gnu: libxml2: Update replacement to 2.9.4 [security fixes].

This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839, 1840, 3627, 3705, 4483}. * gnu/packages/patches/libxml2-CVE-2016-3627.patch, gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4. [source]: Remove patches.
2025-10-02 02:15:12 +00:00 · 2016-05-26 22:29:24 -04:00 · 2016-05-26 22:29:24 -04:00 · df2dd07b88
commit df2dd07b88
parent c06f6db7a4
4 changed files with 10 additions and 135 deletions
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@ -107,10 +107,16 @@ project (but it is usable outside of the Gnome platform).")
 (define libxml2/fixed
  (package
    (inherit libxml2)
-    (source (origin
-              (inherit (package-source libxml2))
-              (patches (search-patches "libxml2-CVE-2016-3627.patch"
-                                       "libxml2-CVE-2016-3705.patch"))))))
+    (source
+     (let ((name "libxml2")
+           (version "2.9.4"))
+       (origin
+         (method url-fetch)
+         (uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
+                             version ".tar.gz"))
+         (sha256
+          (base32
+           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz")))))))

 (define-public python-libxml2
  (package (inherit libxml2)