Hi,

Thanks for working on this! Here's some initial feedback.

On 6/11/26 2:00 PM, Aoife Moloney via devel-announce wrote:
The update to 2.15.3 is necessary to address several security
vulnerabilities fixed only in version 2.15.2 and above. Version 2.14
introduces an ABI change, requiring all packages linked against
libxml2 to be rebuilt.
Furthermore, upstream has deprecated the libxml2 Python bindings.
While these remain present in 2.15.3, they will be removed in 2.16.
Fedora packages currently using these bindings must be ported to
alternatives, such as python3-lxml or the standard library's
xml.etree. Concretely, this will mean that the python3-libxml2
subpackage will be marked as deprecated.

** Mass Rebuild: Maintainers of packages depending on
<code>libxml2</code> must ensure their packages rebuild successfully
against the new ABI.

Ideally, as part of this Change, you would perform an impact check in Copr to figure out which packages would break with the new libxml2. mass-prebuild is a good tool for this, and I also have my own mini bash script that I can share if you'd like.

As far as I know, you will also need to (temporarily) introduce a libxml2_2.13 compat package, since libdnf5 Requires and links to libxml2.so.2 and will break after you rebuild libxml2, but you can't rebuild dnf5 against the new libxml2 if the current dnf5 is broken.
--
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

Reply via email to