File libxml2.spec of Package libxml2.2672

#
# spec file for package libxml2
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


%define lname libxml2-2

Name:           libxml2
Version:        2.9.1
Release:        0
Summary:        A Library to Manipulate XML Files
License:        MIT
Group:          System/Libraries
Url:            http://xmlsoft.org
# Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every day
Source:         ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
Source2:        baselibs.conf
Patch0:         fix-perl.diff
Patch1:         libxml2-CVE-2014-3660.patch
Patch2:         0001-Fix-a-regression-in-xmlGetDocCompressMode.patch
Patch3:         0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
Patch4:         0002-Adding-example-from-bugs-738805-to-regression-tests.patch
# PATCH-FIX-UPSTREAM bnc#928193 kstreitova@suse.com -- CVE-2015-1819 - enforce the reader to run in constant memory
Patch5:         libxml2-2.9.1-CVE-2015-1819.patch
# PATCH-FIX-UPSTREAM bnc#951734 kstreitova@suse.com -- CVE-2015-7941 - stop parsing on entities boundaries errors
Patch6:         libxml2-2.9.1-CVE-2015-7941.patch
# PATCH-FIX-UPSTREAM bnc#951735 kstreitova@suse.com -- CVE-2015-7942 - fix another variation of overflow in Conditional sections
Patch7:         libxml2-2.9.1-CVE-2015-7942.patch
# PATCH-FIX-UPSTREAM bnc#954429 kstreitova@suse.com -- CVE-2015-8035 - fix XZ compression support loop
Patch8:         libxml2-2.9.1-CVE-2015-8035.patch
# PATCH-FIX-UPSTREAM bnc#956018 kstreitova@suse.com -- CVE-2015-8241 - avoid extra processing of MarkupDecl when EOF
Patch9:         libxml2-2.9.1-CVE-2015-8241.patch
# PATCH-FIX-UPSTREAM bnc#956021 kstreitova@suse.com -- CVE-2015-8242 - buffer overead with HTML parser in push mode
Patch10:        libxml2-2.9.1-CVE-2015-8242.patch
# PATCH-FIX-UPSTREAM bnc#956260 kstreitova@suse.com -- CVE-2015-8317 - return if the encoding declaration is broken or encoding conversion failed
Patch11:        libxml2-2.9.1-CVE-2015-8317.patch
# PATCH-FIX-UPSTREAM bnc#957105 kstreitova@suse.com -- CVE-2015-5312 - fix another entity expansion issue
Patch12:        libxml2-2.9.1-CVE-2015-5312.patch
# PATCH-FIX-UPSTREAM bnc#957106 kstreitova@suse.com -- CVE-2015-7497 - avoid an heap buffer overflow in xmlDictComputeFastQKey
Patch13:        libxml2-2.9.1-CVE-2015-7497.patch
# PATCH-FIX-UPSTREAM bnc#957107 kstreitova@suse.com -- CVE-2015-7498 - avoid processing entities after encoding conversion failures
Patch14:        libxml2-2.9.1-CVE-2015-7498.patch
# PATCH-FIX-UPSTREAM bnc#957109 kstreitova@suse.com -- CVE-2015-7499 - add xmlHaltParser() to stop the parser and detect incoherency on GROW
Patch15:        libxml2-2.9.1-CVE-2015-7499.patch
# PATCH-FIX-UPSTREAM bnc#957110 kstreitova@suse.com -- CVE-2015-7500 - fix memory access error due to incorrect entities boundaries
Patch16:        libxml2-2.9.1-CVE-2015-7500.patch
# PATCH-FIX-UPSTREAM bnc#960674 kstreitova@suse.com -- CVE-2015-8710 - fix parsing short unclosed comment uninitialized access 
Patch17:        libxml2-2.9.1-CVE-2015-8710.patch
# PATCH-FIX-UPSTREAM bnc#972335 psimons@suse.com -- CVE-2016-3627 - stack exhaustion while parsing xml files in recovery mode
Patch18:        libxml2-2.9.1-CVE-2016-3627.patch
# PATCH-FIX-UPSTREAM bnc#975947 psimons@suse.com -- crash in xml validator
Patch19:        libxml2-2.9.1-CVE-2016-3705.patch
# PATCH-FIX-UPSTREAM bnc#978395 kstreitova@suse.com -- out of bound access when serializing malformed strings
Patch20:        libxml2-2.9.1-CVE-2016-4483.patch
# PATCH-FIX-UPSTREAM bnc#981040 kstreitova@suse.com -- heap-based buffer overread in xmlNextChar
Patch21:        libxml2-2.9.1-CVE-2016-1762.patch
# PATCH-FIX-UPSTREAM bnc#981041 kstreitova@suse.com -- heap-buffer-overflow in xmlStrncat
Patch22:        libxml2-2.9.1-CVE-2016-1834.patch
# PATCH-FIX-UPSTREAM bnc#981108 kstreitova@suse.com -- heap-based buffer overread in htmlCurrentChar
Patch23:        libxml2-2.9.1-CVE-2016-1833.patch
# PATCH-FIX-UPSTREAM bnc#981109 kstreitova@suse.com -- heap use-after-free in xmlSAX2AttributeNs
Patch24:        libxml2-2.9.1-CVE-2016-1835.patch
# PATCH-FIX-UPSTREAM bnc#981111 kstreitova@suse.com -- heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
Patch25:        libxml2-2.9.1-CVE-2016-1837.patch
# PATCH-FIX-UPSTREAM bnc#981112 kstreitova@suse.com -- heap-based buffer overread in xmlParserPrintFileContextInternal 
Patch26:        libxml2-2.9.1-CVE-2016-1838.patch
# PATCH-FIX-UPSTREAM bnc#981115 kstreitova@suse.com -- heap-buffer-overflow in xmlFAParsePosCharGroup
Patch27:        libxml2-2.9.1-CVE-2016-1840.patch
# PATCH-FIX-UPSTREAM bnc#981548 kstreitova@suse.com -- heap-based buffer-underreads due to xmlParseName
Patch28:        libxml2-2.9.1-CVE-2016-4447.patch
# PATCH-FIX-UPSTREAM bnc#981549 kstreitova@suse.com -- fix some format string warnings with possible format string vulnerability
Patch29:        libxml2-2.9.1-CVE-2016-4448.patch
# PATCH-FIX-UPSTREAM bnc#981550 kstreitova@suse.com -- fix inappropriate fetch of entities content
Patch30:        libxml2-2.9.1-CVE-2016-4449.patch
# PATCH-FIX-UPSTREAM bnc#963963 sflees@suse.de -- heap-based buffer overread in xmlDictAddString
Patch31:        libxml2-2.9.1-CVE-2016-1839.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  pkg-config
BuildRequires:  readline-devel
BuildRequires:  xz-devel
BuildRequires:  zlib-devel

%description
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

This library implements a number of existing standards related to
markup languages, including the XML standard, name spaces in XML, XML
Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and
XML catalogs. In most cases, libxml tries to implement the
specification in a rather strict way. To some extent, it provides
support for the following specifications, but does not claim to
implement them: DOM, FTP client, HTTP client, and SAX.

The library also supports RelaxNG. Support for W3C XML Schemas is in
progress.

%package -n %lname
Summary:        A Library to Manipulate XML Files
Group:          System/Libraries

%description -n %lname
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

This library implements a number of existing standards related to
markup languages, including the XML standard, name spaces in XML, XML
Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and
XML catalogs. In most cases, libxml tries to implement the
specification in a rather strict way. To some extent, it provides
support for the following specifications, but does not claim to
implement them: DOM, FTP client, HTTP client, and SAX.

The library also supports RelaxNG. Support for W3C XML Schemas is in
progress.

%package tools
Summary:        Tools using libxml
Group:          System/Libraries
Provides:       %{name} = %{version}-%{release}
Obsoletes:      %{name} < %{version}-%{release}

%description tools
This package contains xmllint, a very useful tool proving libxml's power.

%package devel
Summary:        Include Files and Libraries mandatory for Development
Group:          Development/Libraries/C and C++
Requires:       %{lname} = %{version}
Requires:       %{name}-tools = %{version}
Requires:       glibc-devel
Requires:       readline-devel
Requires:       xz-devel
Requires:       zlib-devel
# bug437293
%ifarch ppc64
Obsoletes:      libxml2-devel-64bit
%endif

%description devel
This package contains all necessary include files and libraries needed
to develop applications that require these.

%package doc
Summary:        A Library to Manipulate XML Files
Group:          System/Libraries
Requires:       %{lname} = %{version}
BuildArch:      noarch

%description doc
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

This library implements a number of existing standards related to
markup languages, including the XML standard, name spaces in XML, XML
Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and
XML catalogs. In most cases, libxml tries to implement the
specification in a rather strict way. To some extent, it provides
support for the following specifications, but does not claim to
implement them: DOM, FTP client, HTTP client, and SAX.

The library also supports RelaxNG. Support for W3C XML Schemas is in
progress.

%prep
%setup -q
%patch0
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1

%build
%configure --disable-static \
    --docdir=%_docdir/%name \
    --with-html-dir=%_docdir/%name/html \
    --with-fexceptions \
    --with-history \
    --without-python \
    --enable-ipv6 \
    --with-sax1 \
    --with-regexps \
    --with-threads \
    --with-reader \
    --with-http

make %{?_smp_mflags} BASE_DIR="%_docdir" DOC_MODULE="%name"

%install
make install DESTDIR="%buildroot" BASE_DIR="%_docdir" DOC_MODULE="%name"
mkdir -p "%buildroot/%_docdir/%name"
cp -a AUTHORS NEWS README COPYING* Copyright TODO* %{buildroot}%{_docdir}/%{name}/
ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml

%check
# qemu-arm can't keep up atm, disabling check for arm
%ifnarch %arm
make check
%endif

%post -n %lname -p /sbin/ldconfig

%postun -n %lname -p /sbin/ldconfig

%files -n %lname 
%defattr(-, root, root)
%{_libdir}/lib*.so.*
%doc %dir %{_docdir}/%{name}
%doc %{_docdir}/%{name}/[ANRCT]*

%files tools
%defattr(-, root, root)
%{_bindir}/xmllint
%{_bindir}/xmlcatalog
%doc %{_mandir}/man1/xmllint.1*
%doc %{_mandir}/man1/xmlcatalog.1*

%files devel
%defattr(-, root, root)
%{_bindir}/xml2-config
%dir %{_datadir}/aclocal
%{_datadir}/aclocal/libxml.m4
%{_includedir}/libxml
%{_includedir}/libxml2
%{_libdir}/lib*.so
# libxml2.la is needed for the python-libxml2 build. Deleting it breaks build of python-libxml2.
%{_libdir}/libxml2.la
%{_libdir}/*.sh
%{_libdir}/pkgconfig/*.pc
%doc %{_mandir}/man1/xml2-config.1*
%doc %{_mandir}/man3/libxml.3*

%files doc
%defattr(-, root, root)
%{_datadir}/gtk-doc/html/*
%doc %{_docdir}/%{name}/examples
%doc %{_docdir}/%{name}/html
# owning these directories prevents gtk-doc <-> libxml2 build loop:
%dir %{_datadir}/gtk-doc
%dir %{_datadir}/gtk-doc/html

%changelog