pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / development / libraries / libxml2 / default.nix
at master 2.1 kB view raw
1{ 2 lib, 3 callPackage, 4 fetchFromGitLab, 5 fetchpatch2, 6}: 7 8let 9 packages = { 10 libxml2_13 = callPackage ./common.nix { 11 version = "2.13.8"; 12 src = fetchFromGitLab { 13 domain = "gitlab.gnome.org"; 14 owner = "GNOME"; 15 repo = "libxml2"; 16 tag = "v${packages.libxml2_13.version}"; 17 hash = "sha256-acemyYs1yRSTSLH7YCGxnQzrEDm8YPTK4HtisC36LsY="; 18 }; 19 extraPatches = [ 20 # same as upstream patch but fixed conflict and added required import: 21 # https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0.diff 22 ./CVE-2025-6021.patch 23 (fetchpatch2 { 24 name = "CVE-2025-49794-49796.patch"; 25 url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/f7ebc65f05bffded58d1e1b2138eb124c2e44f21.patch"; 26 hash = "sha256-k+IGq6pbv9EA7o+uDocEAUqIammEjLj27Z+2RF5EMrs="; 27 }) 28 (fetchpatch2 { 29 name = "CVE-2025-49795.patch"; 30 url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c24909ba2601848825b49a60f988222da3019667.patch"; 31 hash = "sha256-r7PYKr5cDDNNMtM3ogNLsucPFTwP/uoC7McijyLl4kU="; 32 excludes = [ "runtest.c" ]; # tests were rewritten in C and are on schematron for 2.13.x, meaning this does not apply 33 }) 34 # same as upstream, fixed conflicts 35 # https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434 36 ./CVE-2025-6170.patch 37 ]; 38 freezeUpdateScript = true; 39 extraMeta = { 40 maintainers = with lib.maintainers; [ 41 gepbird 42 ]; 43 }; 44 }; 45 libxml2 = callPackage ./common.nix { 46 version = "2.14.5"; 47 src = fetchFromGitLab { 48 domain = "gitlab.gnome.org"; 49 owner = "GNOME"; 50 repo = "libxml2"; 51 tag = "v${packages.libxml2.version}"; 52 hash = "sha256-vxKlw8Kz+fgUP6bhWG2+4346WJVzqG0QvPG/BT7RftQ="; 53 }; 54 extraMeta = { 55 maintainers = with lib.maintainers; [ 56 jtojnar 57 ]; 58 }; 59 }; 60 }; 61in 62packages