GNOME 3622 Published by

Libxml2 2.13.3 has been released, which addresses a security vulnerability and other regressions. Improvements include adding an error handler for text processing and deprecating xmlKeepBlanksDefault.



Libxml2 2.13.3 released

https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.3.tar.xz  (2.46M)
sha256sum: 0805d7c180cf09caad71666c7a458a74f041561a532902454da5047d83948138
Screenshot_from_2024_07_25_08_23_22

Security

  • [CVE-2024-40896] Fix XXE protection in downstream code

Regressions

  • autotools: Use AC_CHECK_DECL to check for getentropy
  • xinclude: Fix fallback for text includes
  • io: Don’t call getcwd in xmlParserGetDirectory
  • io: Fix return value of xmlFileRead
  • parser: Fix error return of xmlParseBalancedChunkMemory

Improvements

  • xinclude: Set error handler when parsing text
  • Undeprecate xmlKeepBlanksDefault

Libxml2 2.13.3 released