Skip to content

Commit

Permalink
cve: Update libxml2 to v2.13.2 (osquery#8223)
Browse files Browse the repository at this point in the history 
Also resolves CVE-2023-45322.
  • Loading branch information
@Smjert
Smjert authored Dec 20, 2023
1 parent e5dc15e commit 52974c7
Show file tree
Hide file tree
Showing 13 changed files with 689 additions and 884 deletions.
12 changes: 9 additions & 3 deletions libraries/cmake/source/libxml2/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,14 @@ cmake \
-DLIBXML2_WITH_TESTS=OFF \
-DLIBXML2_WITH_THREADS=ON \
-DLIBXML2_WITH_THREAD_ALLOC=OFF \
-DLIBXML2_WITH_TLS=OFF \
-DLIBXML2_WITH_TREE=ON \
-DLIBXML2_WITH_VALID=OFF \
-DLIBXML2_WITH_WRITER=ON \
-DLIBXML2_WITH_XINCLUDE=OFF \
-DLIBXML2_WITH_XPATH=ON \
-DLIBXML2_WITH_XPTR=ON \
-DLIBXML2_WITH_XPTR_LOCS=OFF \
-DLIBXML2_WITH_ZLIB=ON \
-DHAVE_VA_COPY:BOOL=ON
```
Expand All @@ -72,14 +74,14 @@ Make sure you are working in a clean source folder:
git reset --hard ; git clean -ffdx
```

When building for macOS ARM, also pass the following parameter: `-DCMAKE_OSX_ARCHITECTURES=arm64` and change `-DCMAKE_OSX_DEPLOYMENT_TARGET` to `10.15`.
When building for macOS ARM, also pass the following parameter: `-DCMAKE_OSX_ARCHITECTURES=arm64`, or use `-DCMAKE_OSX_ARCHITECTURES=x86_64` for x86_64.

```bash
cmake \
-S . \
-B build \
-DCMAKE_OSX_SYSROOT=/Applications/Xcode_13.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX11.3.sdk \
-DCMAKE_OSX_DEPLOYMENT_TARGET=10.14 \
-DCMAKE_OSX_SYSROOT=/Applications/Xcode_15.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX14.2.sdk \
-DCMAKE_OSX_DEPLOYMENT_TARGET=10.15 \
-DBUILD_SHARED_LIBS=OFF \
-DLIBXML2_WITH_C14N=ON \
-DLIBXML2_WITH_CATALOG=OFF \
Expand Down Expand Up @@ -107,12 +109,14 @@ cmake \
-DLIBXML2_WITH_TESTS=OFF \
-DLIBXML2_WITH_THREADS=ON \
-DLIBXML2_WITH_THREAD_ALLOC=OFF \
-DLIBXML2_WITH_TLS=OFF \
-DLIBXML2_WITH_TREE=ON \
-DLIBXML2_WITH_VALID=OFF \
-DLIBXML2_WITH_WRITER=ON \
-DLIBXML2_WITH_XINCLUDE=OFF \
-DLIBXML2_WITH_XPATH=ON \
-DLIBXML2_WITH_XPTR=ON \
-DLIBXML2_WITH_XPTR_LOCS=OFF \
-DLIBXML2_WITH_ZLIB=ON
```

Expand Down Expand Up @@ -171,12 +175,14 @@ cmake ^
-DLIBXML2_WITH_TESTS=OFF ^
-DLIBXML2_WITH_THREADS=ON ^
-DLIBXML2_WITH_THREAD_ALLOC=OFF ^
-DLIBXML2_WITH_TLS=OFF ^
-DLIBXML2_WITH_TREE=ON ^
-DLIBXML2_WITH_VALID=OFF ^
-DLIBXML2_WITH_WRITER=ON ^
-DLIBXML2_WITH_XINCLUDE=OFF ^
-DLIBXML2_WITH_XPATH=ON ^
-DLIBXML2_WITH_XPTR=ON ^
-DLIBXML2_WITH_XPTR_LOCS=OFF ^
-DLIBXML2_WITH_ZLIB=ON ^
```

Expand Down
45 changes: 9 additions & 36 deletions libraries/cmake/source/libxml2/config/linux/aarch64/config.h
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */

/* Define if __attribute__((destructor)) is accepted */
/* A form that will not confuse apibuild.py */
#define ATTRIBUTE_DESTRUCTOR __attribute__((destructor))

/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1

/* Define if __attribute__((destructor)) is accepted */
#define HAVE_ATTRIBUTE_DESTRUCTOR 1

/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1

Expand Down Expand Up @@ -57,15 +57,9 @@
/* Define to 1 if you have the <poll.h> header file. */
#define HAVE_POLL_H 1

/* Define if <pthread.h> is there */
/* Define to 1 if you have the <pthread.h> header file. */
#define HAVE_PTHREAD_H 1

/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1

/* Define to 1 if you have the `rand_r' function. */
#define HAVE_RAND_R 1

/* Have shl_load based dso */
/* #undef HAVE_SHLLOAD */

Expand Down Expand Up @@ -105,42 +99,21 @@
/* Whether __va_copy() is available */
#define HAVE___VA_COPY 1

/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"

/* Name of package */
#define PACKAGE "libxml2"

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "xml@gnome.org"

/* Define to the full name of this package. */
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING "libxml2 2.11.2"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libxml2"

/* Define to the home page for this package. */
#define PACKAGE_URL "https://gitlab.gnome.org/GNOME/libxml2"

/* Define to the version of this package. */
#define PACKAGE_VERSION "2.11.2"

/* Support for IPv6 */
/* #undef SUPPORT_IP6 */

/* Define if va_list is an array type */
/* #undef VA_LIST_IS_ARRAY */

/* Version number of package */
#define VERSION "2.11.2"
#define VERSION "2.12.3"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t

/* TLS specifier */
/* #undef XML_THREAD_LOCAL */

/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
Expand Down
45 changes: 9 additions & 36 deletions libraries/cmake/source/libxml2/config/linux/x86_64/config.h
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */

/* Define if __attribute__((destructor)) is accepted */
/* A form that will not confuse apibuild.py */
#define ATTRIBUTE_DESTRUCTOR __attribute__((destructor))

/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1

/* Define if __attribute__((destructor)) is accepted */
#define HAVE_ATTRIBUTE_DESTRUCTOR 1

/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1

Expand Down Expand Up @@ -57,15 +57,9 @@
/* Define to 1 if you have the <poll.h> header file. */
#define HAVE_POLL_H 1

/* Define if <pthread.h> is there */
/* Define to 1 if you have the <pthread.h> header file. */
#define HAVE_PTHREAD_H 1

/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1

/* Define to 1 if you have the `rand_r' function. */
#define HAVE_RAND_R 1

/* Have shl_load based dso */
/* #undef HAVE_SHLLOAD */

Expand Down Expand Up @@ -105,42 +99,21 @@
/* Whether __va_copy() is available */
#define HAVE___VA_COPY 1

/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"

/* Name of package */
#define PACKAGE "libxml2"

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "xml@gnome.org"

/* Define to the full name of this package. */
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING "libxml2 2.11.2"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libxml2"

/* Define to the home page for this package. */
#define PACKAGE_URL "https://gitlab.gnome.org/GNOME/libxml2"

/* Define to the version of this package. */
#define PACKAGE_VERSION "2.11.2"

/* Support for IPv6 */
/* #undef SUPPORT_IP6 */

/* Define if va_list is an array type */
#define VA_LIST_IS_ARRAY 1

/* Version number of package */
#define VERSION "2.11.2"
#define VERSION "2.12.3"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t

/* TLS specifier */
/* #undef XML_THREAD_LOCAL */

/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
Expand Down
45 changes: 9 additions & 36 deletions libraries/cmake/source/libxml2/config/macos/aarch64/config.h
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */

/* Define if __attribute__((destructor)) is accepted */
/* A form that will not confuse apibuild.py */
#define ATTRIBUTE_DESTRUCTOR __attribute__((destructor))

/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1

/* Define if __attribute__((destructor)) is accepted */
#define HAVE_ATTRIBUTE_DESTRUCTOR 1

/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1

Expand Down Expand Up @@ -57,15 +57,9 @@
/* Define to 1 if you have the <poll.h> header file. */
#define HAVE_POLL_H 1

/* Define if <pthread.h> is there */
/* Define to 1 if you have the <pthread.h> header file. */
#define HAVE_PTHREAD_H 1

/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1

/* Define to 1 if you have the `rand_r' function. */
#define HAVE_RAND_R 1

/* Have shl_load based dso */
/* #undef HAVE_SHLLOAD */

Expand Down Expand Up @@ -105,42 +99,21 @@
/* Whether __va_copy() is available */
#define HAVE___VA_COPY 1

/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"

/* Name of package */
#define PACKAGE "libxml2"

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "xml@gnome.org"

/* Define to the full name of this package. */
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING "libxml2 2.11.2"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libxml2"

/* Define to the home page for this package. */
#define PACKAGE_URL "https://gitlab.gnome.org/GNOME/libxml2"

/* Define to the version of this package. */
#define PACKAGE_VERSION "2.11.2"

/* Support for IPv6 */
/* #undef SUPPORT_IP6 */

/* Define if va_list is an array type */
/* #undef VA_LIST_IS_ARRAY */

/* Version number of package */
#define VERSION "2.11.2"
#define VERSION "2.12.3"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t

/* TLS specifier */
/* #undef XML_THREAD_LOCAL */

/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
Expand Down
45 changes: 9 additions & 36 deletions libraries/cmake/source/libxml2/config/macos/x86_64/config.h
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */

/* Define if __attribute__((destructor)) is accepted */
/* A form that will not confuse apibuild.py */
#define ATTRIBUTE_DESTRUCTOR __attribute__((destructor))

/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1

/* Define if __attribute__((destructor)) is accepted */
#define HAVE_ATTRIBUTE_DESTRUCTOR 1

/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1

Expand Down Expand Up @@ -57,15 +57,9 @@
/* Define to 1 if you have the <poll.h> header file. */
#define HAVE_POLL_H 1

/* Define if <pthread.h> is there */
/* Define to 1 if you have the <pthread.h> header file. */
#define HAVE_PTHREAD_H 1

/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1

/* Define to 1 if you have the `rand_r' function. */
#define HAVE_RAND_R 1

/* Have shl_load based dso */
/* #undef HAVE_SHLLOAD */

Expand Down Expand Up @@ -105,42 +99,21 @@
/* Whether __va_copy() is available */
#define HAVE___VA_COPY 1

/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"

/* Name of package */
#define PACKAGE "libxml2"

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "xml@gnome.org"

/* Define to the full name of this package. */
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING "libxml2 2.11.2"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libxml2"

/* Define to the home page for this package. */
#define PACKAGE_URL "https://gitlab.gnome.org/GNOME/libxml2"

/* Define to the version of this package. */
#define PACKAGE_VERSION "2.11.2"

/* Support for IPv6 */
/* #undef SUPPORT_IP6 */

/* Define if va_list is an array type */
#define VA_LIST_IS_ARRAY 1

/* Version number of package */
#define VERSION "2.11.2"
#define VERSION "2.12.3"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t

/* TLS specifier */
/* #undef XML_THREAD_LOCAL */

/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
Expand Down
Loading

0 comments on commit 52974c7

Please sign in to comment.