- Version update to 2.9.10:
* Portability:
+ Fix exponent digits when running tests under old MSVC
+ Work around buggy ceil() function on AIX
+ Don't call printf with NULL string in runtest.c
+ Switched from unsigned long to ptrdiff_t in parser.c
+ timsort.h: support older GCCs
+ Make configure.ac work with older pkg-config
* Bug Fixes:
+ Fix for conditional sections at end of document
+ Make sure that Python tests exit with error code
+ Audit memory error handling in xpath.c
+ Fix error code in xmlTextWriterStartDocument
+ Fix integer overflow when counting written bytes
+ Fix uninitialized memory access in HTML parser
+ Fix memory leak in xmlSchemaValAtomicType
+ Disallow conditional sections in internal subset
+ Fix use-after-free in xmlTextReaderFreeNodeList
+ Fix Regextests
+ Fix empty branch in regex
+ Fix integer overflow in entity recursion check
+ Don't read external entities or XIncludes from stdin
+ Fix Schema determinism check of ##other namespaces
+ Fix potential null deref in xmlSchemaIDCFillNodeTables
+ Fix potential memory leak in xmlBufBackToBuffer
+ Fix error message when processing XIncludes with fallbacks
+ Fix memory leak in xmlRegEpxFromParse
+ 14:00 is a valid timezone for xs:dateTime
+ Fix memory leak in xmlParseBalancedChunkMemoryRecover
+ Fix potential null deref in xmlRelaxNGParsePatterns
OBS-URL: https://build.opensuse.org/request/show/748960
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=139
- Enable tests also in the python subpackages
- Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH
to avoid nodeset limit when processing large XML files [bsc#1135123]
* Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
- Merge python-libxml2-python spec and changes files into the
libxml2 ones using _multibuild [bsc#1126499, bsc#1123919]
- Add libxml2-python3-string-null-check.patch: fix NULL pointer
dereference when parsing invalid data (bsc#1065270
glgo#libxml2!15).).
- Drop patch python3.6-verify_fd.patch merged upstream
- clean with spec-cleaner
- libxml2-python3-unicode-errors.patch: work around an issue with
libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270)
- convert to singlespec, build a python 3 version
- change build instructions to use setup.py (and %python_build macros)
instead of makefile-based approach
- add python3.6-verify_fd.patch that fixes libxml2 on python 3.6
- rename to python-libxml2-python to conform to package naming policy
(PyPI name is "libxml2-python")
- buildignore python to avoid build cycle
* please see ChangeLog for more info
- fix version
OBS-URL: https://build.opensuse.org/request/show/720054
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=134
- Version update to 2.9.9:
* Security:
+ CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA
decompression (boo#1088279 boo#1105166).
+ CVE-2018-14404 Fix nullptr deref with XPath logic ops
(boo#1102046).
* Bug fixes:
+ Fix building relative URIs
+ Problem with data in interleave in RelaxNG validation
+ Fix memory leak in xmlSwitchInputEncodingInt error path
+ Set doc on element obtained from freeElems
+ Fix HTML serialization with UTF-8 encoding
+ Use actual doc in xmlTextReaderRead*Xml
+ Unlink node before freeing it in xmlSAX2StartElement
+ Check return value of nodePush in xmlSAX2StartElement
+ Free input buffer in xmlHaltParser
+ Reset HTML parser input pointers on encoding failure
+ Fix xmlSchemaValidCtxtPtr reuse memory leak
+ Fix xmlTextReaderNext with preparsed document
+ HTML noscript should not close p
+ Don't change context node in xmlXPathRoot
* Improvements:
+ Remove redefined starts and defines inside include elements
+ Allow choice within choice in nameClass in RELAX NG
+ Look inside divs for starts and defines inside include
+ Add newlines to 'xmllint --xpath' output
+ Don't include SAX.h from globals.h
+ Support xmlTextReaderNextSibling w/o preparsed doc
+ Improve restoring of context size and position
+ Simplify and harden nodeset filtering
OBS-URL: https://build.opensuse.org/request/show/668947
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=132
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations
- Version update to 2.9.8:
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations
- Drop patch python3.6-verify_fd.patch merged upstream
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=127
- Version update to 2.9.7 release:
* Bug Fixes:
+ xmlcatalog: restore ability to query system catalog easily
+ Fix comparison of nodesets to strings
* Improvements:
+ Add Makefile rules to rebuild HTML man pages
+ Remove generated file python/setup.py from version control
+ Fix mixed decls and code in timsort.h
+ Rework handling of return values in thread tests
+ Fix unused variable warnings in testrecurse
+ Fix -Wimplicit-fallthrough warnings
+ Upgrade timsort.h to latest revision
+ Fix a couple of warnings in dict.c and threads.c
+ Fix unused variable warnings in nanohttp.c
+ Don't include winsock2.h in xmllint.c
+ Use __linux__ macro in generated code
* Portability:
+ Add declaration for DllMain
+ Fix preprocessor conditional in threads.h
+ Fix macro redefinition warning
+ many Windows specific improvements
* Documentation:
+ xmlcatalog: refresh man page wrt. quering system catalog easily
- Includes bug fixes from 2.9.6:
* Fix XPath stack frame logic
* Report undefined XPath variable error message
* Fix regression with librsvg
* Handle more invalid entity values in recovery mode
* Fix structured validation errors
* Fix memory leak in LZMA decompressor
* Set memory limit for LZMA decompression
* Handle illegal entity values in recovery mode
* Fix debug dump of streaming XPath expressions
* Fix memory leak in nanoftp
* Fix memory leaks in SAX1 parser
- Drop libxml2-bug787941.patch
* upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8
- clean with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/540750
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=125
* Merged all the previous cve fixes that were patched in
* Few small tweaks
- Remove merged patches:
* libxml2-CVE-2016-4658.patch
* libxml2-CVE-2017-0663.patch
* libxml2-CVE-2017-5969.patch
* libxml2-CVE-2017-9047.patch
* libxml2-CVE-2017-9048.patch
* libxml2-CVE-2017-9049.patch
* libxml2-2.9.4-fix_attribute_decoding.patch
- Version update to 2.9.5 release:
* Merged all the previous cve fixes that were patched in
* Few small tweaks
- Remove merged patches:
* libxml2-CVE-2016-4658.patch
* libxml2-CVE-2017-0663.patch
* libxml2-CVE-2017-5969.patch
* libxml2-CVE-2017-9047.patch
* libxml2-CVE-2017-9048.patch
* libxml2-CVE-2017-9049.patch
* libxml2-2.9.4-fix_attribute_decoding.patch
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=117
- update to 2.9.2
* drop libxml2-CVE-2014-3660.patch (upstream)
* add keyring to verify tarball
Security:
Fix for CVE-2014-3660 billion laugh variant
CVE-2014-0191 Do not fetch external parameter entities
Improvements:
win32/libxml2.def.src after rebuild in doc
elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement()
elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode
Provide cmake module
Fix a couple of issues raised by make dist
Fix and add const qualifiers
Preparing for upcoming release of 2.9.2
Fix zlib and lzma libraries check via command line
wrong error column in structured error when parsing end tag
doc/news.html: small update to avoid line join while generating NEWS.
Add methods for python3 iterator
Support element node traversal in document fragments
xmlNodeSetName: Allow setting the name to a substring of the currently set name
Added macros for argument casts
adding init calls to xml and html Read parsing entry points
Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c
Implement choice for name classes on attributes
Two small namespace tweaks
xmllint --memory should fail on empty files
Cast encoding name to char pointer to match arg type
OBS-URL: https://build.opensuse.org/request/show/259159
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=96
