pool/expat
SHA256
12
0
Fork 3
Code Issues Pull Requests Activity

Accepting request 713044 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937)
  * Security fixes:
    - CVE-2018-20843 - Fix extraction of namespace prefixes from
      XML names; XML names with multiple colons could end up in
      the wrong namespace, and take a high amount of RAM and CPU
      resources while processing, opening the door to use for
      denial-of-service attacks
  * Other changes:
    - Autotools/CMake: Utilize -fvisibility=hidden to stop
      exporting non-API symbols
    - Autotools: Add --without-examples and --without-tests
    - Autotools: Modernize configure.ac
    - Autotools: Fix check for -fvisibility=hidden for Clang
    - Autotools: Fix compilation for lack of docbook2x-man
    - CMake: Make libdir of pkgconfig expat.pc support multilib
    - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR
    - Remove fallback to bcopy, assume that memmove(3) exists
- Use docbook2x to build the man pages
- Removed expat-2.2.6-fix-make-clean.patch

OBS-URL: https://build.opensuse.org/request/show/713044
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=75
This commit is contained in:
Tomáš Chvátal
2019-07-02 11:47:21 +00:00
committed by Git OBS Bridge
parent 071322d184
commit ce7df1b42a
7 changed files with 44 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
expat.changes
View File

@@ -1,3 +1,26 @@
-------------------------------------------------------------------
Tue Jul 2 10:33:51 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937)
* Security fixes:
- CVE-2018-20843 - Fix extraction of namespace prefixes from
XML names; XML names with multiple colons could end up in
the wrong namespace, and take a high amount of RAM and CPU
resources while processing, opening the door to use for
denial-of-service attacks
* Other changes:
- Autotools/CMake: Utilize -fvisibility=hidden to stop
exporting non-API symbols
- Autotools: Add --without-examples and --without-tests
- Autotools: Modernize configure.ac
- Autotools: Fix check for -fvisibility=hidden for Clang
- Autotools: Fix compilation for lack of docbook2x-man
- CMake: Make libdir of pkgconfig expat.pc support multilib
- CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR
- Remove fallback to bcopy, assume that memmove(3) exists
- Use docbook2x to build the man pages
- Removed expat-2.2.6-fix-make-clean.patch
-------------------------------------------------------------------
Thu Feb 7 10:45:14 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com>