From 48082ed3b07cff1406c71072672020041526debc5f5c61f9ba8f5ac15bed106b Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Tue, 12 Nov 2024 15:45:27 +0000 Subject: [PATCH] checkin OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=120 --- .gitattributes | 23 + .gitignore | 1 + baselibs.conf | 7 + expat-2.6.2.tar.xz | 3 + expat-2.6.2.tar.xz.asc | 16 + expat-2.6.4.tar.xz | 3 + expat-2.6.4.tar.xz.asc | 16 + expat.changes | 1249 ++++++++++++++++++++++++++++++++++++++++ expat.keyring | 235 ++++++++ expat.spec | 118 ++++ expatfaq.html | 100 ++++ 11 files changed, 1771 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 baselibs.conf create mode 100644 expat-2.6.2.tar.xz create mode 100644 expat-2.6.2.tar.xz.asc create mode 100644 expat-2.6.4.tar.xz create mode 100644 expat-2.6.4.tar.xz.asc create mode 100644 expat.changes create mode 100644 expat.keyring create mode 100644 expat.spec create mode 100644 expatfaq.html diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..46861b8 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,7 @@ +expat +libexpat1 + obsoletes "expat-" + provides "expat-" +libexpat-devel + requires -libexpat- + requires "libexpat1- = " diff --git a/expat-2.6.2.tar.xz b/expat-2.6.2.tar.xz new file mode 100644 index 0000000..9e310f5 --- /dev/null +++ b/expat-2.6.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ee14b4c5d8908b1bec37ad937607eab183d4d9806a08adee472c3c3121d27364 +size 485236 diff --git a/expat-2.6.2.tar.xz.asc b/expat-2.6.2.tar.xz.asc new file mode 100644 index 0000000..d7b4a9c --- /dev/null +++ b/expat-2.6.2.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAmXx2UUACgkQliYqz/vT +rsYCKw//X838HdkfERw6b0UaauHg3k5h5yzV/4gPzmVWlLhPaSFH6Ns69p7vvHz0 +xtSH0GQ4rp+l7GAjFoH5dzJxZ4g/EstYK+QJwOK7A9+gf86tbFt6pNj43u7bHqW2 +0p55xEoCcki+sZv1WX3VPe7NcCq7cs7UeOyOcqADZkmzcLkpHATh9kiA/LHe5WKp +jbAZthOCBG3S40xGib9KLZMR/fJ3RKaWsm+Jl+SABEQk5VmpOuoocboE+ZlTfEC/ +9F7czV28xHfdhfhP4nA328VgVPPP1atyVw0sO79fpnxmAFMZO31j/cGIyv4sQX1/ +2MLDbXWeEX6C2+ZCaTtNZbtxq7n+ydI9BAHWawN6BE2DNpt4w0x7m+QzrG207Y9r +jP+vFLC4winwaXoraJeZ18A7I5lOklNJ/iwzwVQHp+kLM1uGOuc5z/NWmBff1out +ErgjbAbINNIXEpjZ7AETUai0q2PJRucFsYxjYs19RKObbM8BLo7zbzL93QHm947R +46+iyemznYXQP2vsBjjQDzPhtyTk3evbRTWy5Mq0XXt8NSBrgGHGU4h35sQL3z2a +Qw6RhRRMIfrnntvDmLO2kbdBLmz4GQGfmmlUyvDtB6SivD3BWvX91lArfozad5Ve +pL8oFOu2ObHqCK6foTvwhYl05a7yaElwGX9vTBDsYT9Vqol0sKk= +=M9y2 +-----END PGP SIGNATURE----- diff --git a/expat-2.6.4.tar.xz b/expat-2.6.4.tar.xz new file mode 100644 index 0000000..79dce87 --- /dev/null +++ b/expat-2.6.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a695629dae047055b37d50a0ff4776d1d45d0a4c842cf4ccee158441f55ff7ee +size 486732 diff --git a/expat-2.6.4.tar.xz.asc b/expat-2.6.4.tar.xz.asc new file mode 100644 index 0000000..a7f4e0a --- /dev/null +++ b/expat-2.6.4.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAmcsGa8ACgkQliYqz/vT +rsYJMA/+NxOVa+kCFEzhMHD9RCumwFj7lfmJDPM6rroLi9GqnKc8165Ub7e+o3bq +fdPCIFiZkYTGpliU3Q9zlMEBTZ1TtsaqVGgjabK9YKf8ZTK1MUR2z/B6gWLfjo8F +knhj0KonqeRxtcKPSYs9xP+/sNlGkEQjZgrfo2Z9oX8Q7eNGn/fAxmbjhBhvILwG +mKmwwc8PSi7RCNLgaoyikhcddohclApXU1Qid1g6FwnxQ5aKXSeoPgu1bGrDiz6k +/RkO+KR1Yfkcty97CwVV5+4EHTB1aa/fk3gHgprHD9qx+NLeKyD4+44AxseCMiSS +FXP8S5Z2qaopIS6tvuKXiyH1mTCJQugFsxk3GnQBlgkvj4rypr8MnUAALam13OMh +ziRndeMR2ieJ1ASJYfkjLeXVi4pz/pnRECAUAxly5z8Zx5N+IX9bOgjpwhd6QtOt +rVbq3wgLKmlEch8KcsL4RpGGkiK5gchsqXDM/g0cCu8vNC8+pDO3sNIQJDsmySYt +X3ewzOv+Vj3LCoeospnyLjNBOh5upgm1s6iq6bsxr29FU1MfaP1awm7jtYmr7ch9 +wr24fPhXopp5emWnJP3O4GQj8Q1mcPFLmGy0wmVdnr8tzKzyHx9Q2WNhQUcYdnR1 +0qmKBSttGXPK4o+/7Q5zALapx+jYlUcQ0dKxhAPuBPGYxPTm5h8= +=jbKR +-----END PGP SIGNATURE----- diff --git a/expat.changes b/expat.changes new file mode 100644 index 0000000..a611d9d --- /dev/null +++ b/expat.changes @@ -0,0 +1,1249 @@ +------------------------------------------------------------------- +Tue Nov 12 15:43:19 UTC 2024 - pgajdos@suse.com + +- no source changes, just adding jira reference: jsc#SLE-21253 + +------------------------------------------------------------------- +Thu Nov 7 11:39:56 UTC 2024 - pgajdos@suse.com + +- version update to 2.6.4 + * Security fixes: [bsc#1232601] + #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser + from a NULL pointer dereference by disallowing function + XML_StopParser to (stop or) suspend an unstarted parser. + A new error code XML_ERROR_NOT_STARTED was introduced to + properly communicate this situation. // CWE-476 CWE-754 + * Other changes: + #903 CMake: Add alias target "expat::expat" + #905 docs: Document use via CMake >=3.18 with FetchContent + and SOURCE_SUBDIR and its consequences + #902 tests: Reduce use of global parser instance + #904 tests: Resolve duplicate handler + #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903) + #914 Fix signedness of format strings + #919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3) + to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/ + for what these numbers do + +------------------------------------------------------------------- +Thu Sep 26 08:29:45 UTC 2024 - pgajdos@suse.com + +- updated keyring [https://build.suse.de/request/show/345282] +- modified sources + % expat.keyring + +------------------------------------------------------------------- +Thu Sep 5 09:21:17 UTC 2024 - David Anes + +- Update to 2.6.3: + * Security fixes: + - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with + len < 0 without noticing and then calling XML_GetBuffer + will have XML_ParseBuffer fail to recognize the problem + and XML_GetBuffer corrupt memory. + With the fix, XML_ParseBuffer now complains with error + XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse + has been doing since Expat 2.2.1, and now documented. + Impact is denial of service to potentially artitrary code + execution. + - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an + integer overflow for nDefaultAtts on 32-bit platforms + (where UINT_MAX equals SIZE_MAX). + Impact is denial of service to potentially artitrary code + execution. + - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can + have an integer overflow for m_groupSize on 32-bit + platforms (where UINT_MAX equals SIZE_MAX). + Impact is denial of service to potentially artitrary code + execution. + + * Other changes: + - Autotools: Sync CMake templates with CMake 3.28 + - Autotools: Always provide path to find(1) for portability + - Autotools: Ensure that the m4 directory always exists. + - Autotools: Simplify handling of SIZEOF_VOID_P + - Autotools: Support non-GNU sed + - Autotools|CMake: Fix main() to main(void) + - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM + - Autotools|CMake: Stop requiring dos2unix + - CMake: Fix check for symbols size_t and off_t + - docs|tests: Convert README to Markdown and update + - Windows: Drop support for Visual Studio <=15.0/2017 + - Drop needless XML_DTD guards around is_param access + - Fix typo in a code comment + - Version info bumped from 10:2:9 (libexpat*.so.1.9.2) + to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/ + for what these numbers do + +------------------------------------------------------------------- +Wed Mar 13 22:23:20 UTC 2024 - Andreas Stieger + +- update to 2.6.2: + * CVE-2024-28757 -- Prevent billion laughs attacks with isolated + use of external parsers (boo#1221289) + * Reject direct parameter entity recursion and avoid the related + undefined behavior + +------------------------------------------------------------------- +Fri Mar 1 16:45:35 UTC 2024 - Andreas Stieger + +- update to 2.6.1: + * Expose billion laughs API with XML_DTD defined and XML_GE + undefined, regression from 2.6.0 + * Make tests independent of CPU speed, and thus more robust +- drop libxml2-fix-xmlwf.1-handling.patch, upstream + +------------------------------------------------------------------- +Tue Feb 20 12:21:17 UTC 2024 - David Anes + +- Fix handling of xmlwf.1 to avoid workarounds in specfile: + * Added libxml2-fix-xmlwf.1-handling.patch + +- Call buildconf.sh to avoid (future) issues with expat_config.h.in + +------------------------------------------------------------------- +Mon Feb 12 20:44:14 UTC 2024 - David Anes + +- Update keyring automatically from keyserver during OBS service run. +- Explicitly use --without-docbook (before it was implicit). +- Include missing files for documentation and examples. +- Add manpage for xmlwf, which is now available in the released tarball. +- Clean the spec file a bit. + +- Update to 2.6.0: + * Security fixes: + - CVE-2023-52425 (boo#1219559) + -- Fix quadratic runtime issues with big tokens + that can cause denial of service, in partial where + dealing with compressed XML input. Applications + that parsed a document in one go -- a single call to + functions XML_Parse or XML_ParseBuffer -- were not affected. + The smaller the chunks/buffers you use for parsing + previously, the bigger the problem prior to the fix. + Backporters should be careful to no omit parts of + pull request #789 and to include earlier pull request #771, + in order to not break the fix. + - CVE-2023-52426 (boo#1219561) + -- Fix billion laughs attacks for users + compiling *without* XML_DTD defined (which is not common). + Users with XML_DTD defined have been protected since + Expat >=2.4.0 (and that was CVE-2013-0340 back then). + * Bug fixes: + - Fix parse-size-dependent "invalid token" error for + external entities that start with a byte order mark + - Fix NULL pointer dereference in setContext via + XML_ExternalEntityParserCreate for compilation with + XML_DTD undefined + - Protect against closing entities out of order + * Other changes: + - Improve support for arc4random/arc4random_buf + - Improve buffer growth in XML_GetBuffer and XML_Parse + - xmlwf: Support --help and --version + - xmlwf: Support custom buffer size for XML_GetBuffer and read + - xmlwf: Improve language and URL clickability in help output + - examples: Add new example "element_declarations.c" + - Be stricter about macro XML_CONTEXT_BYTES at build time + - Make inclusion to expat_config.h consistent + - Autotools: configure.ac: Support --disable-maintainer-mode + - Autotools: Sync CMake templates with CMake 3.26 + - Autotools: Make installation of shipped man page doc/xmlwf.1 + independent of docbook2man availability + - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file + section "Cflags.private" in order to fix compilation + against static libexpat using pkg-config on Windows + - Autotools|CMake: Require a C99 compiler + (a de-facto requirement already since Expat 2.2.2 of 2017) + - Autotools|CMake: Fix PACKAGE_BUGREPORT variable + - Autotools|CMake: Make test suite require a C++11 compiler + - CMake: Require CMake >=3.5.0 + - CMake: Lowercase off_t and size_t to help a bug in Meson + - CMake: Sort xmlwf sources alphabetically + - CMake|Windows: Fix generation of DLL file version info + - CMake: Build tests/benchmark/benchmark.c as well for + a build with -DEXPAT_BUILD_TESTS=ON + - docs: Document the importance of isFinal + adjust tests + accordingly + - docs: Improve use of "NULL" and "null" + - docs: Be specific about version of XML (XML 1.0r4) + and version of C (C99); (XML 1.0r5 will need a sponsor.) + - docs: reference.html: Promote function XML_ParseBuffer more + - docs: reference.html: Add HTML anchors to XML_* macros + - docs: reference.html: Upgrade to OK.css 1.2.0 + - docs: Fix typos + - docs|CI: Use HTTPS URLs instead of HTTP at various places + - Address compiler warnings + - Address clang-tidy warnings + - Version info bumped from 9:10:8 (libexpat*.so.1.8.10) + to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/ + for what these numbers do + +------------------------------------------------------------------- +Sun Dec 11 20:35:38 UTC 2022 - Andreas Stieger + +- add upstream signing key and validate source signature + +------------------------------------------------------------------- +Wed Oct 26 06:19:38 UTC 2022 - David Anes + +- Update to 2.5.0: (bsc#1204708) + * Security fixes: + - CVE-2022-43680 -- Fix heap use-after-free after overeager + destruction of a shared DTD in function + XML_ExternalEntityParserCreate in out-of-memory situations. + Expected impact is denial of service or potentially arbitrary + code execution. + * Bug fixes: + - Fix curruption from undefined entities + - Fix case when parsing was suspended while processing nested + entities + - Stop leaking opening tag bindings after a closing tag mismatch + error where a parser is reset through XML_ParserReset and then + reused to parse + - CMake: Fix generation of pkg-config file + - MinGW|CMake: Fix static library name + * Other changes: + - Protect header expat_config.h from multiple inclusion + - examples: Make use of XML_GetBuffer and be more consistent + across examples + - Address compiler warnings + - Version info bumped from 9:9:8 to 9:10:8; see + https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Tue Sep 20 15:54:12 UTC 2022 - David Anes + +- update to 2.4.9: (bsc#1203438) + * Security fixes: + - CVE-2022-40674 -- Heap use-after-free vulnerability in + function doContent. Expected impact is denial of service + or potentially arbitrary code execution. + * Bug fixes: + - MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0 + - docs: Fix documentation on effect of switch XML_DTD on + symbol visibility in doc/reference.html + * Other changes: + - MinGW: Make fix-xmltest-log.sh drop more Wine bug output + - Autotools: Sync CMake templates with CMake 3.22 + - CMake: Migrate from use of CMAKE_*_POSTFIX to + dedicated variables EXPAT_*_POSTFIX to stop affecting + other projects + - Windows|CMake: Add missing -DXML_STATIC to test runners + and fuzzers + - Windows|CMake: Render .def file from a template to fix + linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON + - MinGW|CMake: Apply MSVC .def file when linking + - MinGW|CMake: Sync library name with GNU Autotools, + i.e. produce libexpat-1.dll rather than libexpat.dll + by default. Filename libexpat.dll.a is unaffected. + - MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in + toolchain file "cmake/mingw-toolchain.cmake" to avoid + error "windres: Command not found" on e.g. Ubuntu 20.04 + - CMake: Unify inconsistent use of set() and option() in + context of public build time options to take need for + set(.. FORCE) in projects using Expat by means of + add_subdirectory(..) off Expat's users' shoulders + - Stop exporting API symbols when building a static library + - Resolve use of deprecated "fgrep" by "grep -F" + - CMake: Make documentation on variables a bit more consistent + - CMake: Drop leading whitespace from a #cmakedefine line in + file expat_config.h.cmake + - xmlwf: Fix harmless variable mix-up in function nsattcmp + - Address Cppcheck warnings + - Address Clang 15 compiler warnings + - Version info bumped from 9:8:8 to 9:9:8; + see https://verbump.de/ for what these numbers do + * Infrastructure: + - CI: Windows: Start covering MSVC 2022 + - CI: macOS: Migrate off deprecated macOS 10.15 + - CI: Linux: Make migration off deprecated Ubuntu 18.04 work + - CI: Upgrade Clang from 14 to 15 + - apply-clang-format.sh: Add support for BSD find + - coverage.sh: Exclude MinGW headers + - coverage.sh: Fix name collision for -funsigned-char + +------------------------------------------------------------------- +Tue Mar 29 05:26:59 UTC 2022 - David Anes + +- update to 2.4.8: + * Other changes: + - pkg-config: Move "-lm" to section "Libs.private" + - CMake|MSVC: Fix pkg-config section "Libs" + - CMake|macOS: Start using linker arguments + "-compatibility_version " and + "-current_version " in a way compatible with GNU + Libtool + - Version info bumped from 9:7:8 to 9:8:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Sat Mar 5 06:34:13 UTC 2022 - David Anes + +- update to 2.4.7 (bsc#1196784, CVE-2022-25236): + * Bug fixes: + - Relax fix to CVE-2022-25236 (introduced with release 2.4.5) + with regard to all valid URI characters (RFC 3986), + i.e. the following set (excluding whitespace): + ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz + 0123456789 % -._~ :/?#[]@ !$&'()*+,;= + * Other changes: + - CMake|Windows: Store Expat version in the DLL + - Document consequences of namespace separator choices not just + in doc/reference.html but also in header + - Document Expat's lack of validation of namespace URIs against + RFC 3986, and that the XML 1.0r4 specification doesn't + require Expat to validate namespace URIs, and that Expat + may do more in that regard in future releases. + If you find need for strict RFC 3986 URI validation on + application level today, https://uriparser.github.io/ may + be of interest. + - Fix documentation of XML_EndDoctypeDeclHandler in + - Document that a call to XML_FreeContentModel can be done at + a later time from outside the element declaration handler + - Make hardcoded namespace URIs easier to find in code + - Update documentation on use of XML_POOR_ENTOPY on Solaris + - tests: Resolve use of macros NAN and INFINITY for GNU G++ + 4.8.2 on Solaris. + - Version info bumped from 9:6:8 to 9:7:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Sun Feb 20 19:48:53 UTC 2022 - David Anes + +- update to 2.4.6 (bsc#1196168, CVE-2022-25313): + * Bug fixes: + - Fix a regression introduced by the fix for CVE-2022-25313 + in release 2.4.5 that affects applications that (1) + call function XML_SetElementDeclHandler and (2) are + parsing XML that contains nested element declarations + (e.g. ""). + - Version info bumped from 9:5:8 to 9:6:8; + see https://verbump.de/ for what these numbers do. + +------------------------------------------------------------------- +Sat Feb 19 09:21:21 UTC 2022 - David Anes + +- update to 2.4.5 (bsc#1196171, bsc#1196169, bsc#1196168, + bsc#1196026, bsc#1196025): + * Security fixes: + - CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 + sequences (e.g. from start tag names) to the XML + processing application on top of Expat can cause + arbitrary damage (e.g. code execution) depending + on how invalid UTF-8 is handled inside the XML + processor; validation was not their job but Expat's. + Exploits with code execution are known to exist. + - CVE-2022-25236 -- Passing (one or more) namespace separator + characters in "xmlns[:prefix]" attribute values + made Expat send malformed tag names to the XML + processor on top of Expat which can cause + arbitrary damage (e.g. code execution) depending + on such unexpectable cases are handled inside the XML + processor; validation was not their job but Expat's. + Exploits with code execution are known to exist. + - CVE-2022-25313 -- Fix stack exhaustion in doctype parsing + that could be triggered by e.g. a 2 megabytes + file with a large number of opening braces. + Expected impact is denial of service or potentially + arbitrary code execution. + - CVE-2022-25314 -- Fix integer overflow in function copyString; + only affects the encoding name parameter at parser creation + time which is often hardcoded (rather than user input), + takes a value in the gigabytes to trigger, and a 64-bit + machine. Expected impact is denial of service. + - CVE-2022-25315 -- Fix integer overflow in function storeRawNames; + needs input in the gigabytes and a 64-bit machine. + Expected impact is denial of service or potentially + arbitrary code execution. + * Other changes: + - Version info bumped from 9:4:8 to 9:5:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Mon Jan 31 06:13:13 UTC 2022 - David Anes + +- update to 2.4.4 (bsc#1195217, bsc#1195054): + * Security fixes: + - CVE-2022-23852 -- Fix signed integer overflow + (undefined behavior) in function XML_GetBuffer + that is also called by function XML_Parse internally) + for when XML_CONTEXT_BYTES is defined to >0 (which is both + common and default). + Impact is denial of service or more. + - CVE-2022-23990 -- Fix unsigned integer overflow in function + doProlog triggered by large content in element type + declarations when there is an element declaration handler + present (from a prior call to XML_SetElementDeclHandler). + Impact is denial of service or more. + * Bug fixes: + - xmlwf: Fix a memory leak on output file opening error + * Other changes: + - Version info bumped from 9:3:8 to 9:4:8; + see https://verbump.de/ for what these numbers do + * Drop unused file valid-xhtml10.png + +------------------------------------------------------------------- +Mon Jan 17 09:14:10 UTC 2022 - Dirk Müller + +- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, + bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): + * CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow + on variable m_groupSize in function doProlog leading + to realloc acting as free. + Impact is denial of service or more. + * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. + +------------------------------------------------------------------- +Mon Dec 27 16:02:14 UTC 2021 - Dirk Müller + +- update to 2.4.2: + * Link againgst libm for function "isnan" + * Include expat_config.h as early as possible + * Autotools: Include files with release archives: + - buildconf.sh + - fuzz/*.c + * Autotools: Sync CMake templates + * docs: Document that function XML_GetBuffer may return NULL + when asking for a buffer of 0 (zero) bytes size + * docs: Fix return value docs for both + XML_SetBillionLaughsAttackProtection* functions + * Version info bumped from 9:1:8 to 9:2:8 + +------------------------------------------------------------------- +Mon May 24 08:17:12 UTC 2021 - Pedro Monreal + +- Update to 2.4.1: + * Bug fixes: + - Autotools: Fix installed header expat_config.h for multilib + systems; regression introduced in 2.4.0 by pull request #486 + * Other changes: + - Version info bumped from 9:0:8 to 9:1:8; see + https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Mon May 24 08:15:42 UTC 2021 - Pedro Monreal + +- Update to 2.4.0: [CVE-2013-0340 "Billion Laughs"] + * Security fixes: + - CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks + (denial-of-service; flavors targeting CPU time or RAM or both, + leveraging general entities or parameter entities or both) + by tracking and limiting the input amplification factor + ( := ( + ) / ). + By conservative default, amplification up to a factor of 100.0 + is tolerated and rejection only starts after 8 MiB of output bytes + (= + ) have been processed. + The fix adds the following to the API: + - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to + signals this specific condition. + - Two new API functions .. + - XML_SetBillionLaughsAttackProtectionMaximumAmplification and + - XML_SetBillionLaughsAttackProtectionActivationThreshold + .. to further tighten billion laughs protection parameters + when desired. Please see file "doc/reference.html" for details. + If you ever need to increase the defaults for non-attack XML + payload, please file a bug report with libexpat. + - Two new XML_FEATURE_* constants .. + - that can be queried using the XML_GetFeatureList function, and + - that are shown in "xmlwf -v" output. + - Two new environment variable switches .. + - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and + - EXPAT_ENTITY_DEBUG=(0|1) + .. for runtime debugging of accounting and entity processing. + Specific behavior of these values may change in the future. + - Two new command line arguments "-a FACTOR" and "-b BYTES" + for xmlwf to further tighten billion laughs protection + parameters when desired. + If you ever need to increase the defaults for non-attack XML + payload, please file a bug report with libexpat. + * Bug fixes: + - For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake) + or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault + for UTF-16 payloads containing CDATA sections. + - Autotools: Fix generated CMake files for non-64bit and + non-Linux platforms (e.g. macOS and MinGW in particular) + that were introduced with release 2.3.0 + * Other changes: + - xmlwf: Improve help output and the xmlwf man page + - xmlwf: Improve maintainability through some refactoring + - xmlwf: Fix man page DocBook validity + - CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR + and CMAKE_INSTALL_INCLUDEDIR + - CMake: Add support for standard variable BUILD_SHARED_LIBS + - Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters + - Resolve macro HAVE_EXPAT_CONFIG_H + - Delete unused legacy helper file "conftools/PrintPath" + - doc/reference.html: Fix XHTML validity + - doc/reference.html: Replace the 90s look by OK.css + - Version info bumped from 8:0:7 to 9:0:8 due to addition of + new symbols and error codes; see https://verbump.de/ for + what these numbers do + +------------------------------------------------------------------- +Tue Apr 13 06:04:38 UTC 2021 - Dominique Leuenberger + +- Do not BuildRequire cmake: expat is part of the distro bootstrap + cycle and any additional dependency makes the ring larger. In + this case here, cmake was even only used to own a directory. + +------------------------------------------------------------------- +Tue Apr 6 02:16:20 UTC 2021 - Dirk Müller + +- update to 2.3.0: + * When calling XML_ParseBuffer without a prior successful call to + XML_GetBuffer as a user, no longer trigger undefined behavior + (by adding an integer to a NULL pointer) but rather return + XML_STATUS_ERROR and set the error code to (new) code + XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) + of Clang 11 (but not Clang 9). + * xmlwf: Exit status 2 was used for both: + - malformed input files (documented) and + - invalid command-line arguments (undocumented). + case of invalid command-line arguments now + has its own exit status 4, resolving the ambiguity. + * Other changes + +------------------------------------------------------------------- +Sun Oct 4 19:19:55 UTC 2020 - Pedro Monreal + +- Update to 2.2.10: + * Bug fixes: + - Fix undefined behavior during parsing caused by pointer + arithmetic with NULL pointers + - Fix reading uninitialized variable during parsing + - xmlwf: Add missing check for malloc NULL return + * Other changes: + - xmlwf: Document exit codes in xmlwf manpage and exit with code 3 + (rather than code 1) for output errors when used with "-d DIRECTORY" + - Autotools: Use -Werror while configure tests the compiler for + supported compile flags to avoid false positives + - Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, e.g. + ensure that they have the last word over flags added while + running ./configure + - CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis + on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) + - CMake: Detect and deny unsupported build combinations + involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) + - CMake: Install pre-compiled shipped xmlwf.1 manpage in case + of -DEXPAT_BUILD_DOCS=OFF + - CMake: Fix use of Expat by means of add_subdirectory + - CMake: Keep expat target name constant at "expat" (i.e. refrain + from using the target name to control build artifact filenames) + - CMake: Expose man page compilation as target "xmlwf-manpage" + - CMake: Introduce option EXPAT_BUILD_PKGCONFIG to control + generation of pkg-config file "expat.pc" + - CMake: Add minimalistic support for building binary packages + with CMake target "package"; based on CPack + - CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with default + OFF to build fuzzer code against OSS-Fuzz and related + environment variable LIB_FUZZING_ENGINE + - Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF + - Address compiler warnings + - Address pngcheck warnings with doc/*.png images: Version info + bumped from 7:11:6 to 7:12:6 + +------------------------------------------------------------------- +Fri Nov 29 18:30:43 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.9 + * Other changes: + - examples: Drop executable bits from elements.c + #349 Windows: Change the name of the Windows DLLs from expat*.dll + to libexpat*.dll once more (regression from 2.2.8, first + fixed in 1.95.3, issue #61 on SourceForge today, + was issue #432456 back then); needs a fix due + case-insensitive file systems on Windows and the fact that + Perl's XML::Parser::Expat compiles into Expat.dll. + #347 Windows: Only define _CRT_RAND_S if not defined + Version info bumped from 7:10:6 to 7:11:6 + +------------------------------------------------------------------- +Mon Sep 16 08:21:52 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.8 + * Security fixes: (CVE-2019-15903, bsc#1149429) + - CVE-2019-15903 -- Fix heap overflow triggered by XML_GetCurrentLineNumber + (or XML_GetCurrentColumnNumber), and deny internal entities closing the doctype; + * Bug fixes: + - Fix cases where XML_StopParser did not have any effect + when called from inside of an end element handler + - xmlwf: Fix exit code for operation without "-d DIRECTORY"; + previously, only "-d DIRECTORY" would give you a proper exit code: + Now both cases return exit code 2. + * Other changes: + - examples: Improve elements.c + - Autotools: Add argument --enable-xml-attr-info + - Autotools: Add arguments --with-getrandom --without-getrandom --with-sys-getrandom --without-sys-getrandom + - Autotools: Fix linking issues with "./configure LD=clang" + - Autotools: Fix "make run-xmltest" for out-of-source builds + - CMake: Pull all options from Expat <=2.2.7 into namespace + - CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), default OFF + - CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), default OFF + - CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), default OFF + - CMake: Add arguments -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO + - CMake: Add arguments -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO + - CMake: Install expat_config.h to include directory + - CMake: Generate and install configuration files for future find_package(expat [..] CONFIG [..]) + - CMake: Now produces a summary of applied configuration + - CMake: Require C++ compiler only when tests are enabled + - CMake: Fix compilation for 16bit character types, i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) + - CMake: Port "make run-xmltest" from GNU Autotools to CMake + - CMake: Integrate OSS-Fuzz fuzzers, option -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF +- Removed patches fixed in the update: + * expat-CVE-2019-15903.patch + * expat-CVE-2019-15903-tests.patch + +------------------------------------------------------------------- +Wed Sep 4 17:11:38 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix (CVE-2019-15903, bsc#1149429) + * Crafted XML input results in heap-based buffer over-read by fooling + the parser into changing from DTD parsing to document parsing + * Added patches: + - expat-CVE-2019-15903.patch + - expat-CVE-2019-15903-tests.patch + +------------------------------------------------------------------- +Tue Jul 2 10:33:51 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937) + * Security fixes: + - CVE-2018-20843 - Fix extraction of namespace prefixes from + XML names; XML names with multiple colons could end up in + the wrong namespace, and take a high amount of RAM and CPU + resources while processing, opening the door to use for + denial-of-service attacks + * Other changes: + - Autotools/CMake: Utilize -fvisibility=hidden to stop + exporting non-API symbols + - Autotools: Add --without-examples and --without-tests + - Autotools: Modernize configure.ac + - Autotools: Fix check for -fvisibility=hidden for Clang + - Autotools: Fix compilation for lack of docbook2x-man + - CMake: Make libdir of pkgconfig expat.pc support multilib + - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR + - Remove fallback to bcopy, assume that memmove(3) exists +- Removed expat-2.2.6-fix-make-clean.patch + +------------------------------------------------------------------- +Thu Feb 7 10:45:14 UTC 2019 - Bernhard Wiedemann + +- Add expat-2.2.6-fix-make-clean.patch +- Allow profile guided optimization again + +------------------------------------------------------------------- +Thu Jan 3 13:08:57 UTC 2019 - Tomáš Chvátal + +- Drop docbook2x dependency, the manpages are generated in + the upstream archive and this way we break buildcycle + +------------------------------------------------------------------- +Tue Sep 11 11:32:10 UTC 2018 - pmonrealgonzalez@suse.com + +- Version update to 2.2.6 Sun August 12 2018 + * Bug fixes: + - Avoid doing arithmetic with NULL pointers in XML_GetBuffer + - Fix 2.2.5 regression with suspend-resume while parsing + a document like '' + * Other changes: + - Autotools: Fix docbook-related configure syntax error + - Autotools: Avoid grep option `-q` for Solaris + - Autotools: Support + ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" + - Autotools: Support DOCBOOK_TO_MAN command which produces + xmlwf.1 rather than XMLWF.1; also covers case insensitive + file systems + - Autotools: Drop -rpath option passed to libtool + - Autotools: Detect and deny SGML docbook2man as ours is XML + - Autotools/CMake: Support command db2x_docbook2man as well + - CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF + - CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF + - CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, + both defaulting to OFF + - CMake: Prefer check_symbol_exists over check_function_exists + - CMake: Create the same pkg-config file as with GNU Autotools + - CMake: Use GNUInstallDirs module to set proper defaults for + install directories + - CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM + - Address compiler warnings + - Fix miscellaneous typos + +------------------------------------------------------------------- +Thu Nov 16 10:22:18 UTC 2017 - jengelh@inai.de + +- Expand description of expat-devel. + +------------------------------------------------------------------- +Thu Nov 16 09:04:25 UTC 2017 - mpluskal@suse.com + +- Do not generate manpages from docbook +- Temporarily disable profiling due to bug in build system + +------------------------------------------------------------------- +Wed Nov 8 20:01:31 UTC 2017 - aavindraa@gmail.com + +- Version update to 2.2.5 Tue October 31 2017 + * Bug fixes: + - If the parser runs out of memory, make sure its internal + state reflects the memory it actually has, not the memory + it wanted to have. + - The default handler wasn't being called when it should for + a SYSTEM or PUBLIC doctype if an entity declaration handler + was registered. + - Fix a case of mistakenly reported parsing success where + XML_StopParser was called from an element handler + - Function XML_ErrorString was returning NULL rather than + a message for code XML_ERROR_INVALID_ARGUMENT + introduced with release 2.2.1 + * Other changes: + - Add argument -N adding notation declarations + - various compiler-specific fixes + - Improve docbook2x-man detection +- drop expat-docbook.patch + * fixed in 0f5186c7b8e503c669e332d944712de010b265f3 +- switch to github for release tarballs and website + +------------------------------------------------------------------- +Thu Oct 26 09:53:50 UTC 2017 - pmonrealgonzalez@suse.com + +- Version update to 2.2.4 Sat August 19 2017 + * Bug fixes: + #115 Fix copying of partial characters for UTF-8 input + * Other changes: + #109 Fix "make check" for non-x86 architectures that default + to unsigned type char (-128..127 rather than 0..255) + #109 coverage.sh: Cover -funsigned-char + Autotools: Introduce --without-xmlwf argument + #65 Autotools: Replace handwritten Makefile with GNU Automake + #43 CMake: Auto-detect high quality entropy extractors, add new + option USE_libbsd=ON to use arc4random_buf of libbsd + #74 CMake: Add -fno-strict-aliasing only where supported + #114 CMake: Always honor manually set BUILD_* options + #114 CMake: Compile man page if docbook2x-man is available, only + #117 Include file tests/xmltest.log.expected in source tarball + (required for "make run-xmltest") + #111 Fix some typos in documentation + Version info bumped from 7:5:6 to 7:6:6 + +- Release 2.2.3 Wed August 2 2017 + * Bug fixes: + #85 Fix a dangling pointer issue related to realloc + * Other changes: + #91 Linux: Allow getrandom to fail if nonblocking pool has not + yet been initialized and read /dev/urandom then, instead. + This is in line with what recent Python does. + #86 Check that a UTF-16 encoding in an XML declaration has the + right endianness +#4 #5 #7 Recover correctly when some reallocations fail + Repair "./configure && make" for systems without any + provider of high quality entropy + and try reading /dev/urandom on those + Ensure that user-defined character encodings have converter + functions when they are needed + Fix mis-leading description of argument -c in xmlwf.1 + Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) + for CloudABI + #100 Fix use of SIPHASH_MAIN in siphash.h + #23 Test suite: Fix memory leaks + Version info bumped from 7:4:6 to 7:5:6 + +- Release 2.2.2 Wed July 12 2017 + * Security fixes: + #43 Protect against compilation without any source of high + quality entropy enabled, e.g. with CMake build system; + * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; + resulted in NULL dereference, previously; + * Bug fixes: + #69 Fix improper use of unsigned long long integer literals + * Other changes: + #73 Start requiring a C99 compiler + #49 Fix "==" Bashism in configure script + #58 Address compile warnings + #68 Fix "./buildconf.sh && ./configure" for some versions + of Dash for /bin/sh + #72 CMake: Ease use of Expat in context of a parent project + with multiple CMakeLists.txt files + #72 CMake: Resolve mistaken executable permissions + #76 Address compile warning with -DNDEBUG (not recommended!) + #77 Address compile warning about macro redefinition + + * Added patch expat-docbook.patch to compile the man pages with + docbook-to-man + + * Cleaned spec file with spec-cleaner + +------------------------------------------------------------------- +Sat Oct 7 14:32:27 UTC 2017 - jayvdb@gmail.com + +- Allow building when do_profiling is undefined + +------------------------------------------------------------------- +Tue Jul 11 15:02:55 UTC 2017 - mpluskal@suse.com + +- Build with profiling when possible + +------------------------------------------------------------------- +Tue Jul 4 14:33:00 UTC 2017 - meissner@suse.com + +- Version update to 2.2.1 Sat June 17 2017 + - Security fixes: + CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS + Details: https://libexpat.github.io/doc/cve-2017-9233/ + Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f + - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; + (Fixed version of existing downstream patches!) + - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off + longer tag names; + #25 More integer overflow detection (function poolGrow); + - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; + - [MOX-005] #30 Use high quality entropy for hash initialization: + * arc4random_buf on BSD, systems with libbsd + (when configured with --with-libbsd), CloudABI + * RtlGenRandom on Windows XP / Server 2003 and later + * getrandom on Linux 3.17+ + In a way, that's still part of CVE-2016-5300. + https://github.com/libexpat/libexpat/pull/30/commits + - [MOX-005] For the low quality entropy extraction fallback code, + the parser instance address can no longer leak, + - [MOX-003] Prevent use of uninitialised variable; commit + - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b + Add missing parameter validation to public API functions + and dedicated error code XML_ERROR_INVALID_ARGUMENT: + - [MOX-006] * NULL checks; commits + * Negative length (XML_Parse); commit + - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f + - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash + to go further with fixing CVE-2012-0876. + https://github.com/libexpat/libexpat/pull/39/commits + - Bug fixes: + #32 Fix sharing of hash salt across parsers; + relevant where XML_ExternalEntityParserCreate is called + prior to XML_Parse, in particular (e.g. FBReader) + #28 xmlwf: Auto-disable use of memory-mapping (and parsing + as a single chunk) for files larger than ~1 GB (2^30 bytes) + rather than failing with error "out of memory" + #3 Fix double free after malloc failure in DTD code; commit + 7ae9c3d3af433cd4defe95234eae7dc8ed15637f + #17 Fix memory leak on parser error for unbound XML attribute + prefix with new namespaces defined in the same tag; + found by Google's OSS-Fuzz; commits + xmlwf on Windows: Add missing calls to CloseHandle + - New features: + #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 + for runtime debugging of entropy extraction + Bump version info from 7:2:6 to 7:3:6 + +------------------------------------------------------------------- +Mon Jul 18 23:02:23 UTC 2016 - jengelh@inai.de + +- Remove pointless --with-pic (for static only) + +------------------------------------------------------------------- +Thu Jul 14 08:43:31 UTC 2016 - tchvatal@suse.com + +- Version update to 2.2.0: + * Fixes bnc#983215 CVE-2012-6702 + * Fixes bnc#983216 CVE-2016-5300 + * Various cmake and autotools script updates + * Fix detection of utf8 character boundaries +- Remove all patches merged upstream: + * expat-2.1.1-avoid_relying_on_undef_behaviour.patch + * expat-2.1.1-parser_crashes_on_malformed_input.patch + * expat-alloc-size.patch + * expat-visibility.patch + +------------------------------------------------------------------- +Wed May 18 11:43:51 UTC 2016 - kstreitova@suse.com + +- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid + relying on undefined behavior in the original CVE-2015-1283 fix + [bnc#980391], [bnc#983985], [CVE-2016-4472] +- add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix + Expat XML parser that mishandles certain kinds of malformed input + documents [bnc#979441], [CVE-2016-0718] +- use spec-cleaner to clean specfile + +------------------------------------------------------------------- +Fri Apr 1 16:32:27 UTC 2016 - crrodriguez@opensuse.org + +- After simplification of expat-visibility.patch, it became + uneffective as no symbols are getting hidden. add + -fvisibility=hidden to CFLAGS again. +- expat-alloc-size.patch: fix braino, realloc()-like functions + should not take __attribute__(malloc) + +------------------------------------------------------------------- +Wed Mar 23 08:31:29 UTC 2016 - idonmez@suse.com + +- Update to version 2.1.1 + * Fixes CVE-2015-1283 — Multiple integer overflows in the + XML_GetBuffer function + * Fix potential null pointer dereference + * Symbol XML_SetHashSalt was not exported + * Output of xmlwf -h was incomplete + * Document behavior of calling XML_SetHashSalt with salt 0 + * Minor improvements to man page xmlwf(1) +- Simplify expat-visibility.patch, refresh expat-alloc-size.patch +- Drop config-guess-sub-update.patch, fixed upstream. + +------------------------------------------------------------------- +Sat Jul 11 12:10:03 UTC 2015 - mpluskal@suse.com + +- Cleanup spec file with spec-cleaner +- Remove old ppc obsoletes/provides + +------------------------------------------------------------------- +Tue Mar 26 13:10:01 UTC 2013 - mmeister@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Thu Feb 21 16:02:17 UTC 2013 - jengelh@inai.de + +- Sanitize description of expat (replace it with a more current + one from the homepage) + +------------------------------------------------------------------- +Mon Feb 4 12:59:44 UTC 2013 - schwab@suse.de + +- Update config.guess/sub for aarch64 + +------------------------------------------------------------------- +Wed Jan 23 09:07:25 UTC 2013 - pgajdos@suse.com + +- fix of fix of [bnc#798644] +- according to upstream changelog: + - Improved ability to build without the configure-generated + expat_config.h header. This is useful for applications + which embed Expat rather than linking in the library. + + because I am not exactly sure about implication of this, rather use + -DXML_HAVE_VISIBILITY in CFLAG_VISIBILITY in expat-visibility.patch + +------------------------------------------------------------------- +Tue Jan 22 12:40:02 UTC 2013 - jengelh@inai.de + +- Executing autoreconf requires autoconf BuildRequire + +------------------------------------------------------------------- +Fri Jan 18 08:53:33 UTC 2013 - pgajdos@suse.com + +- really hide private Xml* symbols [bnc#798644] + * modified visibility.patch + +------------------------------------------------------------------- +Tue Apr 10 19:06:34 UTC 2012 - tabraham@novell.com + +- update to 2.1.0 + - Bug Fixes: + #1742315: Harmful XML_ParserCreateNS suggestion. + #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. + #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. + #1983953, 2517952, 2517962, 2649838: + Build modifications using autoreconf instead of buildconf.sh. + #2815947, #2884086: OBJEXT and EXEEXT support while building. + #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. + #2517938: xmlwf should return non-zero exit status if not well-formed. + #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. + #2855609: Dangling positionPtr after error. + #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). + #2958794: CVE-2012-1148 - Memory leak in poolGrow. + #2990652: CMake support. + #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. + #3206497: Unitialized memory returned from XML_Parse. + #3287849: make check fails on mingw-w64. + #3496608: CVE-2012-0876 - Hash DOS attack. + + - Patches: + #1749198: pkg-config support. + #3010222: Fix for bug #3010819. + #3312568: CMake support. + #3446384: Report byte offsets for attr names and values. + + - New Features / API changes: + * Added new API member XML_SetHashSalt() that allows setting an + intial value (salt) for hash calculations. This is part of the + fix for bug #3496608 to randomize hash parameters. + * When compiled with XML_ATTR_INFO defined, adds new API member + XML_GetAttributeInfo() that allows retrieving the byte + offsets for attribute names and values (patch #3446384). + * Added CMake build system. See bug #2990652 and patch #3312568. + * Added run-benchmark target to Makefile.in - relies on testdata + module present in the same relative location as in the repository. + +------------------------------------------------------------------- +Tue Mar 6 03:01:08 UTC 2012 - tabraham@novell.com + +- update to 2.1.0 beta + * refreshed expat-visibility.patch + * removed obsolete expat-CVE-2009-3560.patch + * removed obsolete expat-CVE-2009-2625.patch + + - hash table DOS attack fix + - accumulated bug fixes and some changes to the build system + - new conditional feature to make byte offsets for attributes + and attribute names available + +------------------------------------------------------------------- +Sun Feb 12 14:42:34 UTC 2012 - crrodriguez@opensuse.org + +- Put libraries back to %{_libdir}, /usr merge project + +------------------------------------------------------------------- +Fri Dec 2 12:43:19 UTC 2011 - coolo@suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Sun Oct 30 22:03:29 UTC 2011 - crrodriguez@opensuse.org + +- Hide non public symbols reusing existing win32 API export/imports +- annotate malloc/realloc-like functions with attribute alloc_size + to catch possible misuses in calling code. + +------------------------------------------------------------------- +Sun Sep 18 17:17:12 UTC 2011 - jengelh@medozas.de + +- Remove redundant/obsolete tags/sections from specfile + (cf. packaging guidelines) +- Use %_smp_mflags for parallel build +- Add libexpat-devel to baselibs + +------------------------------------------------------------------- +Fri Feb 25 16:01:01 UTC 2011 - prusnak@opensuse.org + +- fix license (MIT) in spec file + +------------------------------------------------------------------- +Fri Jan 8 15:04:28 CET 2010 - prusnak@suse.cz + +- fix CVE-2009-3560.patch [bnc#566434] + +------------------------------------------------------------------- +Sun Dec 13 19:28:22 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source + +------------------------------------------------------------------- +Fri Dec 4 15:43:29 CET 2009 - prusnak@suse.cz + +- fix DoS (CVE-2009-3560.patch) [bnc#558892] + +------------------------------------------------------------------- +Thu Oct 29 14:22:47 CET 2009 - prusnak@suse.cz + +- fix DoS (CVE-2009-2625.patch) [bnc#550664] + +------------------------------------------------------------------- +Sun Apr 5 15:45:49 CEST 2009 - crrodriguez@suse.de + +- test suite requires gcc-c++ to compile + +------------------------------------------------------------------- +Thu Feb 19 04:55:08 CET 2009 - crrodriguez@suse.de + +- remove static libraries, shouldnt be needed anymore. +- run make check + +------------------------------------------------------------------- +Wed Dec 10 12:34:56 CET 2008 - olh@suse.de + +- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade + (bnc#437293) + +------------------------------------------------------------------- +Thu Oct 30 12:34:56 CET 2008 - olh@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Sat Jul 28 19:38:40 CEST 2007 - coolo@suse.de + +- fix devel symlink + +------------------------------------------------------------------- +Wed Jul 25 11:29:59 CEST 2007 - prusnak@suse.cz + +- move libraries from /usr/lib to /lib [#285472] +- replace deprecated %run_ldconfig with /sbin/ldconfig + +------------------------------------------------------------------- +Thu Jun 7 16:46:32 CEST 2007 - prusnak@suse.cz + +- update to 2.0.1: + ( from Changes ) + * Fixed bugs #1515266, 1515600: The character data handler's calling + of XML_StopParser() was not handled properly; if the parser was + stopped and the handler set to NULL, the parser would segfault. + * Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed + some character constants to be ASCII encoded. + * Minor cleanups of the test harness. + * Fixed xmlwf bug #1513566: "out of memory" error on file size zero. + * Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. + * Fixes and improvements for Windows platform: + bugs #1409451, #1476160, 1548182, 1602769, 1717322. + * Build fixes for various platforms: + HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. + All Unix: #1554618 (refreshed config.sub/config.guess). + #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, + without relying on GNU-Make specific features. + #1647805: Patched configure.in to work better with Intel compiler. + * Fixes to Makefile.in to have make check work correctly: + bugs #1408143, #1535603, #1536684. + * Added Open Watcom support: patch #1523242. + +------------------------------------------------------------------- +Tue Apr 17 18:49:10 CEST 2007 - prusnak@suse.cz + +- split libexpat1 and libexpat-devel subpackages [#260214] + +------------------------------------------------------------------- +Thu Oct 19 12:37:07 CEST 2006 - dmueller@suse.de + +- strip .la file + +------------------------------------------------------------------- +Wed Jan 25 21:30:10 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Fri Jan 13 00:21:55 CET 2006 - ro@suse.de + +- fixed file list for debuginfo package (do not pack all of libdir) + +------------------------------------------------------------------- +Wed Jan 11 17:43:46 CET 2006 - mjancar@suse.cz + +- update to 2.0.0 + +------------------------------------------------------------------- +Mon Jan 9 13:25:07 CET 2006 - mjancar@suse.cz + +- update to 2.0 pre release + +------------------------------------------------------------------- +Wed Nov 10 11:54:21 CET 2004 - ro@suse.de + +- fixed filelist + +------------------------------------------------------------------- +Mon Aug 09 16:26:05 CEST 2004 - tcrhak@suse.cz + +- update to 1.95.8 + +------------------------------------------------------------------- +Thu Feb 5 18:28:34 CET 2004 - kukuk@suse.de + +- Build as user + +------------------------------------------------------------------- +Thu Feb 05 18:00:24 CET 2004 - tcrhak@suse.cz + +- update to version 1.95.7 + +------------------------------------------------------------------- +Tue Feb 18 15:36:28 CET 2003 - tcrhak@suse.cz + +- in expat.h, declare enum XML_Status before using it; + put into patch "...-header.diff" [bug #23742] + +------------------------------------------------------------------- +Mon Feb 17 18:05:52 CET 2003 - tcrhak@suse.cz + +- updated to version 1.95.6 + +------------------------------------------------------------------- +Sun Dec 22 18:21:13 CET 2002 - tcrhak@suse.cz + +- update to version 1.95.5 + +------------------------------------------------------------------- +Sat Jul 13 15:14:59 CEST 2002 - tcrhak@suse.cz + +- update to version 1.95.4 + +------------------------------------------------------------------- +Thu Mar 28 15:17:43 CET 2002 - tcrhak@suse.cz + +- added parameter --target to configure + +------------------------------------------------------------------- +Mon Jan 14 13:25:11 CET 2002 - rvasice@suse.cz + +- use %{_libdir} and %{_lib} + +------------------------------------------------------------------- +Tue Nov 20 18:41:35 CET 2001 - rvasice@suse.cz + +- fix URL in spec file + +------------------------------------------------------------------- +Wed Aug 15 19:54:16 CEST 2001 - rvasice@suse.cz + +- update to version 1.95.2 +- spec file cleanup +- added DESTDIR + +------------------------------------------------------------------- +Mon May 14 12:08:01 CEST 2001 - pblaha@suse.cz + +- fixed links for soname of libexpat.so* + +------------------------------------------------------------------- +Fri May 11 09:03:03 CEST 2001 - cihlar@suse.cz + +- fixed soname of libexpat.so.1.2 + +------------------------------------------------------------------- +Fri Jan 5 10:13:20 CET 2001 - pblaha@suse.cz + +- back on stable version 1.2 added build shared libexpat.so + +------------------------------------------------------------------- +Thu Jan 4 15:46:21 CET 2001 - pblaha@suse.cz + +- update on 1.95.1 on sourgeforge needed for midgard +- new description + +------------------------------------------------------------------- +Thu Mar 9 11:01:23 CET 2000 - ke@suse.de + +- Don't "install" symlinks; use "cp"; reported by bs; proposed fix + by ro. +- Cleanup the spec file: better Group tag; more accurate files list. + +------------------------------------------------------------------- +Tue Nov 23 14:59:17 CET 1999 - ke@suse.de + +- first SuSE package: version 1.1. +- apply Debian patch to build shared libs. +- build libexpat.a. + diff --git a/expat.keyring b/expat.keyring new file mode 100644 index 0000000..e40fc46 --- /dev/null +++ b/expat.keyring @@ -0,0 +1,235 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: Hostname: +Version: Hockeypuck 2.2 + +xsFNBFzUcE0BEACzkr4qR9zoM63YCJU/oQTJEtt7SR9Hcvntk351O5QQbNJS55Za +h+XfiAl1j45yrxP+ve3xU64Cl/GctZMLgkx8Qd3JECZCUkm72cvlBF1bJ0hkvcJR +tTyuc9XXBBQBNoRS1Tn4Gc/QE8L7669mS0FPPKpy4m7yY9SLtkauUTVkeKVz65Wo +9jEB4cc4hJGzqeBndSmPbznOPkATSadeLX7xNFG4nM20wCGZ1+UmY4j1NTBJnbxt +xcPQ4/OiAKvAsfAzvZrlAMhJtFAfnooP7VkIsbZyQqPeUznhGOK1nVpjl7DZ5c4g +eJa3OLfeDM5c1mSx3VsU8SkKbBqNeog5dV9yHAKFBa10M+VAylwlRg5i6TE/5JP4 +LneWoh/dZP6216MMelDcZeXn6JCgLWmjbCmuwDgA5S7y2cewRU3hopGvCpTkgEg8 +XuXZgP8O1ZAOOqBWOt/mk71Bm6LdIe501f60aVcnODJDSb6tDwYTxkn5vGPvu8bi +u2K+zdFqZskPTZo44qZDjLd7HpN5SigFMCCSk9LTWcwpa4eSFcezmfku+dB5T79Y +0W0qCKJKBtNLOj5atVk9j+BA0BNTmE8e95bTdPW3UbmXPhQQt8J+6UXsUC0brn3/ +9pXTXHvPiQsYMKcMzOnbdXKvlMxF+dN3BT+uhEF5tyYgqSDaF07EnIJzdwARAQAB +zSRTZWJhc3RpYW4gUGlwcGluZyA8c3BpbmdAZ2VudG9vLm9yZz7CwZQEEwEIAD4C +GwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQQxdu99sjZ/H8pPMGsfmw6QmvNy +hQUCZZgh3wUJDIYYkgAKCRAfmw6QmvNyhfRcEACU3hFFTVRyZTB+/Phui6bFhhbH +oRVMZl7llwGdtmUR76moGAnOilKK3UG4Xn+yHk0Au0kMDciDzET1KL5pTk3FYaX5 +SdhMK5P3CQIRvGVQGEyzm2riGMGBQwbMTN1cWSrW39lORPDanDKIzzu0mvAe9Ufs +M5Ecrz6xTIxMcMfBEaYH0snwMGFLowcDETk8DIM8qn6oOrH86S2+HP3LKeCM1DOI +uAILj438lTgaHKfOmtAMxqwXzVtknQN5upIBvfDtYXeLH/zSztt3XIcDYrBVCFd+ +7wxvelu0C6e1yG3vQ6eQt4OAeSNBOXUAcIWsCti9uGL2//pE9gQs4s1ijJYFQuuE +er3sTTqg4JU5y9NkDo6p9roZt+uDFSyj3wgOinfxMipNLniJpjrvV+tmqGhYZY0R +WEP757A1M/xVaf89d9rp5pJ9QawNUIDfM8gH+m0FuX5YKlSvFak+uB9/Oeu+BKy+ +wWyBiEM3fOjnFBpAGz1nKGQFYvUuRtqFAmlLUhN3EA2ixL6tMvlkWmHS0o0o+YGX +tANGcsS3KwWILlRarfhkHuc0s+gFiTKvfS/pTbiy6XbtYTtQ0n1HkLz32zwdnFig +/do+xYVyb9w1IZSc3HZAA2h8NlW2crMbzHr4FlSF5p/Zk5gVdfnhuKqWsE/nKAjg +/GwACVGzFbZiD2CqsMLBlAQTAQgAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIX +gBYhBDF2732yNn8fyk8wax+bDpCa83KFBQJjxyuuBQkI0+7hAAoJEB+bDpCa83KF +cesQAK0yPR7YSvy+uumbMJ02Be/7bu60yUk5O8nngpmebzQLEDAOyp1/HTcNk8VO +zyKsQfWOsCvupAvPpdlaTfXanJQa0kOBjos1B/hoc4lQg3UwpSxUbmAml8MZfWgs +QOexENXh3kGQBHTQS7fObCx8P96BLgOvCzq/wo7dUf4cugfg0RQSVI6yQNUIesRq +NSDHTRAKy6hWieW3itZRs/DCD9e/aesDAIGaFlxOWb5wl0mHHbYw2IhgK/RbSY7K +kt24SPEom7rc7dD/ToG2qNv/5uUujSQdjQu0WE+5JVVOaYsKWkWTcdKVURhhRJQt +FmBA+CQyC/gUmrPvjfWFk9LpbFi/5cFWaqWQpMjz0pQPyKcLRNNotYMaPWpxqIpt +0sBtVBZSVHv1emyMkYccxgP49lfHpzWIdILZwKJyJ6PPtojV3lrcXc53ILsOTGi7 +iSSQDEmxwJ6hT0lzrJ0bGnTidO4pN6VqtpQUt3HsODtivodxfkGskuSMkPVunZLG +4OIsdco/mdKpEEc6g2+dQnYl2tYFZ8w/l0gEakLbkFVIvsYdzCJpR39OJgRWE+YD +aWWitak50L30tu5gXcIMw4+79s0gqUBBxYRo79bx31uV1fPcj+ajovLQD9o5lwfY +TdPIaNPmQh6oyz9CVzTovUgsHP8Ji0Yepma09p89Ov1NFPlawsGUBBMBCAA+AhsD +BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUF +AmHSMvMFCQb/66YACgkQH5sOkJrzcoVQXQ//bVDypVzLbR1pbJKy0ZrxxHzJQVBI +6Ji2f4NsByIGV75Eci+cFyaR3JGZE021CHCDpzfBevxffz+Oyikftzb2/2Qq8GgF +MTj3lLzkgq5py7H/498vyK1JmwXroQ8RX0X3iwAZncT5U5QI+GYZA9SkJe3ETFIn +fkqZUdYXR0ZH3kt5ci+PxnwmD+HXAJUx/MWAX74Hi2/i+fkirpQ2tE0Kbo484Biy +WTtfebajNLv97Sw/8TpGKgcLJKgBL0aY5QQoJ8dE8YQn8LNRDFk79YyZRHrXGpOs +TpzEsQZD2ZS8YC3LmyWKhm/1lzYbKs1mlVbkodU6kkaJn8p19s5bI79gajjnoMm3 +Yh7q/Fp3nC2HpIpxWKnKqMdok/u+McivV7ue4VfRrKV7mXJ/0XUtcc8KYehDlDpn +nbqETUkQPU/DGpUIxB3BR3ihEZJ6EpIkysXfgfpBPNvPpjnaV7+uPFgAzlst44FL +RqQH0gI7IsBLABrgX+yioF1zQzOkp8iI8PJkuBmxeA1Q/M68VIIF4Wma3ej677M2 +ATdwX5cFqgrhvbwiBSst67YJjbyehwnl/tRAexV6/lIk4NnTKHPE2domgeAR+uLk +mMO/o/G5Gk1cYbRXG38RM3vDqAAFEznec1pLla9UV6LrugJCHErnxI9Pm9h0njwG +NJWpgz1NDMLlyvLCwZQEEwEIAD4WIQQxdu99sjZ/H8pPMGsfmw6QmvNyhQUCXNRw +TQIbAwUJAeEzgAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAfmw6QmvNyhVgV +EACqcR2lm9HDyjUy+ChqGicRBDQqg0rZDohBPWICUWDjeGx/ZDouPU3yBoKWu3Lk +0ouIPF0VshDOfab8H4UlV+06WcIEsYhV7zrUUPszCDrVsZt+2XSKsSBpdPaoBIVr +0UxbN8ls/sS6TBNaN/1wdmTOqUXr62lwoF/cu+K4BzaRT5yaKs0SYb0mcqg4MSmt +RPAWjlwZBvHwFZYyhaQap060uV5OGizfwZ3QLFldMtsSM5juQAok4Wod1OCOHYY+ +RahRaj/Z5bPgYE3ycM84G2j9N7nJu6MJLyyt2mOW49jjkgeKJ7aPledvuuyt3EJ0 +GQiJSQgjLXG/6wjmN+XmBJkcydalpMRxk/Yt6N7VHfet46vP8mC/jNbtUb5wFSGr +RJcyZP0elzvO6VhSh1mlRoqEUHKkb1CFVCYGorfGdUuiRhTXKwPcjIqe1ZJQaIKy +KOcy2CoItLNkcCNHtTloN5378Y6hO+IP3BIyRtlBcD3v9RIYsQj2Tu9Vnluk/Awb +wLkmOnC6wAsDmmmhK6y0AVn3FpAZ7m17DpFiIlNpumNkjaULfEKFL2PPHB8VbYi1 +V1IAG69X+91JKxzTU83s+B2Rz8hei2jNbtYbj/E/VsiatOucOf9Yj8g0tnS4Xfjh +a2VPXQQShBT2uhm+hF6esBappDgjoh9/AGEKD4Jhx47vLsJdBBMRAgAdFiEEPX6V +nYn6z+44NxkhsAvGakAaFgAFAlzUc5cACgkQsAvGakAaFgDDFgCeI8k57LnZmSnL +ZQs1lekucx9ThxwAoJG2olyQ+9IETr2/xcgX2Ka/FfT1zsFNBFzUck0BEADgwnBJ +BHWBnKwHhEJLYei4PMImRJSjoiYZi1EmiCT3u9+qEW/IOy+VJPyf2OyLM9RoLzMr +CRmYi41eFZryWsenpzHQVP28KbMHP+mdJOTyvX9Lt8Ohxa/m+ZG0vjhXLDBsRFmh +EFDV14As8NcI1GivnpyNxTFDDWbmxDMw7zTSkjH8dqeB/Z/HTXWu0pdOrhXb85iZ +MsOZDUzmbKwBQTAOX7zPtmi4zheP49VXHGn3fNgvUb6QuzSQNtAKS7C2qPlIMug/ +vYyXRNM4dnC9aGYdjwXuEyNYLN131lqG6q98xxPRsbdnzDqTgPCZqk2dZq033Ad2 +zhNbhynycxXDpxQsRn4PQfKBgpr+IdNEP4UevaOueaVLSwtvcvXcqMYtrzSYIcNu +0tnbDDZRxhgKM+3TkpZc107qowq6+SSPzWbg6hUY7vxKzDAgvYhn5Oin59sARfo0 +KkSAM1H8/ozYxdNGySqIQFewcjjLDpQnI2x/ZAU8nk0hltEzj+KmkJdJJI3becen +tmrdODySLO0fidrCmzhiuk8HLodDQ9apY+54fWwDDUws33yE4DtX5Y2/1nUvwDNp +il6dRknAVGdc3OvIe+WAnsGR9SMSy4HruP/Yf+OZSCFtOSloe4MtP+qdyfx0vDg/ +mLffZxE8r+zSeB5IAp0BSbwUhdbeWGd+UpWCCwARAQABwsOyBBgBCAAmAhsCFiEE +MXbvfbI2fx/KTzBrH5sOkJrzcoUFAmWYIgoFCQyGFr0CQMF0IAQZAQgAHRYhBMuN +5wqQz79sO/XMVpYmKs/7067GBQJc1HJNAAoJEJYmKs/7067G2s8QAIP/MH/Xzbuh +z7uO+6FFNS7kk00zQImC1Y0yYyeyy2UWsSD4HUdE05CoJCMSwHXpTNzDs/aackTs +KivEINYPvTwbEGPMPqv9MVD78T46iwSuA+Qg32CDLAjubby8Q55DXYS/q40CZaLz +g7OQT8IH03ewxzrtpdLrnXnYN1ktwBFokv5ZsxB5BhEJfbEHEqdoNk2STQv5p/Ik +rc5C/hefHSKXV4cJRYoPkrdnr0ZHyevB5iGuR9zMxmkLD+NyIqqVqxjWQNjLoEdY ++xKnezHiIZvGb6nH55DosZY5/IHgLUJsLFcYNfLFSVdAzF0py+A5nY0PJarlZptO +i22tSsSXX5EKWHLTZUUcs1uBrmydVFMsT3ZC+8pHxLyKGn+f+89jdUCzidQ+545O +YnNTzxTjGytG9Y/KEVDYUWAm9OSSLJjDpt4RDVF6yte8cHJfdC9Ypazet2Z2GMtG +a6g6dv7NhDF+JCEhnMraPaLHbWnABP47AJZ1cRvYfE2lyHBzfKWyWJ56BWH9Sf7p +6DwehqIAo0erPAcnBDcbrfrHaSnFLvW9UpIGAGvBMXZqAoZNNsXqq7OMHRt9rWZX +OGkeGAINnwlQIT3ffKMounUS9xzLM0kZdf7BS7K5+5gcjJPh1b1yvBYApioBAXbn +aTmqvdwr03FLnoGi5/0671t0iUGSqbF4CRAfmw6QmvNyhZ1ND/42zg+uIvWKjbpy +lkq7sIymXCQmfnEjKhX60UkduuCZntyx2jVCAsfIjQsID+8jDbZcKtPT2K3xqdBi +RvP/ckdACcy2wk5kjyPqP+IhOiY1VxlkvffhjEPQ0H5oUkRmK8hr04K8VTmBAKAh +vOKjU8/oO3Y+jMpHre//qG/SSndJWWSdYtFOQrcLBu1iE+Z+Ss30clXPLP7oltSZ +M+TbwBqeezO6Y9IDt8gx4gqamCRN4OyjM3q2VyoEPNGSzSRCUczOEaTm6kJ+BZ/t +qKpMX5yVVIzJOJctb7fGM34BAefiAdEHxu4ChZo9X4nm9kXzFTpUvrLd97B8BGRg +uZk3LlKnfRq1oG7ks9U8/rU8xvSCySEAP+1gQLWhO4JJft5ZJgQD8YaNSQA1dtHL +VYvxi4O5yQrlT0Ue6mRve1kW1+7D9mnPmt/5HOMEA+sC0IORQJAPlaDYX8p9U+tH +EoInW9r7bULqeDCZAqCEOIhyMxSmz2+d+LEE6FNTaGD7Chicqc46SD7RMPvMk87S +BX2zf1bkH/Z90N8imuerp2Tm0ldyohVS2fGWpRqbVwwEqSCpJdDEvC8xQ6MUEfoz +FeYnBbc5UFk34ZhcWxWcO0Jwc2psQYSJAwiH6GEFutK1z4+JEJq52SJnXWW3HXWe +MR1XtVtsbF6m6zeZNC7FXFTUYV1LeMLDsgQYAQgAJgIbAhYhBDF2732yNn8fyk8w +ax+bDpCa83KFBQJjxyuUBQkI0+zDAkDBdCAEGQEIAB0WIQTLjecKkM+/bDv1zFaW +JirP+9OuxgUCXNRyTQAKCRCWJirP+9OuxtrPEACD/zB/1827oc+7jvuhRTUu5JNN +M0CJgtWNMmMnsstlFrEg+B1HRNOQqCQjEsB16Uzcw7P2mnJE7CorxCDWD708GxBj +zD6r/TFQ+/E+OosErgPkIN9ggywI7m28vEOeQ12Ev6uNAmWi84OzkE/CB9N3sMc6 +7aXS65152DdZLcARaJL+WbMQeQYRCX2xBxKnaDZNkk0L+afyJK3OQv4Xnx0il1eH +CUWKD5K3Z69GR8nrweYhrkfczMZpCw/jciKqlasY1kDYy6BHWPsSp3sx4iGbxm+p +x+eQ6LGWOfyB4C1CbCxXGDXyxUlXQMxdKcvgOZ2NDyWq5WabTottrUrEl1+RClhy +02VFHLNbga5snVRTLE92QvvKR8S8ihp/n/vPY3VAs4nUPueOTmJzU88U4xsrRvWP +yhFQ2FFgJvTkkiyYw6beEQ1ResrXvHByX3QvWKWs3rdmdhjLRmuoOnb+zYQxfiQh +IZzK2j2ix21pwAT+OwCWdXEb2HxNpchwc3ylslieegVh/Un+6eg8HoaiAKNHqzwH +JwQ3G636x2kpxS71vVKSBgBrwTF2agKGTTbF6quzjB0bfa1mVzhpHhgCDZ8JUCE9 +33yjKLp1EvccyzNJGXX+wUuyufuYHIyT4dW9crwWAKYqAQF252k5qr3cK9NxS56B +ouf9Ou9bdIlBkqmxeAkQH5sOkJrzcoWCNg/+M45NZDXoiYrEBtAYuhK2uVTeSwMS ++ATc63UEeQf6MtlYizt/84D1Iz2PxpipwdP5QKCICKoOhTVrER/YB5+lCL7m3kqW +WDja8dPdUguRYhvLouV1hnNFw8oN2KzZhfvxaVEKlw3qmhlNwDHnPoyy+PQzdR1y +COyEGCq1pral/Ckan6mZSHe2XPgqqn7BOuihSzK24EsT+m9IThyC3zePVO7RtTBB +Cl9oWt+oZZt71EZtJE2ovE+orJpyRK6Ya/OY6NdSvONvbn9EBtZnMLXFVBPT8Tsd +tBI212LxoT03GCwRV8f2Jce7E46QokyoeSuYWjKsVKFiyMPw6YcJ6zdawRUWC27p +5xQ+8BysOfdJMLlDvUaSh7uyVtPy8EQmgQ0BEKjVsqXzPOAiI2K4pDirsP9ygJME +RvDjlAVUlX5igOpZRumJtscLg7H2F4ejWqSOdceMSxM3JSn1U3avhopVetZ2ZvZ5 +z4sXQu3xJlJygtyv84/htedwdyiSpOHjfTgDubIleRJmqJWOyx2SS2zgo8qQwCjZ +bHfRmNoENOjihGbaIretcUjotLgKVQEbXQmXA+j3wOST3LNDEK8gwgYBL89MKbWi +zHLuRlYOmIlvjAYGrQFmILLbeT/tOR6qQL/nXPtTiYZkBF9Aj3nDDAfEtRGAnMmy +6HwbuCRNwcvTWSTCw7IEGAEIACYCGwIWIQQxdu99sjZ/H8pPMGsfmw6QmvNyhQUC +YdIzLgUJBv/p4QJAwXQgBBkBCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAlzU +ck0ACgkQliYqz/vTrsbazxAAg/8wf9fNu6HPu477oUU1LuSTTTNAiYLVjTJjJ7LL +ZRaxIPgdR0TTkKgkIxLAdelM3MOz9ppyROwqK8Qg1g+9PBsQY8w+q/0xUPvxPjqL +BK4D5CDfYIMsCO5tvLxDnkNdhL+rjQJlovODs5BPwgfTd7DHOu2l0uudedg3WS3A +EWiS/lmzEHkGEQl9sQcSp2g2TZJNC/mn8iStzkL+F58dIpdXhwlFig+St2evRkfJ +68HmIa5H3MzGaQsP43IiqpWrGNZA2MugR1j7Eqd7MeIhm8ZvqcfnkOixljn8geAt +QmwsVxg18sVJV0DMXSnL4DmdjQ8lquVmm06Lba1KxJdfkQpYctNlRRyzW4GubJ1U +UyxPdkL7ykfEvIoaf5/7z2N1QLOJ1D7njk5ic1PPFOMbK0b1j8oRUNhRYCb05JIs +mMOm3hENUXrK17xwcl90L1ilrN63ZnYYy0ZrqDp2/s2EMX4kISGcyto9osdtacAE +/jsAlnVxG9h8TaXIcHN8pbJYnnoFYf1J/unoPB6GogCjR6s8BycENxut+sdpKcUu +9b1SkgYAa8ExdmoChk02xeqrs4wdG32tZlc4aR4YAg2fCVAhPd98oyi6dRL3HMsz +SRl1/sFLsrn7mByMk+HVvXK8FgCmKgEBdudpOaq93CvTcUuegaLn/TrvW3SJQZKp +sXgJEB+bDpCa83KFsXUP/2EnRVBTcGNoFUlMpix9my9IMvGCoYcV3PlPPIucZqmy +FH1ky+jKNRlTKW6lim+dsrHrKnFkQ/swv6dZnjkph0tKxqpcc3yYIieUPoy9ypdd +xy5Q199yBBceGU/+UTYMWqVgOOELXeblTICoV+GTveQ9DkxpRf2U9kJ8Vhb5hUA4 +mUC2Wez99ucljwQl72ayP7RoDIQ12GrrX5fFQi+1mnwqJPu8y2AUeCSC7DzzyfgZ +C9hJD8O8KeH03XCefoSfxAO4HH9Er1UN9TSFSzsIftK/G4cW8Xoqh7S/5tLaRk7/ +dCGctmEM06SbacwiZFgYP7xAkYgg55tGX8ULxVQI4KpjXP3RLaw5a3RUUm9Sg7+b +QgU1jB0qxq2LuXpPMWmapiX6uWx8PJrWJ21XNnHmcszwStyTWCYMaH1Zcdqy5bWe +9oklIKVBus8k2Iu0Rk34hmPgaB3TG/wyOraUnNZewccxFc9mls5o1v48lrm4ZERW +9djwUIj/eCU5Z3fbubdk32R5E9NvMlcxcE+5SHKFJd0H2cVZPnhI5G90P/eQFAkm +GhpGtpSQ9AmH9rP+K/GB1Jj4GM2u3IDwMgdsJhTGUfJh1UW6phBx6x5WMN/nrylF +v7U7spggFfStlK3AmKy6zR3xlugmmmKc65XCTl/KG7wunG5VutE9BCxlviVKeE5e +wsOyBBgBCAAmFiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUFAlzUck0CGwIFCQHhM4AC +QAkQH5sOkJrzcoXBdCAEGQEIAB0WIQTLjecKkM+/bDv1zFaWJirP+9OuxgUCXNRy +TQAKCRCWJirP+9OuxtrPEACD/zB/1827oc+7jvuhRTUu5JNNM0CJgtWNMmMnsstl +FrEg+B1HRNOQqCQjEsB16Uzcw7P2mnJE7CorxCDWD708GxBjzD6r/TFQ+/E+OosE +rgPkIN9ggywI7m28vEOeQ12Ev6uNAmWi84OzkE/CB9N3sMc67aXS65152DdZLcAR +aJL+WbMQeQYRCX2xBxKnaDZNkk0L+afyJK3OQv4Xnx0il1eHCUWKD5K3Z69GR8nr +weYhrkfczMZpCw/jciKqlasY1kDYy6BHWPsSp3sx4iGbxm+px+eQ6LGWOfyB4C1C +bCxXGDXyxUlXQMxdKcvgOZ2NDyWq5WabTottrUrEl1+RClhy02VFHLNbga5snVRT +LE92QvvKR8S8ihp/n/vPY3VAs4nUPueOTmJzU88U4xsrRvWPyhFQ2FFgJvTkkiyY +w6beEQ1ResrXvHByX3QvWKWs3rdmdhjLRmuoOnb+zYQxfiQhIZzK2j2ix21pwAT+ +OwCWdXEb2HxNpchwc3ylslieegVh/Un+6eg8HoaiAKNHqzwHJwQ3G636x2kpxS71 +vVKSBgBrwTF2agKGTTbF6quzjB0bfa1mVzhpHhgCDZ8JUCE933yjKLp1EvccyzNJ +GXX+wUuyufuYHIyT4dW9crwWAKYqAQF252k5qr3cK9NxS56Bouf9Ou9bdIlBkqmx +eKcnD/4+1HUg5cKrfSTXZNsuOU7AnlybWpU7Jl8YdxfeuCCe+I5W3jTYqljpCRGW +BAHtE3udB37JXKSn8yH70JzXQDWL9+G1wqk5iwkvtmKqAapzJFuZ9lYNlNGYDxI9 +foTq99f+OheFnT3nUm8IA9N0MwjGCIJ5501HM+NO8WylVoy0Y+erxbyQGC2Ey7Yj +VZSuCTZo3BuYiSCP8Bmd9qHxCJmBGQgbtA/2QBcLZ8o/z9w0U39Iwsei8oacZncV +TIFnBDsU3E25M1eyQ8VdcAqLL7v3UFOi+20zBBs+g8jBBdzXUVhp+RAsXldo8i/q +tdD4/90UXT7FBXmImGtzOVmza23v7Dyq7P/ZueEAqhr7vtW97UQ7+YkXDa4rHi4H +rGJClrdxixEyCTPrD++SvwxAud3hAUKZF9hOb0fD9A7cn63EERVgaJGAi7p9Oqqb +qni8JOssQF6TeCUFP+X3nR4+iy8EX4scfN6LUB6/mnhoRVZ3GNEzPAZi9PGe8RqW +JqUMtrBVUPVxcwAgfijPmmMIXIUyZk5ysTQeT3eJVd3R3yxORfaHSD5kuHnXWwsp +/yYltsLI/hBtVa8N7XZdzZ9JDT8fIWj5515DsfunTtksrObpRdiq4lxAoYqiboI+ +L1BCHwvaTy9ghXhhpgnym0DJk2bmucRair96apTzdYoszd7iLM7BTQRc1HBNARAA +6EzAcDoXEON3EsOc9hln8dEIHeP4Wfmz5z+qIrcnngbjJg/3XzvUWMN4XukOyZxB +GALPSToZ5k7MU6SkJMaDpow+Q6IGj3fU6pyTOGUAKctILNHlvZsgtNpQad/i3jUP +r60IUrZ18kF1DTJh8HeVrySD1ru+2eVoz1Q7ROv6j01g5bKxQBrl/FL2NIXYLOB5 +nqT1ZrRuP3S7w31x+waswHsXpNU8bhN/sZsK+AzBoF9JArviFdVZ3TCNNbRUYinF +F8Bi50nIH/Z1rms6wxaHmER7p1KHARDW0keeO4EgkjVRlLJW0WoyPw3Kx+0Pv5Wt +3o3cWnm6ZTNzq1WJqD67qzxDxPEJcxpLChW0FXUcduoqILPB3hc3Ad+/+HRWuAzR +JethWYfBSQtQ106UApZFnsTFpMzHSg1orCOvcWFXtbm61/qRD2Ux9LyBXR0kzWdm +nRmSCL+iO4h5yoFBcnBOnVhCjVCYkczSwpO7qk46VPGLNpPgCTR61B/1IuKeW0x5 +gR0KgVq9aRZcgg/hgz3h+4PkSRzTdvaKIIwpU41Kvh0poA8US1Xe4UihL9XAblBD +yYSFlkf3KY55Sub5i+WMVJ+nVMOn10aJg0oLHnZmPvAKGqzDNURUVOoYRmqxi3K6 +4NAzQmFfpMZPvnOayqImEEaXqeKAat1pEKda9a/SfR0AEQEAAcLBfAQYAQgAJgIb +DBYhBDF2732yNn8fyk8wax+bDpCa83KFBQJlmCIKBQkMhhi9AAoJEB+bDpCa83KF +43IP/24REKNHAnMFoXt46XrhGq3buZguAkpT14D7jGK3lkQBM8CVO4htuqnR51hA +ujal4w6AAANaZJi6M5NQrv57T+EejsyOvZHBtOco60qsbu2Ph6apJDiVrQsaQngn +VGhEc8tDD5UM5LtceSJ1fBThEnPPbSdkZdV8IeZu807OipuFQLfpKHp040VzJQ0u +TfRysAGHq8ZWopEv0ozYDcIfdFT2t4tviSEqBNSUNa3SD2K1TlXquKHZ3ISQCkO3 +Q44/eSzLBMKok0FKdViilWfUiWQQZsIoR94A0m14NCm7c/lGQK7yl++Ric52KT4V +uZ+Y0K197ruWaBPS7N18xHNH0/P7bhOSGu7PGW3fSbXif7xAfB9moICR50GLIbe9 +/iC466eu2fpGB55dkd8oGDL/GGyCD9EmkNSSgZ4YNKt2fR6VFtJdzntZrK2ichrY +uyGXQ9UiJNtAUM60eF4CmJX99nfStc2VZXXNSy6D/fNkWbMgJz7uINL0jFICihXo +kwAiaO+y364WOSzk/NQPZcIZ/fnPZPKnWIReQfMdPAHr4pVS7fYv5AMFonR3fUSe +jroXeIyZB6Dgt/v13sOBQ61GFt0n75sX2wSlc8NvkXLG3xpwqPZ7Js8Tadc7HK3R +7ksCpRwz+rJHn6sEvVZSx6+S5EzTw7TNWqDeczsmR+YPYRvewsF8BBgBCAAmAhsM +FiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUFAmPHK5AFCQjT7sMACgkQH5sOkJrzcoUX +Xg/9Hz4S2vwSa15mrrW3syDWt0aZ10loLNi3kL9ZJ4Q95Mj64JKR7qAkzfQ3Q7mw +ini/2tdDeMg8kg4yQ+eOCAYhySE3eiE0ThaFlUYXnCSNVSgOyT6YtAs6Fjx3rNxS +9+J5E3zbyBwO8TpWvkT2jr7lKU5XZp0L1RQuKN0DB3i1tg0cgJLbdFkLr72lQoDY +QTVMaiv3Iu/mdgAk4mCSnR9URFNxCbLYWUBLhH1KtCACbDhXXSfVnGUVc0b/jVTn +HsHm+D2c0tn9krZ9ONZ9J22aIZQQg80xxSz66kW0bWnzhdAge/3T0joeegZLyROE +TrBFbLW+Rcit0SX6G+mCg1J3FALIsEtB9nG9a5Tum+bML021wiTH+MVLH0GP1ckt +DZH/zNuR6CtxLsrw2vgLsRd1QGiB9LN96sKYBQHF4Ys79V54ASBVBTK77vxcW4dI +d2ZPxi0LU57jL3mJf6SQBVA1s0/HNaNc7rtueilYqcIkU6wpYtbtV5+G7MHv3RwX +mRdA1kYbc3EM/YfjEjK2bGCKRrK4cpjr8BIfxP/H6mioTtLZqVb5O3ui7kA11GS4 +fWXurGLMWOVPmcVAUm/lZ86I5rX9p9V45Z1ViOkGIKGfq5QqZvxdDRpv+hftpOrW +eICB/FZB9FhkS3WS2EKHaqcWk5lKtpRgPcsVD4Zk1Tlmi6DCwXsEGAEIACYCGwwW +IQQxdu99sjZ/H8pPMGsfmw6QmvNyhQUCYdIzCwUJBv/rvgAKCRAfmw6QmvNyhXK5 +D/jBMCAdoJVW9ai4tKgNac3sxFjrtnLPo6lEzB4AXnltkC1VwULeDL+O3IueYCt7 +kyRr9vvogG/y/e8kpVIGvH8TcZd71EvUkM7Df9X88I5bPrA78MpWAEQGE1RxsFLQ +VppzAOeiXVTXy/nwS/8LKP28W5FNFH0M9qYmvTjeS0YYwxr7DJU526B0JGiis4kX +l81tYnd2H46cx1qjSMmWMV0dPWMbUG5gs3HtU4u5DpBgn7a+klihpmtxebWNV2vO +3TCqYJps+WbvDPHpUsHFpW+wYvE0VosB9jYKzhOS94aGz4Yl7fTZq/tF4atBReoe +ESJi6RJWpvNmdSQPYrJu3BAGWnYTuniW9xhHhSYnCSrH3WfZSermU6XiAmKtZB5X +w4HyjuJgKjUDjzVDOvpTQVcnpkBXkOdw0dIZDk61cq81p/R6bmxEGsIkMHNpxRfA +1PNwjypgioLF2Cyq5kB3IVc8KdpW4O3XaVSiMfvXlkvpQJmCPtxup8IqUmgL+ILT +qLJaHOhpbb6bsikTDekUC9DIV58xQ5HuHI0qaTrDyZsG8CK6f+OwxKbXJh5QDFar +M5YrOIHaOaBSICQtCgCBH/Jp388LOm8rTDqSHAQxp9ZjQafyLBaGHlHR2rvnztfV +1LHS+9Pvven6J3Fj4r5hztJXuKUrOZ/BsLw8c7DnOI0UwsF8BBgBCAAmFiEEMXbv +fbI2fx/KTzBrH5sOkJrzcoUFAlzUcE0CGwwFCQHhM4AACgkQH5sOkJrzcoUMYw/+ +P8uPNx1N+IdYdzoTsRQzeo9Z/yhtIvsW3iXvvHS9QZ/YbelByeBMjVIgxNMsAqRe +F3qo+oJU+YzqQcrojPAVycxEWgzKgf9tWdmRSzQ3JTcM+Dc5RzUi6e9yDbucd1k8 +sVG/x7L+pLI2IgQm7eHPIEhQ7RkN061TCSqfOeuuL4ilOgPuBahgzQIL8B6uj85o +LbRzp1TWzjPCYCOp/NvQ2qK/cIOuu8XSneDp+fsEDIfGdhtLtldLyc9ARjSqn7IL +QJHeNx5cLC/0LU+FCJJ+qI8FMvsKCU7PTZZIDFjsYieHdWK0zauu4pxpyktV+OJm +YUfhJQLKz/tzVKf6klN+Ko7/axXi+63F+7dDTENiZx/sMr0E3ttnTWbezNNf/7kh +5/SSlj57lmt9xEdQ4DMD91d5bywSt/5i8JT0fKL97mJa9uFoyD0fAwDftwR+EGZX +AYE5Lqe4UeftMWhmsI2cVYSl9Qlj75NOGE1pUqXPmfc9cREUImV9m1d/T3twklEm +eIGgDaN19CpIkCBcCttk/FFbSiEh+CP6We+o3AHbu2t2coqnELqTo/WTRBnUw/e0 +NFrP+TRatWLhLGmzvz9HMDsj2cBHWi9VTHxPDYj2u7rhLLLJi5oDYzmdCziQzMDc +/eh4U7233VvL9387WWP0e0ZgSfnEvNvjQ7JN94NLJOk= +=2AOW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/expat.spec b/expat.spec new file mode 100644 index 0000000..4e6e587 --- /dev/null +++ b/expat.spec @@ -0,0 +1,118 @@ +# +# spec file for package expat +# +# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2024 Andreas Stieger +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%global unversion 2_6_4 +%define sover 1 +Name: expat +Version: 2.6.4 +Release: 0 +Summary: XML Parser Toolkit +License: MIT +Group: Development/Libraries/C and C++ +URL: https://libexpat.github.io +Source0: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz +Source1: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz.asc +Source2: baselibs.conf +Source3: %{name}faq.html +# https://www.gentoo.org/inside-gentoo/developers/index.html#sping +# https://github.com/libexpat/libexpat/issues/537#issuecomment-1003796884 +Source4: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3176ef7db2367f1fca4f306b1f9b0e909af37285#/expat.keyring +BuildRequires: c++_compiler +BuildRequires: pkgconfig + +%description +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +%package -n libexpat%{sover} +Summary: XML Parser Toolkit +Group: System/Libraries + +%description -n libexpat%{sover} +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +%package -n libexpat-devel +Summary: Development files for expat, an XML parser toolkit +Group: Development/Libraries/C and C++ +Requires: glibc-devel +Requires: libexpat%{sover} = %{version} + +%description -n libexpat-devel +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +This package contains the development headers for the library found +in libexpat. + +%prep +%autosetup -p1 +cp %{SOURCE3} . + +%build +%configure \ + --disable-silent-rules \ + --docdir="%{_docdir}/%{name}" \ + --disable-static \ + --without-docbook + +%if 0%{?do_profiling} + %make_build CFLAGS="%{optflags} %{cflags_profile_generate}" LDFLAGS="%{optflags} %{cflags_profile_generate}" + %make_build CFLAGS="%{optflags} %{cflags_profile_generate}" LDFLAGS="%{optflags} %{cflags_profile_generate}" check + %make_build clean + %make_build CFLAGS="%{optflags} %{cflags_profile_feedback}" +%else + %make_build CFLAGS="%{optflags}" +%endif + +%check +%make_build check + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print + +%ldconfig_scriptlets -n libexpat%{sover} + +%files +%license COPYING +%doc AUTHORS README.md expatfaq.html +%doc doc/reference.html doc/*.css +%doc examples/*.c examples/Makefile.am examples/Makefile.in +%doc changelog +%{_bindir}/xmlwf +%{_mandir}/man1/xmlwf.1%{?ext_man} + +%files -n libexpat1 +%license COPYING +%{_libdir}/libexpat.so.%{sover} +%{_libdir}/libexpat.so.%{sover}.* + +%files -n libexpat-devel +%license COPYING +%{_includedir}/* +%{_libdir}/libexpat.so +%{_libdir}/pkgconfig/expat.pc +%dir %{_libdir}/cmake +%{_libdir}/cmake/expat-%{version} + +%changelog diff --git a/expatfaq.html b/expatfaq.html new file mode 100644 index 0000000..af7555f --- /dev/null +++ b/expatfaq.html @@ -0,0 +1,100 @@ + + + + + + +expat FAQ + + + +

Frequently Asked Questions about Expat

+ +

Where can I get help in using expat?

+ +

Try the xml-dev mailing list (subscribe by mailing to majordomo@xml.org +with the message subscribe xml-dev). Alternatively try +the mailing lists hosted by sourceforge.net.

+ +

Where is expat's API documented?

+ +

In xmlparse/xmlparse.h. There's also an advanced, +low-level API you can use which is documented in +xmltok/xmltok.h.

+ +

There's also an excellent article +about expat on XML.com by Clark Cooper.

+ +

Is there a simple example of using expat's API?

+ +

See sample/elements.c

+ +

How can I get expat to deal with non-ASCII characters?

+ +

By default, expat assumes that documents are encoded in UTF-8. In +UTF-8, ASCII characters are represented by a single byte as they would +be in ASCII, but non-ASCII characters are represented by a sequence of +two or more bytes all with the 8th bit set. The encoding most widely +used for European languages is ISO 8859-1 which is not compatible with +UTF-8. To use this encoding, expat must be told either by supplying +an argument of "iso-8859-1" to +XML_ParserCreate, or by starting the document with +<?xml version="1.0" encoding="iso-8859-1"?>.

+ +

What encodings does expat support?

+ +

expat has built in support for the following encodings:

+ +
    +
  • utf-8
    • +
  • utf-16
    • +
  • iso-8859-1
    • +
  • us-ascii
    • +
+ +

Additional encodings can be supported by using +XML_SetUnknownEncodingHandler.

+ +

How can I get expat to validate my XML documents?

+ +

You can't. expat is not a validating parser.

+ +

How can I get expat to read my DTD?

+ +

Compile with -DXML_DTD and call +XML_SetParamEntityParsing.

+ +

How can I get expat to recover from errors?

+ +

You can't. All well-formedness errors stop processing. Note that +the XML Recommendation does not permit conforming XML processors to +continue normal processing after a fatal error.

+ +

How do I get at the characters between tags?

+ +

Use XML_SetCharacterDataHandler.

+ +

How can I minimize the size of expat?

+ +

Compile with -DXML_MIN_SIZE. With Visual C++, use the +Win32 MinSize configuration: this creates an +xmlparse.dll that does not require +xmltok.dll.

+ +
+ +James Clark + +
+ + + +