|
|
1897d6 |
# for -O3 on ppc64 c.f. 1051068
|
|
|
1897d6 |
%global _performance_build 1
|
|
|
1897d6 |
|
|
|
bbdd21 |
Summary: Library providing XML and HTML support
|
|
|
bbdd21 |
Name: libxml2
|
|
|
bbdd21 |
Version: 2.9.1
|
|
|
7219eb |
Release: 6%{?dist}%{?extra_release}.6
|
|
|
bbdd21 |
License: MIT
|
|
|
bbdd21 |
Group: Development/Libraries
|
|
|
bbdd21 |
Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
|
|
|
bbdd21 |
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
bbdd21 |
BuildRequires: python python-devel zlib-devel pkgconfig xz-devel
|
|
|
bbdd21 |
URL: http://xmlsoft.org/
|
|
|
bbdd21 |
Patch0: libxml2-multilib.patch
|
|
|
bbdd21 |
Patch1: libxml2-2.9.0-do-not-check-crc.patch
|
|
|
bbdd21 |
|
|
|
bbdd21 |
Patch100: libxml2-Fix-a-regression-in-xmlGetDocCompressMode.patch
|
|
|
8f6325 |
Patch101: CVE-2014-3660-rhel7.patch
|
|
|
0c7906 |
Patch102: libxml2-Fix-missing-entities-after-CVE-2014-3660-fix.patch
|
|
|
0c7906 |
Patch103: libxml2-Do-not-fetch-external-parameter-entities.patch
|
|
|
0c7906 |
Patch104: libxml2-Fix-regression-introduced-by-CVE-2014-0191.patch
|
|
|
267d54 |
Patch105: libxml2-Stop-parsing-on-entities-boundaries-errors.patch
|
|
|
267d54 |
Patch106: libxml2-Cleanup-conditional-section-error-handling.patch
|
|
|
267d54 |
Patch107: libxml2-Fail-parsing-early-on-if-encoding-conversion-failed.patch
|
|
|
267d54 |
Patch108: libxml2-Another-variation-of-overflow-in-Conditional-sections.patch
|
|
|
267d54 |
Patch109: libxml2-Fix-an-error-in-previous-Conditional-section-patch.patch
|
|
|
267d54 |
Patch110: libxml2-Fix-parsing-short-unclosed-comment-uninitialized-access.patch
|
|
|
267d54 |
Patch111: libxml2-Avoid-extra-processing-of-MarkupDecl-when-EOF.patch
|
|
|
267d54 |
Patch112: libxml2-Avoid-processing-entities-after-encoding-conversion-failures.patch
|
|
|
267d54 |
Patch113: libxml2-xmlStopParser-reset-errNo.patch
|
|
|
267d54 |
Patch114: libxml2-CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDictComputeFastQKey.patch
|
|
|
267d54 |
Patch115: libxml2-CVE-2015-5312-Another-entity-expansion-issue.patch
|
|
|
267d54 |
Patch116: libxml2-Add-xmlHaltParser-to-stop-the-parser.patch
|
|
|
267d54 |
Patch117: libxml2-Reuse-xmlHaltParser-where-it-makes-sense.patch
|
|
|
267d54 |
Patch118: libxml2-Do-not-print-error-context-when-there-is-none.patch
|
|
|
267d54 |
Patch119: libxml2-Detect-incoherency-on-GROW.patch
|
|
|
267d54 |
Patch120: libxml2-Fix-some-loop-issues-embedding-NEXT.patch
|
|
|
267d54 |
Patch121: libxml2-Bug-on-creating-new-stream-from-entity.patch
|
|
|
267d54 |
Patch122: libxml2-CVE-2015-7500-Fix-memory-access-error-due-to-incorrect-entities-boundaries.patch
|
|
|
267d54 |
Patch123: libxml2-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-push-mode.patch
|
|
|
267d54 |
Patch124: libxml2-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-memory.patch
|
|
|
1c8959 |
patch125: libxml2-Add-missing-increments-of-recursion-depth-counter-to-XML-parser.patch
|
|
|
1c8959 |
patch126: libxml2-Avoid-building-recursive-entities.patch
|
|
|
1c8959 |
patch127: libxml2-Bug-757711-heap-buffer-overflow-in-xmlFAParsePosCharGroup-https-bugzilla.gnome.org-show_bug.cgi-id-757711.patch
|
|
|
1c8959 |
patch128: libxml2-Bug-758588-Heap-based-buffer-overread-in-xmlParserPrintFileContextInternal-https-bugzilla.gnome.org-show_bug.cgi-id-758588.patch
|
|
|
1c8959 |
patch129: libxml2-Bug-758605-Heap-based-buffer-overread-in-xmlDictAddString-https-bugzilla.gnome.org-show_bug.cgi-id-758605.patch
|
|
|
1c8959 |
patch130: libxml2-Bug-759398-Heap-use-after-free-in-xmlDictComputeFastKey-https-bugzilla.gnome.org-show_bug.cgi-id-759398.patch
|
|
|
1c8959 |
patch131: libxml2-Bug-763071-heap-buffer-overflow-in-xmlStrncat-https-bugzilla.gnome.org-show_bug.cgi-id-763071.patch
|
|
|
1c8959 |
patch132: libxml2-Fix-inappropriate-fetch-of-entities-content.patch
|
|
|
1c8959 |
patch133: libxml2-Fix-some-format-string-warnings-with-possible-format-string-vulnerability.patch
|
|
|
1c8959 |
patch134: libxml2-Heap-based-buffer-overread-in-htmlCurrentChar.patch
|
|
|
1c8959 |
patch135: libxml2-Heap-based-buffer-overread-in-xmlNextChar.patch
|
|
|
1c8959 |
patch136: libxml2-Heap-based-buffer-underreads-due-to-xmlParseName.patch
|
|
|
1c8959 |
patch137: libxml2-Heap-use-after-free-in-htmlParsePubidLiteral-and-htmlParseSystemiteral.patch
|
|
|
1c8959 |
patch138: libxml2-Heap-use-after-free-in-xmlSAX2AttributeNs.patch
|
|
|
1c8959 |
patch139: libxml2-More-format-string-warnings-with-possible-format-string-vulnerability.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1595697
|
|
|
8a784f |
patch140: libxml2-2.9.1-CVE-2015-8035.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1602817
|
|
|
8a784f |
patch141: libxml2-2.9.1-CVE-2018-14404.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1729857
|
|
|
8a784f |
patch142: libxml2-2.9.1-CVE-2017-15412.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1714050
|
|
|
8a784f |
patch143: libxml2-2.9.1-CVE-2016-5131.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1579211
|
|
|
8a784f |
patch144: libxml2-2.9.1-CVE-2017-18258.patch
|
|
|
8a784f |
# https://bugzilla.redhat.com/show_bug.cgi?id=1622715
|
|
|
8a784f |
patch145: libxml2-2.9.1-CVE-2018-14567.patch
|
|
|
1b2bf5 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1793000
|
|
|
1b2bf5 |
patch146: libxml2-2.9.1-CVE-2019-19956.patch
|
|
|
1b2bf5 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1810057
|
|
|
1b2bf5 |
patch147: libxml2-2.9.1-CVE-2019-20388.patch
|
|
|
1b2bf5 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1810073
|
|
|
1b2bf5 |
patch148: libxml2-2.9.1-CVE-2020-7595.patch
|
|
|
1b2bf5 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1812145
|
|
|
1b2bf5 |
patch149: libxml2-2.9.1-xsd-any.patch
|
|
|
7219eb |
# https://bugzilla.redhat.com/show_bug.cgi?id=1966916
|
|
|
7219eb |
patch150: libxml2-2.9.1-CVE-2016-4658.patch
|
|
|
1c8959 |
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%description
|
|
|
bbdd21 |
This library allows to manipulate XML files. It includes support
|
|
|
bbdd21 |
to read, modify and write XML and HTML files. There is DTDs support
|
|
|
bbdd21 |
this includes parsing and validation even with complex DtDs, either
|
|
|
bbdd21 |
at parse time or later once the document has been modified. The output
|
|
|
bbdd21 |
can be a simple SAX stream or and in-memory DOM like representations.
|
|
|
bbdd21 |
In this case one can use the built-in XPath and XPointer implementation
|
|
|
bbdd21 |
to select sub nodes or ranges. A flexible Input/Output mechanism is
|
|
|
bbdd21 |
available, with existing HTTP and FTP modules and combined to an
|
|
|
bbdd21 |
URI library.
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%package devel
|
|
|
bbdd21 |
Summary: Libraries, includes, etc. to develop XML and HTML applications
|
|
|
bbdd21 |
Group: Development/Libraries
|
|
|
bbdd21 |
Requires: libxml2 = %{version}-%{release}
|
|
|
bbdd21 |
Requires: zlib-devel
|
|
|
bbdd21 |
Requires: xz-devel
|
|
|
bbdd21 |
Requires: pkgconfig
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%description devel
|
|
|
bbdd21 |
Libraries, include files, etc you can use to develop XML applications.
|
|
|
bbdd21 |
This library allows to manipulate XML files. It includes support
|
|
|
bbdd21 |
to read, modify and write XML and HTML files. There is DTDs support
|
|
|
bbdd21 |
this includes parsing and validation even with complex DtDs, either
|
|
|
bbdd21 |
at parse time or later once the document has been modified. The output
|
|
|
bbdd21 |
can be a simple SAX stream or and in-memory DOM like representations.
|
|
|
bbdd21 |
In this case one can use the built-in XPath and XPointer implementation
|
|
|
bbdd21 |
to select sub nodes or ranges. A flexible Input/Output mechanism is
|
|
|
bbdd21 |
available, with existing HTTP and FTP modules and combined to an
|
|
|
bbdd21 |
URI library.
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%package static
|
|
|
bbdd21 |
Summary: Static library for libxml2
|
|
|
bbdd21 |
Group: Development/Libraries
|
|
|
bbdd21 |
Requires: libxml2 = %{version}-%{release}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%description static
|
|
|
bbdd21 |
Static library for libxml2 provided for specific uses or shaving a few
|
|
|
bbdd21 |
microseconds when parsing, do not link to them for generic purpose packages.
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%package python
|
|
|
bbdd21 |
Summary: Python bindings for the libxml2 library
|
|
|
bbdd21 |
Group: Development/Libraries
|
|
|
bbdd21 |
Requires: libxml2 = %{version}-%{release}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%description python
|
|
|
bbdd21 |
The libxml2-python package contains a module that permits applications
|
|
|
bbdd21 |
written in the Python programming language to use the interface
|
|
|
bbdd21 |
supplied by the libxml2 library to manipulate XML files.
|
|
|
bbdd21 |
|
|
|
bbdd21 |
This library allows to manipulate XML files. It includes support
|
|
|
bbdd21 |
to read, modify and write XML and HTML files. There is DTDs support
|
|
|
bbdd21 |
this includes parsing and validation even with complex DTDs, either
|
|
|
bbdd21 |
at parse time or later once the document has been modified.
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%prep
|
|
|
bbdd21 |
%setup -q
|
|
|
bbdd21 |
%patch0 -p1
|
|
|
bbdd21 |
# workaround for #877567 - Very weird bug gzip decompression bug in "recent" libxml2 versions
|
|
|
bbdd21 |
%patch1 -p1 -b .do-not-check-crc
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%patch100 -p1
|
|
|
8f6325 |
%patch101 -p1
|
|
|
0c7906 |
%patch102 -p1
|
|
|
0c7906 |
%patch103 -p1
|
|
|
0c7906 |
%patch104 -p1
|
|
|
267d54 |
%patch105 -p1
|
|
|
267d54 |
%patch106 -p1
|
|
|
267d54 |
%patch107 -p1
|
|
|
267d54 |
%patch108 -p1
|
|
|
267d54 |
%patch109 -p1
|
|
|
267d54 |
%patch110 -p1
|
|
|
267d54 |
%patch111 -p1
|
|
|
267d54 |
%patch112 -p1
|
|
|
267d54 |
%patch113 -p1
|
|
|
267d54 |
%patch114 -p1
|
|
|
267d54 |
%patch115 -p1
|
|
|
267d54 |
%patch116 -p1
|
|
|
267d54 |
%patch117 -p1
|
|
|
267d54 |
%patch118 -p1
|
|
|
267d54 |
%patch119 -p1
|
|
|
267d54 |
%patch120 -p1
|
|
|
267d54 |
%patch121 -p1
|
|
|
267d54 |
%patch122 -p1
|
|
|
267d54 |
%patch123 -p1
|
|
|
267d54 |
%patch124 -p1
|
|
|
1c8959 |
%patch125 -p1
|
|
|
1c8959 |
%patch126 -p1
|
|
|
1c8959 |
%patch127 -p1
|
|
|
1c8959 |
%patch128 -p1
|
|
|
1c8959 |
%patch129 -p1
|
|
|
1c8959 |
%patch130 -p1
|
|
|
1c8959 |
%patch131 -p1
|
|
|
1c8959 |
%patch132 -p1
|
|
|
1c8959 |
%patch133 -p1
|
|
|
1c8959 |
%patch134 -p1
|
|
|
1c8959 |
%patch135 -p1
|
|
|
1c8959 |
%patch136 -p1
|
|
|
1c8959 |
%patch137 -p1
|
|
|
1c8959 |
%patch138 -p1
|
|
|
1c8959 |
%patch139 -p1
|
|
|
8a784f |
%patch140 -p1
|
|
|
8a784f |
%patch141 -p1
|
|
|
8a784f |
%patch142 -p1
|
|
|
8a784f |
%patch143 -p1
|
|
|
8a784f |
%patch144 -p1
|
|
|
8a784f |
%patch145 -p1
|
|
|
1b2bf5 |
%patch146 -p1
|
|
|
1b2bf5 |
%patch147 -p1
|
|
|
1b2bf5 |
%patch148 -p1
|
|
|
1b2bf5 |
%patch149 -p1
|
|
|
7219eb |
%patch150 -p1
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%build
|
|
|
bbdd21 |
%configure
|
|
|
bbdd21 |
make %{_smp_mflags}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%install
|
|
|
bbdd21 |
rm -fr %{buildroot}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
make install DESTDIR=%{buildroot}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
# multiarch crazyness on timestamp differences or Makefile/binaries for examples
|
|
|
bbdd21 |
touch -m --reference=$RPM_BUILD_ROOT/%{_includedir}/libxml2/libxml/parser.h $RPM_BUILD_ROOT/%{_bindir}/xml2-config
|
|
|
bbdd21 |
|
|
|
bbdd21 |
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
|
|
bbdd21 |
rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.a
|
|
|
bbdd21 |
rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.la
|
|
|
bbdd21 |
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libxml2-%{version}/*
|
|
|
bbdd21 |
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libxml2-python-%{version}/*
|
|
|
bbdd21 |
(cd doc/examples ; make clean ; rm -rf .deps Makefile)
|
|
|
bbdd21 |
gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%check
|
|
|
bbdd21 |
make runtests
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%clean
|
|
|
bbdd21 |
rm -fr %{buildroot}
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%post -p /sbin/ldconfig
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%postun -p /sbin/ldconfig
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%files
|
|
|
bbdd21 |
%defattr(-, root, root)
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%doc AUTHORS NEWS README Copyright TODO
|
|
|
bbdd21 |
%doc %{_mandir}/man1/xmllint.1*
|
|
|
bbdd21 |
%doc %{_mandir}/man1/xmlcatalog.1*
|
|
|
bbdd21 |
%doc %{_mandir}/man3/libxml.3*
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%{_libdir}/lib*.so.*
|
|
|
bbdd21 |
%{_bindir}/xmllint
|
|
|
bbdd21 |
%{_bindir}/xmlcatalog
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%files devel
|
|
|
bbdd21 |
%defattr(-, root, root)
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%doc %{_mandir}/man1/xml2-config.1*
|
|
|
bbdd21 |
%doc AUTHORS NEWS README Copyright
|
|
|
bbdd21 |
%doc doc/*.html doc/html doc/*.gif doc/*.png
|
|
|
bbdd21 |
%doc doc/tutorial doc/libxml2-api.xml.gz
|
|
|
bbdd21 |
%doc doc/examples
|
|
|
bbdd21 |
%doc %dir %{_datadir}/gtk-doc/html/libxml2
|
|
|
bbdd21 |
%doc %{_datadir}/gtk-doc/html/libxml2/*.devhelp
|
|
|
bbdd21 |
%doc %{_datadir}/gtk-doc/html/libxml2/*.html
|
|
|
bbdd21 |
%doc %{_datadir}/gtk-doc/html/libxml2/*.png
|
|
|
bbdd21 |
%doc %{_datadir}/gtk-doc/html/libxml2/*.css
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%{_libdir}/lib*.so
|
|
|
bbdd21 |
%{_libdir}/*.sh
|
|
|
bbdd21 |
%{_includedir}/*
|
|
|
bbdd21 |
%{_bindir}/xml2-config
|
|
|
bbdd21 |
%{_datadir}/aclocal/libxml.m4
|
|
|
bbdd21 |
%{_libdir}/pkgconfig/libxml-2.0.pc
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%files static
|
|
|
bbdd21 |
%defattr(-, root, root)
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%{_libdir}/*a
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%files python
|
|
|
bbdd21 |
%defattr(-, root, root)
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%{_libdir}/python*/site-packages/libxml2.py*
|
|
|
bbdd21 |
%{_libdir}/python*/site-packages/drv_libxml2.py*
|
|
|
bbdd21 |
%{_libdir}/python*/site-packages/libxml2mod*
|
|
|
bbdd21 |
%doc python/TODO
|
|
|
bbdd21 |
%doc python/libxml2class.txt
|
|
|
bbdd21 |
%doc python/tests/*.py
|
|
|
bbdd21 |
%doc doc/*.py
|
|
|
bbdd21 |
%doc doc/python.html
|
|
|
bbdd21 |
|
|
|
bbdd21 |
%changelog
|
|
|
7219eb |
* Mon Sep 27 2021 David King <dking@redhat.com> - 2.9.1-6.6
|
|
|
7219eb |
- Fix CVE-2016-4658 (#1966916)
|
|
|
7219eb |
|
|
|
1b2bf5 |
* Wed Apr 22 2020 David King <dking@redhat.com> - 2.9.1-6.5
|
|
|
1b2bf5 |
- Fix CVE-2019-19956 (#1793000)
|
|
|
1b2bf5 |
- Fix CVE-2019-20388 (#1810057)
|
|
|
1b2bf5 |
- Fix CVE-2020-7595 (#1810073)
|
|
|
1b2bf5 |
- Fix xsd:any schema validation (#1812145)
|
|
|
1b2bf5 |
|
|
|
8a784f |
* Fri Nov 01 2019 David King <dking@redhat.com> - 2.9.1-6.4
|
|
|
8a784f |
- Fix CVE-2015-8035 (#1595697)
|
|
|
8a784f |
- Fix CVE-2018-14404 (#1602817)
|
|
|
8a784f |
- Fix CVE-2017-15412 (#1729857)
|
|
|
8a784f |
- Fix CVE-2016-5131 (#1714050)
|
|
|
8a784f |
- Fix CVE-2017-18258 (#1579211)
|
|
|
8a784f |
- Fix CVE-2018-1456 (#1622715)
|
|
|
8a784f |
|
|
|
1c8959 |
* Mon Jun 6 2016 Daniel Veillard <veillard@redhat.com> - libxml2-2.9.1-6.3
|
|
|
1c8959 |
- Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
|
|
|
1c8959 |
- Bug 763071: Heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071> (CVE-2016-1834)
|
|
|
1c8959 |
- Bug 757711: Heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (CVE-2016-1840)
|
|
|
1c8959 |
- Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (CVE-2016-1838)
|
|
|
1c8959 |
- Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (CVE-2016-1839)
|
|
|
1c8959 |
- Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (CVE-2016-1836)
|
|
|
1c8959 |
- Fix inappropriate fetch of entities content (CVE-2016-4449)
|
|
|
1c8959 |
- Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (CVE-2016-1837)
|
|
|
1c8959 |
- Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
|
|
|
1c8959 |
- Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
|
|
|
1c8959 |
- Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
|
|
|
1c8959 |
- Add missing increments of recursion depth counter to XML parser. (CVE-2016-3705)
|
|
|
1c8959 |
- Avoid building recursive entities (CVE-2016-3627)
|
|
|
1c8959 |
- Fix some format string warnings with possible format string vulnerability (CVE-2016-4448)
|
|
|
1c8959 |
- More format string warnings with possible format string vulnerability (CVE-2016-4448)
|
|
|
1c8959 |
|
|
|
267d54 |
* Mon Nov 30 2015 Daniel Veillard <veillard@redhat.com> - 2.9.1-6.2
|
|
|
267d54 |
- Fix a series of CVEs (rhbz#1286496)
|
|
|
267d54 |
- CVE-2015-7941 Stop parsing on entities boundaries errors
|
|
|
267d54 |
- CVE-2015-7941 Cleanup conditional section error handling
|
|
|
267d54 |
- CVE-2015-8317 Fail parsing early on if encoding conversion failed
|
|
|
267d54 |
- CVE-2015-7942 Another variation of overflow in Conditional sections
|
|
|
267d54 |
- CVE-2015-7942 Fix an error in previous Conditional section patch
|
|
|
267d54 |
- Fix parsing short unclosed comment uninitialized access
|
|
|
267d54 |
- CVE-2015-7498 Avoid processing entities after encoding conversion failures
|
|
|
267d54 |
- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
|
|
|
267d54 |
- CVE-2015-5312 Another entity expansion issue
|
|
|
267d54 |
- CVE-2015-7499 Add xmlHaltParser() to stop the parser
|
|
|
267d54 |
- CVE-2015-7499 Detect incoherency on GROW
|
|
|
267d54 |
- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
|
|
|
267d54 |
- CVE-2015-8242 Buffer overead with HTML parser in push mode
|
|
|
267d54 |
- CVE-2015-1819 Enforce the reader to run in constant memory
|
|
|
267d54 |
|
|
|
267d54 |
* Mon Mar 23 2015 Daniel Veillard <veillard@redhat.com> - 2.9.1-6
|
|
|
0c7906 |
- Fix missing entities after CVE-2014-3660 fix
|
|
|
267d54 |
- CVE-2014-0191 Do not fetch external parameter entities (rhbz#1195650)
|
|
|
0c7906 |
- Fix regressions introduced by CVE-2014-0191 patch
|
|
|
0c7906 |
|
|
|
8f6325 |
* Sat Oct 11 2014 Daniel Veillard <veillard@redhat.com> - 2.9.1-5.1
|
|
|
8f6325 |
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087)
|
|
|
8f6325 |
|
|
|
1897d6 |
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.9.1-5
|
|
|
1897d6 |
- Mass rebuild 2014-01-24
|
|
|
1897d6 |
|
|
|
1897d6 |
* Wed Jan 15 2014 Daniel Veillard <veillard@redhat.com> - 2.9.1-4
|
|
|
1897d6 |
- rebuild to activate -O3 on ppc64 rhbz#1051068
|
|
|
1897d6 |
|
|
|
1897d6 |
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 2.9.1-3
|
|
|
1897d6 |
- Mass rebuild 2013-12-27
|
|
|
1897d6 |
|
|
|
bbdd21 |
* Fri Nov 15 2013 Daniel Veillard <veillard@redhat.com> - 2.9.1-2
|
|
|
bbdd21 |
- Fix a regression in xmlGetDocCompressMode() rhbz#963716
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Apr 19 2013 Daniel Veillard <veillard@redhat.com> - 2.9.1-1
|
|
|
bbdd21 |
- upstream release of 2.9.1
|
|
|
bbdd21 |
- a couple more API entry point
|
|
|
bbdd21 |
- compatibility with python3
|
|
|
bbdd21 |
- a lot of bug fixes
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Feb 11 2013 Daniel Veillard <veillard@redhat.com> - 2.9.0-4
|
|
|
bbdd21 |
- fix --nocheck build which I broke in october rhbz#909767
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Nov 19 2012 Jaroslav Reznik <jreznik@redhat.com> - 2.9.0-3
|
|
|
bbdd21 |
- workaround for crc/len check failure, rhbz#877567
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Oct 11 2012 Daniel Veillard <veillard@redhat.com> - 2.9.0-2
|
|
|
bbdd21 |
- remaining cleanups from merge bug rhbz#226079
|
|
|
bbdd21 |
- do not put the docs in the main package, only in -devel rhbz#864731
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Sep 11 2012 Daniel Veillard <veillard@redhat.com> - 2.9.0-1
|
|
|
bbdd21 |
- upstream release of 2.9.0
|
|
|
bbdd21 |
- A few new API entry points
|
|
|
bbdd21 |
- More resilient push parser mode
|
|
|
bbdd21 |
- A lot of portability improvement
|
|
|
bbdd21 |
- Faster XPath evaluation
|
|
|
bbdd21 |
- a lot of bug fixes and smaller improvement
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Aug 10 2012 Daniel Veillard <veillard@redhat.com> - 2.9.0-0rc1
|
|
|
bbdd21 |
- upstream release candidate 1 of 2.9.0
|
|
|
bbdd21 |
- introduce a small API change, but ABI compatible, see
|
|
|
bbdd21 |
https://mail.gnome.org/archives/xml/2012-August/msg00005.html
|
|
|
bbdd21 |
patches for php, gcc/libjava and evolution-data-connector are upstream
|
|
|
bbdd21 |
Grab me in cases of problems veillard@redhat.com
|
|
|
bbdd21 |
- many bug fixes including security aspects and small improvements
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.0-2
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed May 23 2012 Daniel Veillard <veillard@redhat.com> - 2.8.0-1
|
|
|
bbdd21 |
- upstream release of 2.8.0
|
|
|
bbdd21 |
- add lzma compression support
|
|
|
bbdd21 |
- many bug fixes and small improvements
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.8-7
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Mar 4 2011 Daniel Veillard <veillard@redhat.com> - 2.7.8-6
|
|
|
bbdd21 |
- fix a double free in XPath CVE-2010-4494 bug 665965
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.8-5
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Nov 5 2010 Daniel Veillard <veillard@redhat.com> - 2.7.8-4
|
|
|
bbdd21 |
- reactivate shared libs versionning script
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Nov 4 2010 Daniel Veillard <veillard@redhat.com> - 2.7.8-1
|
|
|
bbdd21 |
- Upstream release of 2.7.8
|
|
|
bbdd21 |
- various bug fixes, including potential crashes
|
|
|
bbdd21 |
- new non-destructive formatting option
|
|
|
bbdd21 |
- date parsing updated to RFC 5646
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 2.7.7-2
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Mar 15 2010 Daniel Veillard <veillard@redhat.com> - 2.7.7-1
|
|
|
bbdd21 |
- Upstream release of 2.7.7
|
|
|
bbdd21 |
- fix serious trouble with zlib >= 1.2.4
|
|
|
bbdd21 |
- xmllint new option --xpath
|
|
|
bbdd21 |
- various HTML parser improvements
|
|
|
bbdd21 |
- includes a number of nug fixes
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Oct 6 2009 Daniel Veillard <veillard@redhat.com> - 2.7.6-1
|
|
|
bbdd21 |
- Upstream release of 2.7.6
|
|
|
bbdd21 |
- restore thread support off by default in 2.7.5
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Sep 24 2009 Daniel Veillard <veillard@redhat.com> - 2.7.5-1
|
|
|
bbdd21 |
- Upstream release of 2.7.5
|
|
|
bbdd21 |
- fix a couple of Relax-NG validation problems
|
|
|
bbdd21 |
- couple more fixes
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Sep 15 2009 Daniel Veillard <veillard@redhat.com> - 2.7.4-2
|
|
|
bbdd21 |
- fix a problem with little data at startup affecting inkscape #523002
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Sep 10 2009 Daniel Veillard <veillard@redhat.com> - 2.7.4-1
|
|
|
bbdd21 |
- upstream release 2.7.4
|
|
|
bbdd21 |
- symbol versioning of libxml2 shared libs
|
|
|
bbdd21 |
- very large number of bug fixes
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Aug 10 2009 Daniel Veillard <veillard@redhat.com> - 2.7.3-4
|
|
|
bbdd21 |
- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.3-3
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.3-2
|
|
|
bbdd21 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Sun Jan 18 2009 Daniel Veillard <veillard@redhat.com> - 2.7.3-1
|
|
|
bbdd21 |
- new release 2.7.3
|
|
|
bbdd21 |
- limit default max size of text nodes
|
|
|
bbdd21 |
- special parser mode for PHP
|
|
|
bbdd21 |
- bug fixes and more compiler checks
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Dec 3 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 2.7.2-7
|
|
|
bbdd21 |
- Pull back into Python 2.6
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Dec 3 2008 Caolán McNamara <caolanm@redhat.com> - 2.7.2-6
|
|
|
bbdd21 |
- AutoProvides requires BuildRequires pkgconfig
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Dec 3 2008 Caolán McNamara <caolanm@redhat.com> - 2.7.2-5
|
|
|
bbdd21 |
- rebuild to get provides(libxml-2.0) into HEAD rawhide
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Dec 1 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 2.7.2-4
|
|
|
bbdd21 |
- Rebuild for pkgconfig logic
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Nov 28 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 2.7.2-3
|
|
|
bbdd21 |
- Rebuild for Python 2.6
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Nov 12 2008 Daniel Veillard <veillard@redhat.com> - 2.7.2-2.fc11
|
|
|
bbdd21 |
- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Oct 3 2008 Daniel Veillard <veillard@redhat.com> 2.7.2-1.fc10
|
|
|
bbdd21 |
- new release 2.7.2
|
|
|
bbdd21 |
- Fixes the known problems in 2.7.1
|
|
|
bbdd21 |
- increase the set of options when saving documents
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Oct 2 2008 Daniel Veillard <veillard@redhat.com> 2.7.1-2.fc10
|
|
|
bbdd21 |
- fix a nasty bug in 2.7.x, http://bugzilla.gnome.org/show_bug.cgi?id=554660
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Sep 1 2008 Daniel Veillard <veillard@redhat.com> 2.7.1-1.fc10
|
|
|
bbdd21 |
- fix python serialization which was broken in 2.7.0
|
|
|
bbdd21 |
- Resolve: rhbz#460774
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Sat Aug 30 2008 Daniel Veillard <veillard@redhat.com> 2.7.0-1.fc10
|
|
|
bbdd21 |
- upstream release of 2.7.0
|
|
|
bbdd21 |
- switch to XML 1.0 5th edition
|
|
|
bbdd21 |
- switch to RFC 3986 for URI parsing
|
|
|
bbdd21 |
- better entity handling
|
|
|
bbdd21 |
- option to remove hardcoded limitations in the parser
|
|
|
bbdd21 |
- more testing
|
|
|
bbdd21 |
- a new API to allocate entity nodes
|
|
|
bbdd21 |
- and lot of fixes and clanups
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Mon Aug 25 2008 Daniel Veillard <veillard@redhat.com> 2.6.32-4.fc10
|
|
|
bbdd21 |
- fix for entities recursion problem
|
|
|
bbdd21 |
- Resolve: rhbz#459714
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri May 30 2008 Daniel Veillard <veillard@redhat.com> 2.6.32-3.fc10
|
|
|
bbdd21 |
- cleanup based on Fedora packaging guidelines, should fix #226079
|
|
|
bbdd21 |
- separate a -static package
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu May 15 2008 Daniel Veillard <veillard@redhat.com> 2.6.32-2.fc10
|
|
|
bbdd21 |
- try to fix multiarch problems like #440206
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Apr 8 2008 Daniel Veillard <veillard@redhat.com> 2.6.32-1.fc9
|
|
|
bbdd21 |
- upstream release 2.6.32 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- many bug fixed upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Feb 20 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.6.31-2
|
|
|
bbdd21 |
- Autorebuild for GCC 4.3
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Fri Jan 11 2008 Daniel Veillard <veillard@redhat.com> 2.6.31-1.fc9
|
|
|
bbdd21 |
- upstream release 2.6.31 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- many bug fixed upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Aug 23 2007 Daniel Veillard <veillard@redhat.com> 2.6.30-1
|
|
|
bbdd21 |
- upstream release 2.6.30 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- many bug fixed upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Jun 12 2007 Daniel Veillard <veillard@redhat.com> 2.6.29-1
|
|
|
bbdd21 |
- upstream release 2.6.29 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- many bug fixed upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed May 16 2007 Matthias Clasen <mclasen@redhat.com> 2.6.28-2
|
|
|
bbdd21 |
- Bump revision to fix N-V-R problem
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Apr 17 2007 Daniel Veillard <veillard@redhat.com> 2.6.28-1
|
|
|
bbdd21 |
- upstream release 2.6.28 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- many bug fixed upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 2.6.27-2
|
|
|
bbdd21 |
- rebuild against python 2.5
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Oct 25 2006 Daniel Veillard <veillard@redhat.com> 2.6.27-1
|
|
|
bbdd21 |
- upstream release 2.6.27 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
- very large amount of bug fixes reported upstream
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.6.26-2.1.1
|
|
|
bbdd21 |
- rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.6.26-2.1
|
|
|
bbdd21 |
- rebuild
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Wed Jun 7 2006 Daniel Veillard <veillard@redhat.com> 2.6.26-2
|
|
|
bbdd21 |
- fix bug #192873
|
|
|
bbdd21 |
* Tue Jun 6 2006 Daniel Veillard <veillard@redhat.com> 2.6.26-1
|
|
|
bbdd21 |
- upstream release 2.6.26 see http://xmlsoft.org/news.html
|
|
|
bbdd21 |
|
|
|
bbdd21 |
* Tue Jun 6 2006 Daniel Veillard <veillard@redhat.com>
|
|
|
bbdd21 |
- upstream release 2.6.25 broken, do not ship !
|
|
|
bbdd21 |
|