Fix several CVE: CVE-2024-56171, CVE-2025-24928, CVE-2025-32414

2025-06-13 12:30:26 +02:00
parent 66b22f147f
commit ee90a418d6
4 changed files with 69 additions and 2 deletions
--- a/textproc/libxml2/Makefile
+++ b/textproc/libxml2/Makefile
@ -1,10 +1,14 @@
 PORTNAME=	libxml2
 DISTVERSION=	2.11.9
-PORTREVISION?=	0
+PORTREVISION?=	1
 CATEGORIES?=	textproc gnome
 MASTER_SITES=	GNOME
 DIST_SUBDIR=	gnome

+# FIX CVE-2025-32414
+PATCH_SITES=	https://gitlab.gnome.org/-/project/1665/uploads/
+PATCHFILES+=	90c0ee56b5b7d6d91cb9bcd04b923b6c/bug-889-v2.11.0-and-above.patch:-p1
+
 MAINTAINER=	desktop@FreeBSD.org
 COMMENT?=	XML parser library for GNOME
 WWW=		http://xmlsoft.org/
@ -13,6 +17,7 @@ LICENSE=	MIT

 USES+=		cmake:testing cpe iconv localbase:ldflags pathfix \
 		pkgconfig tar:xz
+
 CPE_VENDOR=	xmlsoft
 USE_LDCONFIG=	yes
 # Don't build with Python support unless requested