- Update to version 2.10.1:
* Regressions: Fix xmlCtxtReadDoc with encoding
* Bug fixes: Fix HTML parser with threads and --without-legacy
* Build system:
+ Fix build with Python 3.10
+ cmake: Disable version script on macOS
+ Remove Makefile rule to build testapi.c
* Documentation:
+ Switch back to HTML output for API documentation
+ Port doc/examples/index.py to Python 3
+ Fix order of exports in libxml2-api.xml
+ Remove libxml2-refs.xml
OBS-URL: https://build.opensuse.org/request/show/999277
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=176
- Update to 2.10.0:
* Security
+ [CVE-2022-2309] Reset nsNr in xmlCtxtReset
+ Reserve byte for NUL terminator and report errors consistently in xmlBuf and
xmlBuffer
+ Fix missing NUL terminators in xmlBuf and xmlBuffer functions
+ Fix integer overflow in xmlBufferDump()
+ xmlBufAvail() should return length without including a byte for NUL
terminator
+ Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc()
+ Use xmlNewDocText in xmlXIncludeCopyRange
+ Fix use-after-free bugs when calling xmlTextReaderClose() before
xmlFreeTextReader() on post-validating parser
+ Use UPDATE_COMPAT() consistently in buf.c
+ fix: xmlXPathParserContext could be double-delete in OOM case.
* Removals and deprecations
+ Disable XPointer location support by default
+ Remove outdated xml2Conf.sh
+ Deprecate module init and cleanup functions
+ Remove obsolete XML Software Autoupdate (XSA) file
+ Remove DOCBparser
+ Remove obsolete Python test framework
+ Remove broken VxWorks support
+ Remove broken Mac OS 9 support
+ Remove broken bakefile support
+ Remove broken Visual Studio 2010 support
+ Remove broken Windows CE support
+ Deprecate IDREF-related functions in valid.h
+ Deprecate legacy functions
+ Disable legacy support by default
OBS-URL: https://build.opensuse.org/request/show/997729
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=175
- Version update to 2.9.10:
* Portability:
+ Fix exponent digits when running tests under old MSVC
+ Work around buggy ceil() function on AIX
+ Don't call printf with NULL string in runtest.c
+ Switched from unsigned long to ptrdiff_t in parser.c
+ timsort.h: support older GCCs
+ Make configure.ac work with older pkg-config
* Bug Fixes:
+ Fix for conditional sections at end of document
+ Make sure that Python tests exit with error code
+ Audit memory error handling in xpath.c
+ Fix error code in xmlTextWriterStartDocument
+ Fix integer overflow when counting written bytes
+ Fix uninitialized memory access in HTML parser
+ Fix memory leak in xmlSchemaValAtomicType
+ Disallow conditional sections in internal subset
+ Fix use-after-free in xmlTextReaderFreeNodeList
+ Fix Regextests
+ Fix empty branch in regex
+ Fix integer overflow in entity recursion check
+ Don't read external entities or XIncludes from stdin
+ Fix Schema determinism check of ##other namespaces
+ Fix potential null deref in xmlSchemaIDCFillNodeTables
+ Fix potential memory leak in xmlBufBackToBuffer
+ Fix error message when processing XIncludes with fallbacks
+ Fix memory leak in xmlRegEpxFromParse
+ 14:00 is a valid timezone for xs:dateTime
+ Fix memory leak in xmlParseBalancedChunkMemoryRecover
+ Fix potential null deref in xmlRelaxNGParsePatterns
OBS-URL: https://build.opensuse.org/request/show/748960
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=139
- Enable tests also in the python subpackages
- Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH
to avoid nodeset limit when processing large XML files [bsc#1135123]
* Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
- Merge python-libxml2-python spec and changes files into the
libxml2 ones using _multibuild [bsc#1126499, bsc#1123919]
- Add libxml2-python3-string-null-check.patch: fix NULL pointer
dereference when parsing invalid data (bsc#1065270
glgo#libxml2!15).).
- Drop patch python3.6-verify_fd.patch merged upstream
- clean with spec-cleaner
- libxml2-python3-unicode-errors.patch: work around an issue with
libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270)
- convert to singlespec, build a python 3 version
- change build instructions to use setup.py (and %python_build macros)
instead of makefile-based approach
- add python3.6-verify_fd.patch that fixes libxml2 on python 3.6
- rename to python-libxml2-python to conform to package naming policy
(PyPI name is "libxml2-python")
- buildignore python to avoid build cycle
* please see ChangeLog for more info
- fix version
OBS-URL: https://build.opensuse.org/request/show/720054
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=134
- Version update to 2.9.9:
* Security:
+ CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA
decompression (boo#1088279 boo#1105166).
+ CVE-2018-14404 Fix nullptr deref with XPath logic ops
(boo#1102046).
* Bug fixes:
+ Fix building relative URIs
+ Problem with data in interleave in RelaxNG validation
+ Fix memory leak in xmlSwitchInputEncodingInt error path
+ Set doc on element obtained from freeElems
+ Fix HTML serialization with UTF-8 encoding
+ Use actual doc in xmlTextReaderRead*Xml
+ Unlink node before freeing it in xmlSAX2StartElement
+ Check return value of nodePush in xmlSAX2StartElement
+ Free input buffer in xmlHaltParser
+ Reset HTML parser input pointers on encoding failure
+ Fix xmlSchemaValidCtxtPtr reuse memory leak
+ Fix xmlTextReaderNext with preparsed document
+ HTML noscript should not close p
+ Don't change context node in xmlXPathRoot
* Improvements:
+ Remove redefined starts and defines inside include elements
+ Allow choice within choice in nameClass in RELAX NG
+ Look inside divs for starts and defines inside include
+ Add newlines to 'xmllint --xpath' output
+ Don't include SAX.h from globals.h
+ Support xmlTextReaderNextSibling w/o preparsed doc
+ Improve restoring of context size and position
+ Simplify and harden nodeset filtering
OBS-URL: https://build.opensuse.org/request/show/668947
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=132
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations
- Version update to 2.9.8:
* Various -Werror fixes and compilation updates as travis is now
used by upstream
* Few additional tests added for ICU operations
- Drop patch python3.6-verify_fd.patch merged upstream
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=127
- Version update to 2.9.7 release:
* Bug Fixes:
+ xmlcatalog: restore ability to query system catalog easily
+ Fix comparison of nodesets to strings
* Improvements:
+ Add Makefile rules to rebuild HTML man pages
+ Remove generated file python/setup.py from version control
+ Fix mixed decls and code in timsort.h
+ Rework handling of return values in thread tests
+ Fix unused variable warnings in testrecurse
+ Fix -Wimplicit-fallthrough warnings
+ Upgrade timsort.h to latest revision
+ Fix a couple of warnings in dict.c and threads.c
+ Fix unused variable warnings in nanohttp.c
+ Don't include winsock2.h in xmllint.c
+ Use __linux__ macro in generated code
* Portability:
+ Add declaration for DllMain
+ Fix preprocessor conditional in threads.h
+ Fix macro redefinition warning
+ many Windows specific improvements
* Documentation:
+ xmlcatalog: refresh man page wrt. quering system catalog easily
- Includes bug fixes from 2.9.6:
* Fix XPath stack frame logic
* Report undefined XPath variable error message
* Fix regression with librsvg
* Handle more invalid entity values in recovery mode
* Fix structured validation errors
* Fix memory leak in LZMA decompressor
* Set memory limit for LZMA decompression
* Handle illegal entity values in recovery mode
* Fix debug dump of streaming XPath expressions
* Fix memory leak in nanoftp
* Fix memory leaks in SAX1 parser
- Drop libxml2-bug787941.patch
* upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8
- clean with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/540750
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=125
* Merged all the previous cve fixes that were patched in
* Few small tweaks
- Remove merged patches:
* libxml2-CVE-2016-4658.patch
* libxml2-CVE-2017-0663.patch
* libxml2-CVE-2017-5969.patch
* libxml2-CVE-2017-9047.patch
* libxml2-CVE-2017-9048.patch
* libxml2-CVE-2017-9049.patch
* libxml2-2.9.4-fix_attribute_decoding.patch
- Version update to 2.9.5 release:
* Merged all the previous cve fixes that were patched in
* Few small tweaks
- Remove merged patches:
* libxml2-CVE-2016-4658.patch
* libxml2-CVE-2017-0663.patch
* libxml2-CVE-2017-5969.patch
* libxml2-CVE-2017-9047.patch
* libxml2-CVE-2017-9048.patch
* libxml2-CVE-2017-9049.patch
* libxml2-2.9.4-fix_attribute_decoding.patch
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=117
