forked from pool/xerces-c
c1307c4b01
- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
- Use pkgconfig requires
- Disable "pretty" make to make it bit faster
- Fix the selfobsoleting provides/requires to silence rpmlint
- Use valid group for the docs
- Resolve rpmlint warnings of type "version-control-internal-file"
- Update to 3.1.3
* bug fixes
+ memcpy used on overlapping memory regions causes sanity test failure
+ Typo in XMLUni::fgUnknownURIName constant
+ Buffer overruns in prolog parsing and error handling
- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
- added xerces-c-CVE-2016-2099.patch
Exception handling mistake causing use after free
(bsc#979208, CVE-2016-2099)
- xerces-c-CVE-2016-0729.patch
Fix for mishandling certain kinds of malformed input documents,
resulting in buffer overlows during processing and error reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. (bsc#966822, CVE-2016-0729)
OBS-URL: https://build.opensuse.org/request/show/406725
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xerces-c?expand=0&rev=21
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| baselibs.conf | ||
| xerces-c-3.1.4.tar.gz | ||
| xerces-c-3.1.4.tar.gz.asc | ||
| xerces-c.changes | ||
| xerces-c.keyring | ||
| xerces-c.spec | ||