diff --git a/SPECS/libxml2/libxml2.signatures.json b/SPECS/libxml2/libxml2.signatures.json index 25c6335e1c1..981419a3111 100644 --- a/SPECS/libxml2/libxml2.signatures.json +++ b/SPECS/libxml2/libxml2.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libxml2-v2.9.14.tar.gz": "80efe9e6b48f8aa7b9b0c47be427e2ef2dbfb2999124220ffbc0f43ca6adb98c" + "libxml2-v2.10.0.tar.gz": "03365d9d4a6e086c213ed52a917f057838d70d54d080c12390084603c40dbb3d" } } diff --git a/SPECS/libxml2/libxml2.spec b/SPECS/libxml2/libxml2.spec index 9ebc2b8d321..dc6b6526e3b 100644 --- a/SPECS/libxml2/libxml2.spec +++ b/SPECS/libxml2/libxml2.spec @@ -1,12 +1,12 @@ Summary: Libxml2 Name: libxml2 -Version: 2.9.14 +Version: 2.10.0 Release: 1%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Mariner Group: System Environment/General Libraries -URL: https://www.xmlsoft.org/ +URL: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home Source0: https://gitlab.gnome.org/GNOME/%{name}/-/archive/v%{version}/%{name}-v%{version}.tar.gz BuildRequires: python3-devel BuildRequires: python3-xml @@ -59,10 +59,9 @@ find %{buildroot} -type f -name "*.la" -delete -print %files %defattr(-,root,root) -%license COPYING +%license Copyright %{_docdir}/* %{_libdir}/libxml* -%{_libdir}/xml2Conf.sh %{_bindir}/* %{_datadir}/aclocal/* %{_datadir}/gtk-doc/* @@ -75,11 +74,13 @@ find %{buildroot} -type f -name "*.la" -delete -print %files devel %defattr(-,root,root) %{_includedir}/* -%{_mandir}/man3/* %{_libdir}/pkgconfig/libxml-2.0.pc %{_libdir}/cmake/libxml2/libxml2-config.cmake %changelog +* Mon Aug 22 2022 Nicolas Guibourge - 2.10.0-1 +- Updating to version 2.10.0 to fix CVE-2022-2309. + * Mon May 23 2022 Cameron Baird - 2.9.14-1 - Updating to version 2.9.14 to fix CVE-2022-29824. diff --git a/SPECS/python-lxml/python-lxml.signatures.json b/SPECS/python-lxml/python-lxml.signatures.json index 16b56c50fec..8a7adbd7c10 100644 --- a/SPECS/python-lxml/python-lxml.signatures.json +++ b/SPECS/python-lxml/python-lxml.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "lxml-4.8.0.tar.gz": "f63f62fc60e6228a4ca9abae28228f35e1bd3ce675013d1dfb828688d50c6e23" + "lxml-4.9.1.tar.gz": "fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" } } \ No newline at end of file diff --git a/SPECS/python-lxml/python-lxml.spec b/SPECS/python-lxml/python-lxml.spec index c199b1fad1d..f46de3423fc 100644 --- a/SPECS/python-lxml/python-lxml.spec +++ b/SPECS/python-lxml/python-lxml.spec @@ -2,7 +2,7 @@ Summary: XML and HTML with Python Name: python-lxml -Version: 4.8.0 +Version: 4.9.1 Release: 1%{?dist} # Test suite (and only the test suite) is GPLv2+ License: BSD and GPLv2+ @@ -53,6 +53,9 @@ make test %{python3_sitelib}/* %changelog +* Mon Aug 22 2022 Nicolas Guibourge - 4.9.1-1 +- Upgrade to to fix CVE-2022-2309 + * Wed Apr 20 2022 Olivia Crain - 4.8.0-1 - Upgrade to latest upstream version - Fixes CVE-2018-19787, CVE-2020-27783, CVE-2021-28957, CVE-2021-43818 diff --git a/cgmanifest.json b/cgmanifest.json index 0af2b9ba431..066f72d52d3 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -10571,8 +10571,8 @@ "type": "other", "other": { "name": "libxml2", - "version": "2.9.14", - "downloadUrl": "https://gitlab.gnome.org/GNOME/libxml2/-/archive/v2.9.14/libxml2-v2.9.14.tar.gz" + "version": "2.10.0", + "downloadUrl": "https://gitlab.gnome.org/GNOME/libxml2/-/archive/v2.10.0/libxml2-v2.10.0.tar.gz" } } }, @@ -20974,8 +20974,8 @@ "type": "other", "other": { "name": "python-lxml", - "version": "4.8.0", - "downloadUrl": "https://github.com/lxml/lxml/releases/download/lxml-4.8.0/lxml-4.8.0.tar.gz" + "version": "4.9.1", + "downloadUrl": "https://github.com/lxml/lxml/releases/download/lxml-4.9.1/lxml-4.9.1.tar.gz" } } }, diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index aed7ce44726..370c8879262 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -197,8 +197,8 @@ tdnf-cli-libs-3.2.2-4.cm2.aarch64.rpm tdnf-devel-3.2.2-4.cm2.aarch64.rpm tdnf-plugin-repogpgcheck-3.2.2-4.cm2.aarch64.rpm createrepo_c-0.17.5-1.cm2.aarch64.rpm -libxml2-2.9.14-1.cm2.aarch64.rpm -libxml2-devel-2.9.14-1.cm2.aarch64.rpm +libxml2-2.10.0-1.cm2.aarch64.rpm +libxml2-devel-2.10.0-1.cm2.aarch64.rpm libsepol-3.2-2.cm2.aarch64.rpm glib-2.71.0-1.cm2.aarch64.rpm libltdl-2.4.6-8.cm2.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index c0c2daed9ff..80c9e8c51a9 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -197,8 +197,8 @@ tdnf-cli-libs-3.2.2-4.cm2.x86_64.rpm tdnf-devel-3.2.2-4.cm2.x86_64.rpm tdnf-plugin-repogpgcheck-3.2.2-4.cm2.x86_64.rpm createrepo_c-0.17.5-1.cm2.x86_64.rpm -libxml2-2.9.14-1.cm2.x86_64.rpm -libxml2-devel-2.9.14-1.cm2.x86_64.rpm +libxml2-2.10.0-1.cm2.x86_64.rpm +libxml2-devel-2.10.0-1.cm2.x86_64.rpm libsepol-3.2-2.cm2.x86_64.rpm glib-2.71.0-1.cm2.x86_64.rpm libltdl-2.4.6-8.cm2.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index c0fc57ecdb1..e55fe00b91f 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -203,9 +203,9 @@ libtasn1-debuginfo-4.18.0-2.cm2.aarch64.rpm libtasn1-devel-4.18.0-2.cm2.aarch64.rpm libtool-2.4.6-8.cm2.aarch64.rpm libtool-debuginfo-2.4.6-8.cm2.aarch64.rpm -libxml2-2.9.14-1.cm2.aarch64.rpm -libxml2-debuginfo-2.9.14-1.cm2.aarch64.rpm -libxml2-devel-2.9.14-1.cm2.aarch64.rpm +libxml2-2.10.0-1.cm2.aarch64.rpm +libxml2-debuginfo-2.10.0-1.cm2.aarch64.rpm +libxml2-devel-2.10.0-1.cm2.aarch64.rpm libxslt-1.1.34-7.cm2.aarch64.rpm libxslt-debuginfo-1.1.34-7.cm2.aarch64.rpm libxslt-devel-1.1.34-7.cm2.aarch64.rpm @@ -510,8 +510,8 @@ python3-gpg-1.16.0-1.cm2.aarch64.rpm python3-jinja2-3.0.3-2.cm2.noarch.rpm python3-libcap-ng-0.8.2-2.cm2.aarch64.rpm python3-libs-3.9.13-3.cm2.aarch64.rpm -python3-libxml2-2.9.14-1.cm2.aarch64.rpm -python3-lxml-4.8.0-1.cm2.aarch64.rpm +python3-libxml2-2.10.0-1.cm2.aarch64.rpm +python3-lxml-4.9.1-1.cm2.aarch64.rpm python3-magic-5.40-2.cm2.noarch.rpm python3-markupsafe-2.1.0-1.cm2.aarch64.rpm python3-newt-0.52.21-4.cm2.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index d5864f84787..b91be57dcf9 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -203,9 +203,9 @@ libtasn1-debuginfo-4.18.0-2.cm2.x86_64.rpm libtasn1-devel-4.18.0-2.cm2.x86_64.rpm libtool-2.4.6-8.cm2.x86_64.rpm libtool-debuginfo-2.4.6-8.cm2.x86_64.rpm -libxml2-2.9.14-1.cm2.x86_64.rpm -libxml2-debuginfo-2.9.14-1.cm2.x86_64.rpm -libxml2-devel-2.9.14-1.cm2.x86_64.rpm +libxml2-2.10.0-1.cm2.x86_64.rpm +libxml2-debuginfo-2.10.0-1.cm2.x86_64.rpm +libxml2-devel-2.10.0-1.cm2.x86_64.rpm libxslt-1.1.34-7.cm2.x86_64.rpm libxslt-debuginfo-1.1.34-7.cm2.x86_64.rpm libxslt-devel-1.1.34-7.cm2.x86_64.rpm @@ -510,8 +510,8 @@ python3-gpg-1.16.0-1.cm2.x86_64.rpm python3-jinja2-3.0.3-2.cm2.noarch.rpm python3-libcap-ng-0.8.2-2.cm2.x86_64.rpm python3-libs-3.9.13-3.cm2.x86_64.rpm -python3-libxml2-2.9.14-1.cm2.x86_64.rpm -python3-lxml-4.8.0-1.cm2.x86_64.rpm +python3-libxml2-2.10.0-1.cm2.x86_64.rpm +python3-lxml-4.9.1-1.cm2.x86_64.rpm python3-magic-5.40-2.cm2.noarch.rpm python3-markupsafe-2.1.0-1.cm2.x86_64.rpm python3-newt-0.52.21-4.cm2.x86_64.rpm