aevum announces libxml2 Enterprise Edition

aevum is excited to announce the first release of libxml2 Enterprise Edition. Developed by aevum's owner and solopreneur Nick Wellnhofer, who maintained libxml2 for the last years, this fork contains major security and performance improvements.

“I continue where I left off after stepping down as libxml2 maintainer: cleaning up technical debt, fixing bugs, improving fuzz and test coverage. What's new is that libxml2 is now in a state that allows to start with serious performance improvements,” explains Nick. libxml2 EE features SIMD-accelerated parsers and serializers which are up to 10× faster, as detailed in this article. Both ARM and Intel platforms are supported through ARM Neon as well as Intel AVX and SSE extensions.

On top of that, Nick started to tackle long-standing security issues. libxml2 Enterprise Edition fixes all remaining issues related to algorithmic complexity and allows to parse untrusted XML without being exposed to denial-of-service vulnerabilites. In addition, many problems arising from the use of 32-bit types on 64-bit systems were fixed, guarding against vulnerabilites arising from integer overflows. An experimental new 64-bit API allows to work with multi-gigabyte XML files in a safe manner.

The repository is hosted on Codeberg, a non-profit, community-led software forge.

libxml2 Enterprise Edition is licensed under the GNU Affero General Public License (AGPL). Commercial licenses are available through aevum.