SHA256
1
0
forked from pool/expat
Commit Graph

62 Commits

Author SHA256 Message Date
aadd52c635 Accepting request 956174 from home:david.anes:branches:devel:libraries:c_c++
- update to 2.4.6 (bsc#1196168, CVE-2022-25313):
  * Bug fixes:
    - Fix a regression introduced by the fix for CVE-2022-25313
      in release 2.4.5 that affects applications that (1)
      call function XML_SetElementDeclHandler and (2) are
      parsing XML that contains nested element declarations
      (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
    - Version info bumped from 9:5:8 to 9:6:8;
      see https://verbump.de/ for what these numbers do.

OBS-URL: https://build.opensuse.org/request/show/956174
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=94
2022-02-21 08:59:54 +00:00
4587d04dec Accepting request 956000 from home:david.anes:branches:devel:libraries:c_c++
- update to 2.4.5 (bsc#1196171, bsc#1196169, bsc#1196168, 
  bsc#1196026, bsc#1196025):
    * Security fixes:
      - CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8
        sequences (e.g. from start tag names) to the XML
        processing application on top of Expat can cause
        arbitrary damage (e.g. code execution) depending
        on how invalid UTF-8 is handled inside the XML
        processor; validation was not their job but Expat's.
        Exploits with code execution are known to exist.
      - CVE-2022-25236 -- Passing (one or more) namespace separator
        characters in "xmlns[:prefix]" attribute values
        made Expat send malformed tag names to the XML
        processor on top of Expat which can cause
        arbitrary damage (e.g. code execution) depending
        on such unexpectable cases are handled inside the XML
        processor; validation was not their job but Expat's.
        Exploits with code execution are known to exist.
      - CVE-2022-25313 -- Fix stack exhaustion in doctype parsing
        that could be triggered by e.g. a 2 megabytes
        file with a large number of opening braces.
        Expected impact is denial of service or potentially
        arbitrary code execution.
      - CVE-2022-25314 -- Fix integer overflow in function copyString;
        only affects the encoding name parameter at parser creation
        time which is often hardcoded (rather than user input),
        takes a value in the gigabytes to trigger, and a 64-bit
        machine.  Expected impact is denial of service.
      - CVE-2022-25315 -- Fix integer overflow in function storeRawNames;
        needs input in the gigabytes and a 64-bit machine.

OBS-URL: https://build.opensuse.org/request/show/956000
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=93
2022-02-20 16:05:20 +00:00
David Anes
c847592a56 Accepting request 950089 from home:david.anes:branches:devel:libraries:c_c++
- update to 2.4.4 (bsc#1195217, bsc#1195054):
  * Security fixes:
    - CVE-2022-23852 -- Fix signed integer overflow
      (undefined behavior) in function XML_GetBuffer
      that is also called by function XML_Parse internally)
      for when XML_CONTEXT_BYTES is defined to >0 (which is both
      common and default).
      Impact is denial of service or more.
    - CVE-2022-23990 -- Fix unsigned integer overflow in function
      doProlog triggered by large content in element type
      declarations when there is an element declaration handler
      present (from a prior call to XML_SetElementDeclHandler).
      Impact is denial of service or more.
  * Bug fixes:
    - xmlwf: Fix a memory leak on output file opening error
  * Other changes:
    - Version info bumped from 9:3:8 to 9:4:8;
      see https://verbump.de/ for what these numbers do
  * Drop unused file valid-xhtml10.png

OBS-URL: https://build.opensuse.org/request/show/950089
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=92
2022-01-31 06:34:36 +00:00
David Anes
643bc0949b Accepting request 947286 from home:dirkmueller:Factory
- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, 
     bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480):
  * CVE-2021-45960 -- Fix issues with left shifts by >=29 places
    resulting in
       a) realloc acting as free
       b) realloc allocating too few bytes
       c) undefined behavior
    depending on architecture and precise value
    for XML documents with >=2^27+1 prefixed attributes
    on a single XML tag a la
    "<r xmlns:a='[..]' a:a123='[..]' [..] />"
    where XML_ParserCreateNS is used to create the parser
    (which needs argument "-n" when running xmlwf).
    Impact is denial of service, or more.
  * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
    on variable m_groupSize in function doProlog leading
    to realloc acting as free.
    Impact is denial of service or more.
  * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
    near memory allocation at multiple places.  Mitre assigned
    a dedicated CVE for each involved internal C function:
    - CVE-2022-22822 for function addBinding
    - CVE-2022-22823 for function build_model
    - CVE-2022-22824 for function defineAttribute
    - CVE-2022-22825 for function lookup
    - CVE-2022-22826 for function nextScaffoldPart
    - CVE-2022-22827 for function storeAtts
    Impact is denial of service or more.

OBS-URL: https://build.opensuse.org/request/show/947286
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=91
2022-01-18 22:15:40 +00:00
David Anes
9cc5eeea21 Accepting request 942803 from home:dirkmueller:Factory
- update to 2.4.2:
  * Link againgst libm for function "isnan"
  * Include expat_config.h as early as possible
  * Autotools: Include files with release archives:
    - buildconf.sh
    - fuzz/*.c
  * Autotools: Sync CMake templates
  * docs: Document that function XML_GetBuffer may return NULL
    when asking for a buffer of 0 (zero) bytes size
  * docs: Fix return value docs for both
    XML_SetBillionLaughsAttackProtection* functions
  * Version info bumped from 9:1:8 to 9:2:8

OBS-URL: https://build.opensuse.org/request/show/942803
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=90
2021-12-27 16:40:46 +00:00
562a383c04 Accepting request 895213 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 2.4.1:
  * Bug fixes:
    - Autotools: Fix installed header expat_config.h for multilib
      systems; regression introduced in 2.4.0 by pull request #486
  * Other changes:
    - Version info bumped from 9:0:8 to 9:1:8; see
      https://verbump.de/ for what these numbers do

- Update to 2.4.0: [CVE-2013-0340 "Billion Laughs"]
  * Security fixes:
    - CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks
      (denial-of-service; flavors targeting CPU time or RAM or both,
      leveraging general entities or parameter entities or both)
      by tracking and limiting the input amplification factor
      (<amplification> := (<direct> + <indirect>) / <direct>).
      By conservative default, amplification up to a factor of 100.0
      is tolerated and rejection only starts after 8 MiB of output bytes
      (=<direct> + <indirect>) have been processed.
      The fix adds the following to the API:
      - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to
        signals this specific condition.
      - Two new API functions ..
        - XML_SetBillionLaughsAttackProtectionMaximumAmplification and
        - XML_SetBillionLaughsAttackProtectionActivationThreshold
        .. to further tighten billion laughs protection parameters
        when desired.  Please see file "doc/reference.html" for details.
        If you ever need to increase the defaults for non-attack XML
        payload, please file a bug report with libexpat.
      - Two new XML_FEATURE_* constants ..
        - that can be queried using the XML_GetFeatureList function, and

OBS-URL: https://build.opensuse.org/request/show/895213
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=88
2021-05-27 15:19:18 +00:00
5e06527d3a Accepting request 884837 from home:dimstar:Factory
- Do not BuildRequire cmake: expat is part of the distro bootstrap
  cycle and any additional dependency makes the ring larger. In
  this case here, cmake was even only used to own a directory.

OBS-URL: https://build.opensuse.org/request/show/884837
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=86
2021-04-13 09:38:16 +00:00
7c19d517d6 Accepting request 883120 from home:dirkmueller:Factory
- update to 2.3.0:
  * When calling XML_ParseBuffer without a prior successful call to
    XML_GetBuffer as a user, no longer trigger undefined behavior
    (by adding an integer to a NULL pointer) but rather return
    XML_STATUS_ERROR and set the error code to (new) code
    XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
    of Clang 11 (but not Clang 9).
  * xmlwf: Exit status 2 was used for both:
    - malformed input files (documented) and
    - invalid command-line arguments (undocumented).
    case of invalid command-line arguments now
    has its own exit status 4, resolving the ambiguity.
  * Other changes

OBS-URL: https://build.opensuse.org/request/show/883120
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=85
2021-04-06 07:58:20 +00:00
9c43ea35e5 Accepting request 839569 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 2.2.10:
  * Bug fixes:
    - Fix undefined behavior during parsing caused by pointer
      arithmetic with NULL pointers
    - Fix reading uninitialized variable during parsing
    - xmlwf: Add missing check for malloc NULL return
  * Other changes:
    - xmlwf: Document exit codes in xmlwf manpage and exit with code 3
      (rather than code 1) for output errors when used with "-d DIRECTORY"
    - Autotools: Use -Werror while configure tests the compiler for
      supported compile flags to avoid false positives
    - Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, e.g.
      ensure that they have the last word over flags added while
      running ./configure
    - CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis
      on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
    - CMake: Detect and deny unsupported build combinations
      involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
    - CMake: Install pre-compiled shipped xmlwf.1 manpage in case
      of -DEXPAT_BUILD_DOCS=OFF
    - CMake: Fix use of Expat by means of add_subdirectory
    - CMake: Keep expat target name constant at "expat" (i.e. refrain
      from using the target name to control build artifact filenames)
    - CMake: Expose man page compilation as target "xmlwf-manpage"
    - CMake: Introduce option EXPAT_BUILD_PKGCONFIG to control
      generation of pkg-config file "expat.pc"
    - CMake: Add minimalistic support for building binary packages
      with CMake target "package"; based on CPack
    - CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with default
      OFF to build fuzzer code against OSS-Fuzz and related

OBS-URL: https://build.opensuse.org/request/show/839569
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=83
2020-10-06 08:43:00 +00:00
59464404a0 Accepting request 752487 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Version update to 2.2.9
  * Other changes:
    - examples: Drop executable bits from elements.c
      #349  Windows: Change the name of the Windows DLLs from expat*.dll
            to libexpat*.dll once more (regression from 2.2.8, first
            fixed in 1.95.3, issue #61 on SourceForge today,
            was issue #432456 back then); needs a fix due
            case-insensitive file systems on Windows and the fact that
            Perl's XML::Parser::Expat compiles into Expat.dll.
      #347  Windows: Only define _CRT_RAND_S if not defined
            Version info bumped from 7:10:6 to 7:11:6

OBS-URL: https://build.opensuse.org/request/show/752487
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=81
2019-11-29 18:37:39 +00:00
Tomáš Chvátal
f5ae13f145 Accepting request 731221 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Version update to 2.2.8
  * Security fixes: (CVE-2019-15903, bsc#1149429)
    - CVE-2019-15903 -- Fix heap overflow triggered by XML_GetCurrentLineNumber
      (or XML_GetCurrentColumnNumber), and deny internal entities closing the doctype;
  * Bug fixes:
    - Fix cases where XML_StopParser did not have any effect
      when called from inside of an end element handler
    - xmlwf: Fix exit code for operation without "-d DIRECTORY";
      previously, only "-d DIRECTORY" would give you a proper exit code:
      Now both cases return exit code 2.
  * Other changes:
    - examples: Improve elements.c
    - Autotools: Add argument --enable-xml-attr-info
    - Autotools: Add arguments --with-getrandom --without-getrandom --with-sys-getrandom --without-sys-getrandom
    - Autotools: Fix linking issues with "./configure LD=clang"
    - Autotools: Fix "make run-xmltest" for out-of-source builds
    - CMake: Pull all options from Expat <=2.2.7 into namespace
    - CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), default OFF
    - CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), default OFF
    - CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), default OFF
    - CMake: Add arguments -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO
    - CMake: Add arguments -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO
    - CMake: Install expat_config.h to include directory
    - CMake: Generate and install configuration files for future find_package(expat [..] CONFIG [..])
    - CMake: Now produces a summary of applied configuration
    - CMake: Require C++ compiler only when tests are enabled
    - CMake: Fix compilation for 16bit character types, i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON)
    - CMake: Port "make run-xmltest" from GNU Autotools to CMake
    - CMake: Integrate OSS-Fuzz fuzzers, option -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF
- Removed patches fixed in the update:

OBS-URL: https://build.opensuse.org/request/show/731221
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=79
2019-09-16 09:43:53 +00:00
Tomáš Chvátal
860c603684 Accepting request 730208 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Security fix (CVE-2019-15903, bsc#1149429)
  * Crafted XML input results in heap-based buffer over-read by fooling
    the parser into changing from DTD parsing to document parsing
  * Added patches:
    - expat-CVE-2019-15903.patch
    - expat-CVE-2019-15903-tests.patch

OBS-URL: https://build.opensuse.org/request/show/730208
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=78
2019-09-11 16:22:32 +00:00
Tomáš Chvátal
2f8abc6cde OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=76 2019-07-04 12:15:08 +00:00
Tomáš Chvátal
ce7df1b42a Accepting request 713044 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937)
  * Security fixes:
    - CVE-2018-20843 - Fix extraction of namespace prefixes from
      XML names; XML names with multiple colons could end up in
      the wrong namespace, and take a high amount of RAM and CPU
      resources while processing, opening the door to use for
      denial-of-service attacks
  * Other changes:
    - Autotools/CMake: Utilize -fvisibility=hidden to stop
      exporting non-API symbols
    - Autotools: Add --without-examples and --without-tests
    - Autotools: Modernize configure.ac
    - Autotools: Fix check for -fvisibility=hidden for Clang
    - Autotools: Fix compilation for lack of docbook2x-man
    - CMake: Make libdir of pkgconfig expat.pc support multilib
    - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR
    - Remove fallback to bcopy, assume that memmove(3) exists
- Use docbook2x to build the man pages
- Removed expat-2.2.6-fix-make-clean.patch

OBS-URL: https://build.opensuse.org/request/show/713044
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=75
2019-07-02 11:47:21 +00:00
071322d184 Accepting request 672442 from home:bmwiedemann:branches:devel:libraries:c_c++
Add expat-2.2.6-fix-make-clean.patch
Allow profile guided optimization again

Dear package maintainer: please decide if and how to upstream the new patch.

OBS-URL: https://build.opensuse.org/request/show/672442
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=73
2019-02-08 09:41:22 +00:00
Tomáš Chvátal
dd041c4a72 - Drop docbook2x dependency, the manpages are generated in
the upstream archive and this way we break buildcycle

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=70
2019-01-03 13:09:24 +00:00
Ismail Dönmez
6858130e3e Accepting request 634952 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Version update to 2.2.6 Sun August 12 2018
  * Bug fixes:
    - Avoid doing arithmetic with NULL pointers in XML_GetBuffer
    - Fix 2.2.5 regression with suspend-resume while parsing
      a document like '<root/>'
  * Other changes:
    - Autotools: Fix docbook-related configure syntax error
    - Autotools: Avoid grep option `-q` for Solaris
    - Autotools: Support
      ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation"
    - Autotools: Support DOCBOOK_TO_MAN command which produces
      xmlwf.1 rather than XMLWF.1; also covers case insensitive
      file systems
    - Autotools: Drop -rpath option passed to libtool
    - Autotools: Detect and deny SGML docbook2man as ours is XML
    - Autotools/CMake: Support command db2x_docbook2man as well
    - CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF
    - CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF
    - CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T,
      both defaulting to OFF
    - CMake: Prefer check_symbol_exists over check_function_exists
    - CMake: Create the same pkg-config file as with GNU Autotools
    - CMake: Use GNUInstallDirs module to set proper defaults for
      install directories
    - CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM
    - Address compiler warnings
    - Fix miscellaneous typos

OBS-URL: https://build.opensuse.org/request/show/634952
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=68
2018-09-11 12:12:22 +00:00
403905b38b Accepting request 542216 from home:jengelh:branches:devel:libraries:c_c++
- Expand description of expat-devel.

OBS-URL: https://build.opensuse.org/request/show/542216
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=66
2017-11-16 10:56:06 +00:00
59f22bd9f6 Accepting request 542191 from home:pluskalm:branches:devel:libraries:c_c++
- Do not generate manpages from docbook
- Temporarily disable profiling due to bug in build system

OBS-URL: https://build.opensuse.org/request/show/542191
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=65
2017-11-16 09:46:03 +00:00
Tomáš Chvátal
fa5bc13a9e Accepting request 540028 from home:avindra
- Version update to 2.2.5 Tue October 31 2017
  * Bug fixes:
    - If the parser runs out of memory, make sure its internal
      state reflects the memory it actually has, not the memory
      it wanted to have.
    - The default handler wasn't being called when it should for
      a SYSTEM or PUBLIC doctype if an entity declaration handler
      was registered.
    - Fix a case of mistakenly reported parsing success where
      XML_StopParser was called from an element handler
    - Function XML_ErrorString was returning NULL rather than
      a message for code XML_ERROR_INVALID_ARGUMENT
      introduced with release 2.2.1
  * Other changes:
    - Add argument -N adding notation declarations
    - various compiler-specific fixes
    - Improve docbook2x-man detection
- drop expat-docbook.patch
  * fixed in 0f5186c7b8e503c669e332d944712de010b265f3
- switch to github for release tarballs and website
- Version update to 2.2.4 Sat August 19 2017
  * Bug fixes:
    #115  Fix copying of partial characters for UTF-8 input
  * Other changes:
    #109  Fix "make check" for non-x86 architectures that default
            to unsigned type char (-128..127 rather than 0..255)
    #109  coverage.sh: Cover -funsigned-char
            Autotools: Introduce --without-xmlwf argument
     #65  Autotools: Replace handwritten Makefile with GNU Automake
     #43  CMake: Auto-detect high quality entropy extractors, add new
            option USE_libbsd=ON to use arc4random_buf of libbsd
     #74  CMake: Add -fno-strict-aliasing only where supported
    #114  CMake: Always honor manually set BUILD_* options
    #114  CMake: Compile man page if docbook2x-man is available, only
    #117  Include file tests/xmltest.log.expected in source tarball
            (required for "make run-xmltest")
    #111  Fix some typos in documentation
            Version info bumped from 7:5:6 to 7:6:6
- Release 2.2.3 Wed August 2 2017
  *  Bug fixes:
     #85  Fix a dangling pointer issue related to realloc
  * Other changes:
     #91  Linux: Allow getrandom to fail if nonblocking pool has not
            yet been initialized and read /dev/urandom then, instead.
          This is in line with what recent Python does.
     #86  Check that a UTF-16 encoding in an XML declaration has the
            right endianness
#4 #5 #7  Recover correctly when some reallocations fail
          Repair "./configure && make" for systems without any
            provider of high quality entropy
            and try reading /dev/urandom on those
          Ensure that user-defined character encodings have converter
            functions when they are needed
          Fix mis-leading description of argument -c in xmlwf.1
          Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
            for CloudABI
    #100  Fix use of SIPHASH_MAIN in siphash.h
     #23  Test suite: Fix memory leaks
            Version info bumped from 7:4:6 to 7:5:6
- Release 2.2.2 Wed July 12 2017
  * Security fixes:
     #43  Protect against compilation without any source of high
            quality entropy enabled, e.g. with CMake build system;
  * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse;
                resulted in NULL dereference, previously;
  * Bug fixes:
     #69  Fix improper use of unsigned long long integer literals
  * Other changes:
     #73  Start requiring a C99 compiler
     #49  Fix "==" Bashism in configure script
     #58  Address compile warnings
     #68  Fix "./buildconf.sh && ./configure" for some versions
            of Dash for /bin/sh
     #72  CMake: Ease use of Expat in context of a parent project
            with multiple CMakeLists.txt files
     #72  CMake: Resolve mistaken executable permissions
     #76  Address compile warning with -DNDEBUG (not recommended!)
     #77  Address compile warning about macro redefinition
 * Added patch expat-docbook.patch to compile the man pages with 
   docbook-to-man
 * Cleaned spec file with spec-cleaner
- Allow building when do_profiling is undefined
- Build with profiling when possible
- Version update to 2.2.1 Sat June 17 2017
  - Security fixes:
                    CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS
                    Details: https://libexpat.github.io/doc/cve-2017-9233/
                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
   - [MOX-002]      CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; 
                    (Fixed version of existing downstream patches!)
   - (SF.net) #539  Fix regression from fix to CVE-2016-0718 cutting off
                    longer tag names; 
               #25  More integer overflow detection (function poolGrow); 
   - [MOX-002]      Detect overflow from len=INT_MAX call to XML_Parse; 
   - [MOX-005] #30  Use high quality entropy for hash initialization:
                    * arc4random_buf on BSD, systems with libbsd
                      (when configured with --with-libbsd), CloudABI
                    * RtlGenRandom on Windows XP / Server 2003 and later
                    * getrandom on Linux 3.17+
                    In a way, that's still part of CVE-2016-5300.
                    https://github.com/libexpat/libexpat/pull/30/commits
   - [MOX-005] For the low quality entropy extraction fallback code,
               the parser instance address can no longer leak, 
   - [MOX-003] Prevent use of uninitialised variable; commit
   - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b
               Add missing parameter validation to public API functions
               and dedicated error code XML_ERROR_INVALID_ARGUMENT:
   - [MOX-006] * NULL checks; commits
               * Negative length (XML_Parse); commit
   - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f
   - [MOX-001] #35  Change hash algorithm to William Ahern's version of SipHash
                    to go further with fixing CVE-2012-0876.
                    https://github.com/libexpat/libexpat/pull/39/commits
   - Bug fixes:
     #32 Fix sharing of hash salt across parsers;
         relevant where XML_ExternalEntityParserCreate is called
         prior to XML_Parse, in particular (e.g. FBReader)
     #28 xmlwf: Auto-disable use of memory-mapping (and parsing
         as a single chunk) for files larger than ~1 GB (2^30 bytes)
         rather than failing with error "out of memory"
     #3  Fix double free after malloc failure in DTD code; commit
         7ae9c3d3af433cd4defe95234eae7dc8ed15637f
     #17 Fix memory leak on parser error for unbound XML attribute
         prefix with new namespaces defined in the same tag;
         found by Google's OSS-Fuzz; commits
         xmlwf on Windows: Add missing calls to CloseHandle
   - New features:
     #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1
         for runtime debugging of entropy extraction
         Bump version info from 7:2:6 to 7:3:6
- Remove pointless --with-pic (for static only)
- Version update to 2.2.0:
  * Fixes bnc#983215 CVE-2012-6702
  * Fixes bnc#983216 CVE-2016-5300
  * Various cmake and autotools script updates
  * Fix detection of utf8 character boundaries
- Remove all patches merged upstream:
  * expat-2.1.1-avoid_relying_on_undef_behaviour.patch
  * expat-2.1.1-parser_crashes_on_malformed_input.patch
  * expat-alloc-size.patch
  * expat-visibility.patch
- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid
  relying on undefined behavior in the original CVE-2015-1283 fix
  [bnc#980391], [bnc#983985], [CVE-2016-4472]
- add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix
  Expat XML parser that mishandles certain kinds of malformed input
  documents [bnc#979441], [CVE-2016-0718] 
- use spec-cleaner to clean specfile
- After simplification of expat-visibility.patch, it became
  uneffective as no symbols are getting hidden. add
  -fvisibility=hidden to CFLAGS again.
- expat-alloc-size.patch: fix braino, realloc()-like functions
  should not take __attribute__(malloc)
- Update to version 2.1.1
  * Fixes CVE-2015-1283 — Multiple integer overflows in the
    XML_GetBuffer function
  * Fix potential null pointer dereference
  * Symbol XML_SetHashSalt was not exported
  * Output of xmlwf -h was incomplete
  * Document behavior of calling XML_SetHashSalt with salt 0
  * Minor improvements to man page xmlwf(1)
- Simplify expat-visibility.patch, refresh expat-alloc-size.patch
- Drop config-guess-sub-update.patch, fixed upstream.
- Cleanup spec file with spec-cleaner
- Remove old ppc obsoletes/provides
- Added url as source.
  Please see http://en.opensuse.org/SourceUrls
- Sanitize description of expat (replace it with a more current
  one from the homepage)
- Update config.guess/sub for aarch64
- fix of fix of [bnc#798644]
- according to upstream changelog:
       - Improved ability to build without the configure-generated
          expat_config.h header.  This is useful for applications
          which embed Expat rather than linking in the library.
  because I am not exactly sure about implication of this, rather use 
  -DXML_HAVE_VISIBILITY in CFLAG_VISIBILITY in expat-visibility.patch
- Executing autoreconf requires autoconf BuildRequire
- really hide private Xml* symbols [bnc#798644]
  * modified visibility.patch
- update to 2.1.0
  - Bug Fixes:
    #1742315: Harmful XML_ParserCreateNS suggestion.
    #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
    #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
    #1983953, 2517952, 2517962, 2649838:
         Build modifications using autoreconf instead of buildconf.sh.
    #2815947, #2884086: OBJEXT and EXEEXT support while building.
    #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
    #2517938: xmlwf should return non-zero exit status if not well-formed.
    #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
    #2855609: Dangling positionPtr after error.
    #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
    #2958794: CVE-2012-1148 - Memory leak in poolGrow.
    #2990652: CMake support.
    #3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
    #3206497: Unitialized memory returned from XML_Parse.
    #3287849: make check fails on mingw-w64.
    #3496608: CVE-2012-0876 - Hash DOS attack.
  - Patches:
    #1749198: pkg-config support.
    #3010222: Fix for bug #3010819.
    #3312568: CMake support.
    #3446384: Report byte offsets for attr names and values.
  - New Features / API changes:
   * Added new API member XML_SetHashSalt() that allows setting an 
     intial value (salt) for hash calculations. This is part of the 
     fix for bug #3496608 to randomize hash parameters.
   * When compiled with XML_ATTR_INFO defined, adds new API member
     XML_GetAttributeInfo() that allows retrieving the byte
     offsets for attribute names and values (patch #3446384).
   * Added CMake build system.  See bug #2990652 and patch #3312568.
   * Added run-benchmark target to Makefile.in - relies on testdata 
     module present in the same relative location as in the repository.
- update to 2.1.0 beta
  * refreshed expat-visibility.patch
  * removed obsolete expat-CVE-2009-3560.patch
  * removed obsolete expat-CVE-2009-2625.patch
  - hash table DOS attack fix
  - accumulated bug fixes and some changes to the build system
  - new conditional feature to make byte offsets for attributes
    and attribute names available
- Put libraries back to %{_libdir}, /usr merge project 
- add automake as buildrequire to avoid implicit dependency
- Hide non public symbols reusing existing win32 API export/imports
- annotate malloc/realloc-like functions with attribute alloc_size
  to catch possible misuses in calling code.
- Remove redundant/obsolete tags/sections from specfile
  (cf. packaging guidelines)
- Use %_smp_mflags for parallel build
- Add libexpat-devel to baselibs
- fix license (MIT) in spec file
- fix CVE-2009-3560.patch [bnc#566434]
- add baselibs.conf as a source
- fix DoS (CVE-2009-3560.patch) [bnc#558892]
- fix DoS (CVE-2009-2625.patch) [bnc#550664]
- test suite requires gcc-c++ to compile
- remove static libraries, shouldnt be needed anymore.
- run make check
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
  (bnc#437293)
- obsolete old -XXbit packages (bnc#437293)
- added baselibs.conf file to build xxbit packages
  for multilib support
- fix devel symlink
- move libraries from /usr/lib to /lib [#285472]
- replace deprecated %run_ldconfig with /sbin/ldconfig
- update to 2.0.1:
  ( from Changes )
  * Fixed bugs #1515266, 1515600: The character data handler's calling
    of XML_StopParser() was not handled properly; if the parser was
    stopped and the handler set to NULL, the parser would segfault.
  * Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed
    some character constants to be ASCII encoded.
  * Minor cleanups of the test harness.
  * Fixed xmlwf bug #1513566: "out of memory" error on file size zero.
  * Fixed outline.c bug #1543233: missing a final XML_ParserFree() call.
  * Fixes and improvements for Windows platform:
    bugs #1409451, #1476160, 1548182, 1602769, 1717322.
  * Build fixes for various platforms:
    HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180.
    All Unix: #1554618 (refreshed config.sub/config.guess).
              #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT,
              without relying on GNU-Make specific features.
    #1647805: Patched configure.in to work better with Intel compiler.
  * Fixes to Makefile.in to have make check work correctly:
    bugs #1408143, #1535603, #1536684.
  * Added Open Watcom support: patch #1523242.
- split libexpat1 and libexpat-devel subpackages [#260214]
- strip .la file
- converted neededforbuild to BuildRequires
- fixed file list for debuginfo package (do not pack all of libdir)
- update to 2.0.0
- update to 2.0 pre release
- fixed filelist
- update to 1.95.8
- Build as user
- update to version 1.95.7
- in expat.h, declare enum XML_Status before using it;
  put into patch "...-header.diff" [bug #23742]
- updated to version 1.95.6
- update to version 1.95.5
- update to version 1.95.4
- added parameter --target to configure
- use %{_libdir} and %{_lib}
- fix URL in spec file
- update to version 1.95.2
- spec file cleanup
- added DESTDIR
- fixed links for soname of libexpat.so*
- fixed soname of libexpat.so.1.2
- back on stable version 1.2  added build shared libexpat.so
- update on 1.95.1 on sourgeforge needed for midgard
- new description
- Don't "install" symlinks; use "cp"; reported by bs; proposed fix
  by ro.
- Cleanup the spec file: better Group tag; more accurate files list.
- first SuSE package: version 1.1.
- apply Debian patch to build shared libs.
- build libexpat.a.

OBS-URL: https://build.opensuse.org/request/show/540028
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=64
2017-11-09 08:26:03 +00:00
e9c48cc853 Accepting request 536855 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Version update to 2.2.4 Sat Auguest 19 2017
  * Bug fixes:
    #115  Fix copying of partial characters for UTF-8 input
  * Other changes:
    #109  Fix "make check" for non-x86 architectures that default
            to unsigned type char (-128..127 rather than 0..255)
    #109  coverage.sh: Cover -funsigned-char
            Autotools: Introduce --without-xmlwf argument
     #65  Autotools: Replace handwritten Makefile with GNU Automake
     #43  CMake: Auto-detect high quality entropy extractors, add new
            option USE_libbsd=ON to use arc4random_buf of libbsd
     #74  CMake: Add -fno-strict-aliasing only where supported
    #114  CMake: Always honor manually set BUILD_* options
    #114  CMake: Compile man page if docbook2x-man is available, only
    #117  Include file tests/xmltest.log.expected in source tarball
            (required for "make run-xmltest")
    #111  Fix some typos in documentation
            Version info bumped from 7:5:6 to 7:6:6
- Release 2.2.3 Wed August 2 2017
  *  Bug fixes:
     #85  Fix a dangling pointer issue related to realloc
  * Other changes:
     #91  Linux: Allow getrandom to fail if nonblocking pool has not
            yet been initialized and read /dev/urandom then, instead.
          This is in line with what recent Python does.
     #86  Check that a UTF-16 encoding in an XML declaration has the
            right endianness
#4 #5 #7  Recover correctly when some reallocations fail
          Repair "./configure && make" for systems without any
            provider of high quality entropy

OBS-URL: https://build.opensuse.org/request/show/536855
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=63
2017-10-26 13:40:29 +00:00
Tomáš Chvátal
061786605d Accepting request 532435 from home:jayvdb:toggl
- Allow building when do_profiling is undefined

OBS-URL: https://build.opensuse.org/request/show/532435
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=61
2017-10-07 15:19:36 +00:00
Tomáš Chvátal
73171aa2e8 Accepting request 509510 from home:pluskalm:branches:devel:libraries:c_c++
- Build with profiling when possible

OBS-URL: https://build.opensuse.org/request/show/509510
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=59
2017-07-11 20:45:24 +00:00
Tomáš Chvátal
87920586bc Accepting request 508174 from home:msmeissn:branches:devel:libraries:c_c++
- Version update to 2.2.1 Sat June 17 2017
  - Security fixes:
                    CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS
                    Details: https://libexpat.github.io/doc/cve-2017-9233/
                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
   - [MOX-002]      CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; 
                    (Fixed version of existing downstream patches!)
   - (SF.net) #539  Fix regression from fix to CVE-2016-0718 cutting off
                    longer tag names; 
               #25  More integer overflow detection (function poolGrow); 
   - [MOX-002]      Detect overflow from len=INT_MAX call to XML_Parse; 
   - [MOX-005] #30  Use high quality entropy for hash initialization:
                    * arc4random_buf on BSD, systems with libbsd
                      (when configured with --with-libbsd), CloudABI
                    * RtlGenRandom on Windows XP / Server 2003 and later
                    * getrandom on Linux 3.17+
                    In a way, that's still part of CVE-2016-5300.
                    https://github.com/libexpat/libexpat/pull/30/commits
   - [MOX-005] For the low quality entropy extraction fallback code,
               the parser instance address can no longer leak, 
   - [MOX-003] Prevent use of uninitialised variable; commit
   - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b
               Add missing parameter validation to public API functions
               and dedicated error code XML_ERROR_INVALID_ARGUMENT:
   - [MOX-006] * NULL checks; commits
               * Negative length (XML_Parse); commit
   - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f
   - [MOX-001] #35  Change hash algorithm to William Ahern's version of SipHash
                    to go further with fixing CVE-2012-0876.
                    https://github.com/libexpat/libexpat/pull/39/commits

OBS-URL: https://build.opensuse.org/request/show/508174
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=57
2017-07-04 16:25:59 +00:00
Tomáš Chvátal
972947b1dc * Fixes bnc#983215 CVE-2012-6702
* Fixes bnc#983216 CVE-2016-5300

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=55
2016-11-21 09:44:57 +00:00
982955bd01 Accepting request 412027 from home:jengelh:branches:devel:libraries:c_c++
- Remove pointless --with-pic (for static only)

OBS-URL: https://build.opensuse.org/request/show/412027
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=53
2016-07-20 06:48:52 +00:00
3363926740 Accepting request 408441 from home:scarabeus_iv:branches:devel:libraries:c_c++
- Version update to 2.2.0:
  * Various cmake and autotools script updates
  * Fix detection of utf8 character boundaries
- Remove all patches merged upstream:
  * expat-2.1.1-avoid_relying_on_undef_behaviour.patch
  * expat-2.1.1-parser_crashes_on_malformed_input.patch
  * expat-alloc-size.patch
  * expat-visibility.patch

OBS-URL: https://build.opensuse.org/request/show/408441
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=51
2016-07-14 15:19:01 +00:00
d06c7cd5b7 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=49 2016-06-16 14:01:33 +00:00
2888ef8f38 Accepting request 396618 from home:kstreitova:branches:devel:libraries:c_c++
- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid
  relying on undefined behavior in CVE-2015-1283 fix [bnc#980391],
  [CVE-2015-1283]
- add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix
  Expat XML parser that mishandles certain kinds of malformed input
  documents [bnc#979441], [CVE-2016-0718] 
- use spec-cleaner to clean specfile

OBS-URL: https://build.opensuse.org/request/show/396618
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=47
2016-05-19 10:15:28 +00:00
Ismail Dönmez
89d01b6ea1 Accepting request 383019 from home:elvigia:branches:devel:libraries:c_c++
- After simplification of expat-visibility.patch, it became
  uneffective as no symbols are getting hidden. add
  -fvisibility=hidden to CFLAGS again.
- expat-alloc-size.patch: fix braino, realloc()-like functions
  should not take __attribute__(malloc)

OBS-URL: https://build.opensuse.org/request/show/383019
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=45
2016-04-01 16:55:19 +00:00
Ismail Dönmez
8121760156 - Update to version 2.1.1
* Fixes CVE-2015-1283 — Multiple integer overflows in the
    XML_GetBuffer function
  * Fix potential null pointer dereference
  * Symbol XML_SetHashSalt was not exported
  * Output of xmlwf -h was incomplete
  * Document behavior of calling XML_SetHashSalt with salt 0
  * Minor improvements to man page xmlwf(1)
- Simplify expat-visibility.patch, refresh expat-alloc-size.patch
- Drop config-guess-sub-update.patch, fixed upstream.

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=43
2016-03-23 08:48:07 +00:00
Ismail Dönmez
ca45df8ecd Accepting request 316013 from home:pluskalm:branches:devel:libraries:c_c++
- Cleanup spec file with spec-cleaner
- Remove old ppc obsoletes/provides

OBS-URL: https://build.opensuse.org/request/show/316013
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=41
2015-07-11 13:33:21 +00:00
Ismail Dönmez
4b7095a36b Accepting request 161179 from home:m_meister:branches:openSUSE:Factory
- Added url as source.
  Please see http://en.opensuse.org/SourceUrls

OBS-URL: https://build.opensuse.org/request/show/161179
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=39
2013-03-26 13:15:47 +00:00
Ismail Dönmez
1c65d9215f Accepting request 155998 from home:jengelh:branches:devel:libraries:c_c++
- Sanitize description of expat (replace it with a more current
  one from the homepage)

OBS-URL: https://build.opensuse.org/request/show/155998
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=37
2013-02-21 16:47:18 +00:00
Sascha Peilicke
2698552e52 Accepting request 151254 from home:Andreas_Schwab:Factory
- Update config.guess/sub for aarch64

OBS-URL: https://build.opensuse.org/request/show/151254
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=35
2013-02-05 11:52:08 +00:00
297d7a2e05 - fix of fix of [bnc#798644]
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=33
2013-01-23 09:22:35 +00:00
6660247884 - according to upstream changelog:
- Improved ability to build without the configure-generated
          expat_config.h header.  This is useful for applications
          which embed Expat rather than linking in the library.
  because I am not exactly sure about implication of this, rather use 
  -DXML_HAVE_VISIBILITY in CFLAG_VISIBILITY in expat-visibility.patch

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=32
2013-01-23 09:17:31 +00:00
8b8fc10428 Accepting request 149538 from home:jengelh:branches:devel:libraries:c_c++
- Executing autoreconf requires autoconf BuildRequire

OBS-URL: https://build.opensuse.org/request/show/149538
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=30
2013-01-22 13:45:25 +00:00
3275e54984 - really hide private Xml* symbols [bnc#798644]
* modified visibility.patch

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=28
2013-01-18 08:55:13 +00:00
Wojtek Dziewięcki
c309b37078 Accepting request 113138 from home:tabraham1:branches:devel:libraries:c_c++
update to 2.1.0

OBS-URL: https://build.opensuse.org/request/show/113138
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=26
2012-04-11 08:52:45 +00:00
Ismail Dönmez
e0ab99b38a Accepting request 108072 from home:tabraham1:branches:devel:libraries:c_c++
update to 2.1.0 beta

OBS-URL: https://build.opensuse.org/request/show/108072
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=22
2012-03-06 09:33:32 +00:00
Cristian Rodríguez
0940c229a3 Accepting request 104138 from home:elvigia:branches:devel:libraries:c_c++
- Put libraries back to %{_libdir}, /usr merge project

OBS-URL: https://build.opensuse.org/request/show/104138
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=20
2012-02-12 16:28:13 +00:00
Ismail Dönmez
7319307b04 Accepting request 95005 from home:coolo:removeautomake
add automake to buildrequires

OBS-URL: https://build.opensuse.org/request/show/95005
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=18
2011-12-02 12:53:21 +00:00
Cristian Rodríguez
0f9fae28d8 Accepting request 89779 from home:elvigia:branches:devel:libraries:c_c++
NOT FOR 12.1, Factory Only.

- Hide non public symbols reusing existing win32 API export/imports
- annotate malloc/realloc-like functions with attribute alloc_size
  to catch possible misuses in calling code.

OBS-URL: https://build.opensuse.org/request/show/89779
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=16
2011-10-30 23:18:03 +00:00
Ismail Dönmez
44e44071e4 Accepting request 83485 from home:jengelh:bl-e
- Remove redundant/obsolete tags/sections from specfile
  (cf. packaging guidelines)
- Use %_smp_mflags for parallel build
- Add libexpat-devel to baselibs (for dev of 32-bit progs)

OBS-URL: https://build.opensuse.org/request/show/83485
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=14
2011-09-19 09:53:57 +00:00
Pavol Rusnak
abba1759b5 - fix license (MIT) in spec file
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=10
2011-02-25 16:07:11 +00:00
OBS User buildservice-autocommit
c748e96746 Updating link to change in openSUSE:Factory/expat revision 15.0
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=6ee8bb17ca0a2c4c95300248e8cf4a07
2010-01-08 16:30:06 +00:00
OBS User autobuild
0934d114fb checked in
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=8
2010-01-08 16:30:05 +00:00
Pavol Rusnak
2e3bfa2bcb - fix CVE-2009-3560.patch [bnc#566434]
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=7
2010-01-08 14:07:45 +00:00
Pavol Rusnak
5095e284d6 Accepting request 26370 from home:jengelh:branches:devel:libraries:c_c++
Copy from home:jengelh:branches:devel:libraries:c_c++/expat via accept of submit request 26370 revision 2.
Request was accepted with message:
thanks

OBS-URL: https://build.opensuse.org/request/show/26370
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=6
2009-12-16 13:03:20 +00:00