XML Parsing Breakage in RHEL and derivatives
Paul Ramsey
pramsey at cleverelephant.ca
Sat Jan 27 11:07:51 PST 2024
I have a PR now here.
https://github.com/postgis/postgis/pull/758
The handling of name spaces is now pretty naive, but re-writing to do
a better job would be a complete re-write. This fix passes all
regression tests but one (and if you check the change log you'll see
it's kind of a dumb one (we expect the parser to find a name-spaced
'srsName' attribute even though we don't declare the namespace in the
GML fragment. there's literally no way to make this work with the SAX2
parser)).
I would like to apply this back through all stable branches so that
it's possible to run PostGIS on RHEL variants in this period (who
knows, months, years, forever?) during which the SAX1 parser is no
longer available to us.
P
On Fri, Jan 26, 2024 at 9:51 AM Paul Ramsey <pramsey at cleverelephant.ca> wrote:
>
> FYI, these issues
>
> https://gitlab.gnome.org/GNOME/libxml2/-/issues/535
> https://access.redhat.com/errata/RHSA-2024:0119
>
> are causing our XML parser to break. The RHEL security fix is rapidly spreading out into production systems (security!) so our code is starting to break.
>
> I think I’m going to have to do a somewhat large invasive change to move us to using the SAX2 parser, which will involve a pretty large patch back into stable releases. Just a forewarning. I’ll also want to push out a patch release relatively quickly.
>
> P.
More information about the postgis-devel
mailing list