source libxml2))
- (patches
- (append (origin-patches (package-source libxml2))
- (search-patches "libxml2-CVE-2017-0663.patch"
- "libxml2-CVE-2017-7375.patch"
- "libxml2-CVE-2017-7376.patch"
- "libxml2-CVE-2017-9047+CVE-2017-9048.patch"
- "libxml2-CVE-2017-9049+CVE-2017-9050.patch"
- "libxml2-CVE-2017-15412.patch")))))))
-
(define-public python-libxml2
(package/inherit libxml2
(name "python-libxml2")
@@ -190,19 +159,14 @@ project (but it is usable outside of the Gnome platform).")
(define-public libxslt
(package
(name "libxslt")
- (replacement libxslt/fixed)
- (version "1.1.29")
+ (version "1.1.32")
(source (origin
(method url-fetch)
(uri (string-append "ftp://xmlsoft.org/libxslt/libxslt-"
version ".tar.gz"))
- ;; XXX Oops, the patches field is redefined below, which means the
- ;; patch for CVE-2016-4738 was not used. Fixed in the definition of
- ;; libxslt/fixed below.
- ;(patches (search-patches "libxslt-CVE-2016-4738.patch"))
(sha256
(base32
- "1klh81xbm9ppzgqk339097i39b7fnpmlj8lzn8bpczl3aww6x5xm"))
+ "0q2l6m56iv3ysxgm2walhg4c9wp7q183jb328687i9zlp85csvjj"))
(patches (search-patches "libxslt-generated-ids.patch"))))
(build-system gnu-build-system)
(home-page "http://xmlsoft.org/XSLT/index.html")
@@ -942,14 +906,14 @@ XSL-T processor. It also performs any necessary post-processing.")
(define-public xmlsec
(package
(name "xmlsec")
- (version "1.2.20")
+ (version "1.2.25")
(source (origin
(method url-fetch)
(uri (string-append "https://www.aleksey.com/xmlsec/download/"
name "1-" version ".tar.gz"))
(sha256
(base32
- "01bkbv2y3x8d1sf4dcln1x3y2jyj391s3208d9a2ndhglly5j89j"))))
+ "1lpwj8dxwhha54sby0v5axjk79h56jnhjjiwiasbbk15vwzahz4n"))))
(build-system gnu-build-system)
(propagated-inputs ; according to xmlsec1.pc
`(("libxml2" ,libxml2)