From 5c08cf207305f4ee0148254ad210ece6c36adac66078995196a9c951a90e93a8 Mon Sep 17 00:00:00 2001 From: David Anes Date: Thu, 5 Sep 2024 10:33:41 +0000 Subject: [PATCH] - Update to 2.6.3: * Security fixes: - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with len < 0 without noticing and then calling XML_GetBuffer will have XML_ParseBuffer fail to recognize the problem and XML_GetBuffer corrupt memory. With the fix, XML_ParseBuffer now complains with error XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse has been doing since Expat 2.2.1, and now documented. Impact is denial of service to potentially artitrary code execution. - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. * Other changes: - Autotools: Sync CMake templates with CMake 3.28 - Autotools: Always provide path to find(1) for portability - Autotools: Ensure that the m4 directory always exists. - Autotools: Simplify handling of SIZEOF_VOID_P - Autotools: Support non-GNU sed - Autotools|CMake: Fix main() to main(void) - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM - Autotools|CMake: Stop requiring dos2unix OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=114 --- .gitattributes | 23 + .gitignore | 1 + baselibs.conf | 7 + expat-2.6.2.tar.xz | 3 + expat-2.6.2.tar.xz.asc | 16 + expat-2.6.3.tar.xz | 3 + expat-2.6.3.tar.xz.asc | 16 + expat.changes | 1215 ++++++++++++++++++++++++++++++++++++++++ expat.keyring | 388 +++++++++++++ expat.spec | 118 ++++ expatfaq.html | 100 ++++ 11 files changed, 1890 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 baselibs.conf create mode 100644 expat-2.6.2.tar.xz create mode 100644 expat-2.6.2.tar.xz.asc create mode 100644 expat-2.6.3.tar.xz create mode 100644 expat-2.6.3.tar.xz.asc create mode 100644 expat.changes create mode 100644 expat.keyring create mode 100644 expat.spec create mode 100644 expatfaq.html diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..46861b8 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,7 @@ +expat +libexpat1 + obsoletes "expat-" + provides "expat-" +libexpat-devel + requires -libexpat- + requires "libexpat1- = " diff --git a/expat-2.6.2.tar.xz b/expat-2.6.2.tar.xz new file mode 100644 index 0000000..9e310f5 --- /dev/null +++ b/expat-2.6.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ee14b4c5d8908b1bec37ad937607eab183d4d9806a08adee472c3c3121d27364 +size 485236 diff --git a/expat-2.6.2.tar.xz.asc b/expat-2.6.2.tar.xz.asc new file mode 100644 index 0000000..d7b4a9c --- /dev/null +++ b/expat-2.6.2.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAmXx2UUACgkQliYqz/vT +rsYCKw//X838HdkfERw6b0UaauHg3k5h5yzV/4gPzmVWlLhPaSFH6Ns69p7vvHz0 +xtSH0GQ4rp+l7GAjFoH5dzJxZ4g/EstYK+QJwOK7A9+gf86tbFt6pNj43u7bHqW2 +0p55xEoCcki+sZv1WX3VPe7NcCq7cs7UeOyOcqADZkmzcLkpHATh9kiA/LHe5WKp +jbAZthOCBG3S40xGib9KLZMR/fJ3RKaWsm+Jl+SABEQk5VmpOuoocboE+ZlTfEC/ +9F7czV28xHfdhfhP4nA328VgVPPP1atyVw0sO79fpnxmAFMZO31j/cGIyv4sQX1/ +2MLDbXWeEX6C2+ZCaTtNZbtxq7n+ydI9BAHWawN6BE2DNpt4w0x7m+QzrG207Y9r +jP+vFLC4winwaXoraJeZ18A7I5lOklNJ/iwzwVQHp+kLM1uGOuc5z/NWmBff1out +ErgjbAbINNIXEpjZ7AETUai0q2PJRucFsYxjYs19RKObbM8BLo7zbzL93QHm947R +46+iyemznYXQP2vsBjjQDzPhtyTk3evbRTWy5Mq0XXt8NSBrgGHGU4h35sQL3z2a +Qw6RhRRMIfrnntvDmLO2kbdBLmz4GQGfmmlUyvDtB6SivD3BWvX91lArfozad5Ve +pL8oFOu2ObHqCK6foTvwhYl05a7yaElwGX9vTBDsYT9Vqol0sKk= +=M9y2 +-----END PGP SIGNATURE----- diff --git a/expat-2.6.3.tar.xz b/expat-2.6.3.tar.xz new file mode 100644 index 0000000..f5e56b4 --- /dev/null +++ b/expat-2.6.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:274db254a6979bde5aad404763a704956940e465843f2a9bd9ed7af22e2c0efc +size 485600 diff --git a/expat-2.6.3.tar.xz.asc b/expat-2.6.3.tar.xz.asc new file mode 100644 index 0000000..0637b44 --- /dev/null +++ b/expat-2.6.3.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAmbYOcIACgkQliYqz/vT +rsZJHxAAkyGU93XA8OhhJoheuXaPPNbXD6KbIfGZeAOsENS0zOSar2FHTo3+3VLV +lD3gS3S4eyo6tJ99E1iG0KLPm20mzwZIRA/vC9Vt3aVj43jnof7DjXij8QlV56Rh +6i30mavwdSPlU7f0GoVPchYB6wKl+rzKCJkAUzMlkbbFyLx/9o6/ryA3VsGXGBam +97is8R7I8Kt+dDbZGs+//W1OHR5VJO5kFQ7VcowhrLexh1fTJIu/cy3KJNpFyzDP +u402CUTUkpwxbbZHXz9WoiZrAIIkiGtKjtyss8OwloPcFS1SHXuNnkPPiQE1r2ow +pvKE/mKA384IG1890c402xjj8DwZ2Ck172rnFikSctFNGmUf0Mx0N+tSs7nTV7/q +yiBX0+aaedWVxQnhKffg2erjDxb56Uo0AwxylHbgI6F6I710JPTQC5pHt6Ka4FJm +lvDKGp6wGd9Y9biQvO74H0EOgkwd+8JHS7m4VLBraxKghfGuWXdZMGFGs5H8o6El +JzqCjhVnH7j55MVPBntuamifxh2c99FNglUhLGkV7dmash1wKX5Thwzc8fady9oH +KE1by5zh6A2Eu6KFE2/YvWQ56C8GgAY8Efe99IRz7XunCUzetxcfRDw6PcyCCOAa +Jx9B5SZMIfmVdYWuQRKhti7QxR9zuuvpA93GiUEzWZZ2AcJldoc= +=5Z0B +-----END PGP SIGNATURE----- diff --git a/expat.changes b/expat.changes new file mode 100644 index 0000000..fcbfb33 --- /dev/null +++ b/expat.changes @@ -0,0 +1,1215 @@ +------------------------------------------------------------------- +Thu Sep 5 09:21:17 UTC 2024 - David Anes + +- Update to 2.6.3: + * Security fixes: + - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with + len < 0 without noticing and then calling XML_GetBuffer + will have XML_ParseBuffer fail to recognize the problem + and XML_GetBuffer corrupt memory. + With the fix, XML_ParseBuffer now complains with error + XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse + has been doing since Expat 2.2.1, and now documented. + Impact is denial of service to potentially artitrary code + execution. + - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an + integer overflow for nDefaultAtts on 32-bit platforms + (where UINT_MAX equals SIZE_MAX). + Impact is denial of service to potentially artitrary code + execution. + - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can + have an integer overflow for m_groupSize on 32-bit + platforms (where UINT_MAX equals SIZE_MAX). + Impact is denial of service to potentially artitrary code + execution. + + * Other changes: + - Autotools: Sync CMake templates with CMake 3.28 + - Autotools: Always provide path to find(1) for portability + - Autotools: Ensure that the m4 directory always exists. + - Autotools: Simplify handling of SIZEOF_VOID_P + - Autotools: Support non-GNU sed + - Autotools|CMake: Fix main() to main(void) + - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM + - Autotools|CMake: Stop requiring dos2unix + - CMake: Fix check for symbols size_t and off_t + - docs|tests: Convert README to Markdown and update + - Windows: Drop support for Visual Studio <=15.0/2017 + - Drop needless XML_DTD guards around is_param access + - Fix typo in a code comment + - Version info bumped from 10:2:9 (libexpat*.so.1.9.2) + to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/ + for what these numbers do + +------------------------------------------------------------------- +Wed Mar 13 22:23:20 UTC 2024 - Andreas Stieger + +- update to 2.6.2: + * CVE-2024-28757 -- Prevent billion laughs attacks with isolated + use of external parsers (boo#1221289) + * Reject direct parameter entity recursion and avoid the related + undefined behavior + +------------------------------------------------------------------- +Fri Mar 1 16:45:35 UTC 2024 - Andreas Stieger + +- update to 2.6.1: + * Expose billion laughs API with XML_DTD defined and XML_GE + undefined, regression from 2.6.0 + * Make tests independent of CPU speed, and thus more robust +- drop libxml2-fix-xmlwf.1-handling.patch, upstream + +------------------------------------------------------------------- +Tue Feb 20 12:21:17 UTC 2024 - David Anes + +- Fix handling of xmlwf.1 to avoid workarounds in specfile: + * Added libxml2-fix-xmlwf.1-handling.patch + +- Call buildconf.sh to avoid (future) issues with expat_config.h.in + +------------------------------------------------------------------- +Mon Feb 12 20:44:14 UTC 2024 - David Anes + +- Update keyring automatically from keyserver during OBS service run. +- Explicitly use --without-docbook (before it was implicit). +- Include missing files for documentation and examples. +- Add manpage for xmlwf, which is now available in the released tarball. +- Clean the spec file a bit. + +- Update to 2.6.0: + * Security fixes: + - CVE-2023-52425 (boo#1219559) + -- Fix quadratic runtime issues with big tokens + that can cause denial of service, in partial where + dealing with compressed XML input. Applications + that parsed a document in one go -- a single call to + functions XML_Parse or XML_ParseBuffer -- were not affected. + The smaller the chunks/buffers you use for parsing + previously, the bigger the problem prior to the fix. + Backporters should be careful to no omit parts of + pull request #789 and to include earlier pull request #771, + in order to not break the fix. + - CVE-2023-52426 (boo#1219561) + -- Fix billion laughs attacks for users + compiling *without* XML_DTD defined (which is not common). + Users with XML_DTD defined have been protected since + Expat >=2.4.0 (and that was CVE-2013-0340 back then). + * Bug fixes: + - Fix parse-size-dependent "invalid token" error for + external entities that start with a byte order mark + - Fix NULL pointer dereference in setContext via + XML_ExternalEntityParserCreate for compilation with + XML_DTD undefined + - Protect against closing entities out of order + * Other changes: + - Improve support for arc4random/arc4random_buf + - Improve buffer growth in XML_GetBuffer and XML_Parse + - xmlwf: Support --help and --version + - xmlwf: Support custom buffer size for XML_GetBuffer and read + - xmlwf: Improve language and URL clickability in help output + - examples: Add new example "element_declarations.c" + - Be stricter about macro XML_CONTEXT_BYTES at build time + - Make inclusion to expat_config.h consistent + - Autotools: configure.ac: Support --disable-maintainer-mode + - Autotools: Sync CMake templates with CMake 3.26 + - Autotools: Make installation of shipped man page doc/xmlwf.1 + independent of docbook2man availability + - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file + section "Cflags.private" in order to fix compilation + against static libexpat using pkg-config on Windows + - Autotools|CMake: Require a C99 compiler + (a de-facto requirement already since Expat 2.2.2 of 2017) + - Autotools|CMake: Fix PACKAGE_BUGREPORT variable + - Autotools|CMake: Make test suite require a C++11 compiler + - CMake: Require CMake >=3.5.0 + - CMake: Lowercase off_t and size_t to help a bug in Meson + - CMake: Sort xmlwf sources alphabetically + - CMake|Windows: Fix generation of DLL file version info + - CMake: Build tests/benchmark/benchmark.c as well for + a build with -DEXPAT_BUILD_TESTS=ON + - docs: Document the importance of isFinal + adjust tests + accordingly + - docs: Improve use of "NULL" and "null" + - docs: Be specific about version of XML (XML 1.0r4) + and version of C (C99); (XML 1.0r5 will need a sponsor.) + - docs: reference.html: Promote function XML_ParseBuffer more + - docs: reference.html: Add HTML anchors to XML_* macros + - docs: reference.html: Upgrade to OK.css 1.2.0 + - docs: Fix typos + - docs|CI: Use HTTPS URLs instead of HTTP at various places + - Address compiler warnings + - Address clang-tidy warnings + - Version info bumped from 9:10:8 (libexpat*.so.1.8.10) + to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/ + for what these numbers do + +------------------------------------------------------------------- +Sun Dec 11 20:35:38 UTC 2022 - Andreas Stieger + +- add upstream signing key and validate source signature + +------------------------------------------------------------------- +Wed Oct 26 06:19:38 UTC 2022 - David Anes + +- Update to 2.5.0: (bsc#1204708) + * Security fixes: + - CVE-2022-43680 -- Fix heap use-after-free after overeager + destruction of a shared DTD in function + XML_ExternalEntityParserCreate in out-of-memory situations. + Expected impact is denial of service or potentially arbitrary + code execution. + * Bug fixes: + - Fix curruption from undefined entities + - Fix case when parsing was suspended while processing nested + entities + - Stop leaking opening tag bindings after a closing tag mismatch + error where a parser is reset through XML_ParserReset and then + reused to parse + - CMake: Fix generation of pkg-config file + - MinGW|CMake: Fix static library name + * Other changes: + - Protect header expat_config.h from multiple inclusion + - examples: Make use of XML_GetBuffer and be more consistent + across examples + - Address compiler warnings + - Version info bumped from 9:9:8 to 9:10:8; see + https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Tue Sep 20 15:54:12 UTC 2022 - David Anes + +- update to 2.4.9: (bsc#1203438) + * Security fixes: + - CVE-2022-40674 -- Heap use-after-free vulnerability in + function doContent. Expected impact is denial of service + or potentially arbitrary code execution. + * Bug fixes: + - MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0 + - docs: Fix documentation on effect of switch XML_DTD on + symbol visibility in doc/reference.html + * Other changes: + - MinGW: Make fix-xmltest-log.sh drop more Wine bug output + - Autotools: Sync CMake templates with CMake 3.22 + - CMake: Migrate from use of CMAKE_*_POSTFIX to + dedicated variables EXPAT_*_POSTFIX to stop affecting + other projects + - Windows|CMake: Add missing -DXML_STATIC to test runners + and fuzzers + - Windows|CMake: Render .def file from a template to fix + linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON + - MinGW|CMake: Apply MSVC .def file when linking + - MinGW|CMake: Sync library name with GNU Autotools, + i.e. produce libexpat-1.dll rather than libexpat.dll + by default. Filename libexpat.dll.a is unaffected. + - MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in + toolchain file "cmake/mingw-toolchain.cmake" to avoid + error "windres: Command not found" on e.g. Ubuntu 20.04 + - CMake: Unify inconsistent use of set() and option() in + context of public build time options to take need for + set(.. FORCE) in projects using Expat by means of + add_subdirectory(..) off Expat's users' shoulders + - Stop exporting API symbols when building a static library + - Resolve use of deprecated "fgrep" by "grep -F" + - CMake: Make documentation on variables a bit more consistent + - CMake: Drop leading whitespace from a #cmakedefine line in + file expat_config.h.cmake + - xmlwf: Fix harmless variable mix-up in function nsattcmp + - Address Cppcheck warnings + - Address Clang 15 compiler warnings + - Version info bumped from 9:8:8 to 9:9:8; + see https://verbump.de/ for what these numbers do + * Infrastructure: + - CI: Windows: Start covering MSVC 2022 + - CI: macOS: Migrate off deprecated macOS 10.15 + - CI: Linux: Make migration off deprecated Ubuntu 18.04 work + - CI: Upgrade Clang from 14 to 15 + - apply-clang-format.sh: Add support for BSD find + - coverage.sh: Exclude MinGW headers + - coverage.sh: Fix name collision for -funsigned-char + +------------------------------------------------------------------- +Tue Mar 29 05:26:59 UTC 2022 - David Anes + +- update to 2.4.8: + * Other changes: + - pkg-config: Move "-lm" to section "Libs.private" + - CMake|MSVC: Fix pkg-config section "Libs" + - CMake|macOS: Start using linker arguments + "-compatibility_version " and + "-current_version " in a way compatible with GNU + Libtool + - Version info bumped from 9:7:8 to 9:8:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Sat Mar 5 06:34:13 UTC 2022 - David Anes + +- update to 2.4.7 (bsc#1196784, CVE-2022-25236): + * Bug fixes: + - Relax fix to CVE-2022-25236 (introduced with release 2.4.5) + with regard to all valid URI characters (RFC 3986), + i.e. the following set (excluding whitespace): + ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz + 0123456789 % -._~ :/?#[]@ !$&'()*+,;= + * Other changes: + - CMake|Windows: Store Expat version in the DLL + - Document consequences of namespace separator choices not just + in doc/reference.html but also in header + - Document Expat's lack of validation of namespace URIs against + RFC 3986, and that the XML 1.0r4 specification doesn't + require Expat to validate namespace URIs, and that Expat + may do more in that regard in future releases. + If you find need for strict RFC 3986 URI validation on + application level today, https://uriparser.github.io/ may + be of interest. + - Fix documentation of XML_EndDoctypeDeclHandler in + - Document that a call to XML_FreeContentModel can be done at + a later time from outside the element declaration handler + - Make hardcoded namespace URIs easier to find in code + - Update documentation on use of XML_POOR_ENTOPY on Solaris + - tests: Resolve use of macros NAN and INFINITY for GNU G++ + 4.8.2 on Solaris. + - Version info bumped from 9:6:8 to 9:7:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Sun Feb 20 19:48:53 UTC 2022 - David Anes + +- update to 2.4.6 (bsc#1196168, CVE-2022-25313): + * Bug fixes: + - Fix a regression introduced by the fix for CVE-2022-25313 + in release 2.4.5 that affects applications that (1) + call function XML_SetElementDeclHandler and (2) are + parsing XML that contains nested element declarations + (e.g. ""). + - Version info bumped from 9:5:8 to 9:6:8; + see https://verbump.de/ for what these numbers do. + +------------------------------------------------------------------- +Sat Feb 19 09:21:21 UTC 2022 - David Anes + +- update to 2.4.5 (bsc#1196171, bsc#1196169, bsc#1196168, + bsc#1196026, bsc#1196025): + * Security fixes: + - CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 + sequences (e.g. from start tag names) to the XML + processing application on top of Expat can cause + arbitrary damage (e.g. code execution) depending + on how invalid UTF-8 is handled inside the XML + processor; validation was not their job but Expat's. + Exploits with code execution are known to exist. + - CVE-2022-25236 -- Passing (one or more) namespace separator + characters in "xmlns[:prefix]" attribute values + made Expat send malformed tag names to the XML + processor on top of Expat which can cause + arbitrary damage (e.g. code execution) depending + on such unexpectable cases are handled inside the XML + processor; validation was not their job but Expat's. + Exploits with code execution are known to exist. + - CVE-2022-25313 -- Fix stack exhaustion in doctype parsing + that could be triggered by e.g. a 2 megabytes + file with a large number of opening braces. + Expected impact is denial of service or potentially + arbitrary code execution. + - CVE-2022-25314 -- Fix integer overflow in function copyString; + only affects the encoding name parameter at parser creation + time which is often hardcoded (rather than user input), + takes a value in the gigabytes to trigger, and a 64-bit + machine. Expected impact is denial of service. + - CVE-2022-25315 -- Fix integer overflow in function storeRawNames; + needs input in the gigabytes and a 64-bit machine. + Expected impact is denial of service or potentially + arbitrary code execution. + * Other changes: + - Version info bumped from 9:4:8 to 9:5:8; + see https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Mon Jan 31 06:13:13 UTC 2022 - David Anes + +- update to 2.4.4 (bsc#1195217, bsc#1195054): + * Security fixes: + - CVE-2022-23852 -- Fix signed integer overflow + (undefined behavior) in function XML_GetBuffer + that is also called by function XML_Parse internally) + for when XML_CONTEXT_BYTES is defined to >0 (which is both + common and default). + Impact is denial of service or more. + - CVE-2022-23990 -- Fix unsigned integer overflow in function + doProlog triggered by large content in element type + declarations when there is an element declaration handler + present (from a prior call to XML_SetElementDeclHandler). + Impact is denial of service or more. + * Bug fixes: + - xmlwf: Fix a memory leak on output file opening error + * Other changes: + - Version info bumped from 9:3:8 to 9:4:8; + see https://verbump.de/ for what these numbers do + * Drop unused file valid-xhtml10.png + +------------------------------------------------------------------- +Mon Jan 17 09:14:10 UTC 2022 - Dirk Müller + +- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, + bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): + * CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow + on variable m_groupSize in function doProlog leading + to realloc acting as free. + Impact is denial of service or more. + * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. + +------------------------------------------------------------------- +Mon Dec 27 16:02:14 UTC 2021 - Dirk Müller + +- update to 2.4.2: + * Link againgst libm for function "isnan" + * Include expat_config.h as early as possible + * Autotools: Include files with release archives: + - buildconf.sh + - fuzz/*.c + * Autotools: Sync CMake templates + * docs: Document that function XML_GetBuffer may return NULL + when asking for a buffer of 0 (zero) bytes size + * docs: Fix return value docs for both + XML_SetBillionLaughsAttackProtection* functions + * Version info bumped from 9:1:8 to 9:2:8 + +------------------------------------------------------------------- +Mon May 24 08:17:12 UTC 2021 - Pedro Monreal + +- Update to 2.4.1: + * Bug fixes: + - Autotools: Fix installed header expat_config.h for multilib + systems; regression introduced in 2.4.0 by pull request #486 + * Other changes: + - Version info bumped from 9:0:8 to 9:1:8; see + https://verbump.de/ for what these numbers do + +------------------------------------------------------------------- +Mon May 24 08:15:42 UTC 2021 - Pedro Monreal + +- Update to 2.4.0: [CVE-2013-0340 "Billion Laughs"] + * Security fixes: + - CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks + (denial-of-service; flavors targeting CPU time or RAM or both, + leveraging general entities or parameter entities or both) + by tracking and limiting the input amplification factor + ( := ( + ) / ). + By conservative default, amplification up to a factor of 100.0 + is tolerated and rejection only starts after 8 MiB of output bytes + (= + ) have been processed. + The fix adds the following to the API: + - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to + signals this specific condition. + - Two new API functions .. + - XML_SetBillionLaughsAttackProtectionMaximumAmplification and + - XML_SetBillionLaughsAttackProtectionActivationThreshold + .. to further tighten billion laughs protection parameters + when desired. Please see file "doc/reference.html" for details. + If you ever need to increase the defaults for non-attack XML + payload, please file a bug report with libexpat. + - Two new XML_FEATURE_* constants .. + - that can be queried using the XML_GetFeatureList function, and + - that are shown in "xmlwf -v" output. + - Two new environment variable switches .. + - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and + - EXPAT_ENTITY_DEBUG=(0|1) + .. for runtime debugging of accounting and entity processing. + Specific behavior of these values may change in the future. + - Two new command line arguments "-a FACTOR" and "-b BYTES" + for xmlwf to further tighten billion laughs protection + parameters when desired. + If you ever need to increase the defaults for non-attack XML + payload, please file a bug report with libexpat. + * Bug fixes: + - For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake) + or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault + for UTF-16 payloads containing CDATA sections. + - Autotools: Fix generated CMake files for non-64bit and + non-Linux platforms (e.g. macOS and MinGW in particular) + that were introduced with release 2.3.0 + * Other changes: + - xmlwf: Improve help output and the xmlwf man page + - xmlwf: Improve maintainability through some refactoring + - xmlwf: Fix man page DocBook validity + - CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR + and CMAKE_INSTALL_INCLUDEDIR + - CMake: Add support for standard variable BUILD_SHARED_LIBS + - Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters + - Resolve macro HAVE_EXPAT_CONFIG_H + - Delete unused legacy helper file "conftools/PrintPath" + - doc/reference.html: Fix XHTML validity + - doc/reference.html: Replace the 90s look by OK.css + - Version info bumped from 8:0:7 to 9:0:8 due to addition of + new symbols and error codes; see https://verbump.de/ for + what these numbers do + +------------------------------------------------------------------- +Tue Apr 13 06:04:38 UTC 2021 - Dominique Leuenberger + +- Do not BuildRequire cmake: expat is part of the distro bootstrap + cycle and any additional dependency makes the ring larger. In + this case here, cmake was even only used to own a directory. + +------------------------------------------------------------------- +Tue Apr 6 02:16:20 UTC 2021 - Dirk Müller + +- update to 2.3.0: + * When calling XML_ParseBuffer without a prior successful call to + XML_GetBuffer as a user, no longer trigger undefined behavior + (by adding an integer to a NULL pointer) but rather return + XML_STATUS_ERROR and set the error code to (new) code + XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) + of Clang 11 (but not Clang 9). + * xmlwf: Exit status 2 was used for both: + - malformed input files (documented) and + - invalid command-line arguments (undocumented). + case of invalid command-line arguments now + has its own exit status 4, resolving the ambiguity. + * Other changes + +------------------------------------------------------------------- +Sun Oct 4 19:19:55 UTC 2020 - Pedro Monreal + +- Update to 2.2.10: + * Bug fixes: + - Fix undefined behavior during parsing caused by pointer + arithmetic with NULL pointers + - Fix reading uninitialized variable during parsing + - xmlwf: Add missing check for malloc NULL return + * Other changes: + - xmlwf: Document exit codes in xmlwf manpage and exit with code 3 + (rather than code 1) for output errors when used with "-d DIRECTORY" + - Autotools: Use -Werror while configure tests the compiler for + supported compile flags to avoid false positives + - Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, e.g. + ensure that they have the last word over flags added while + running ./configure + - CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis + on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) + - CMake: Detect and deny unsupported build combinations + involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) + - CMake: Install pre-compiled shipped xmlwf.1 manpage in case + of -DEXPAT_BUILD_DOCS=OFF + - CMake: Fix use of Expat by means of add_subdirectory + - CMake: Keep expat target name constant at "expat" (i.e. refrain + from using the target name to control build artifact filenames) + - CMake: Expose man page compilation as target "xmlwf-manpage" + - CMake: Introduce option EXPAT_BUILD_PKGCONFIG to control + generation of pkg-config file "expat.pc" + - CMake: Add minimalistic support for building binary packages + with CMake target "package"; based on CPack + - CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with default + OFF to build fuzzer code against OSS-Fuzz and related + environment variable LIB_FUZZING_ENGINE + - Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF + - Address compiler warnings + - Address pngcheck warnings with doc/*.png images: Version info + bumped from 7:11:6 to 7:12:6 + +------------------------------------------------------------------- +Fri Nov 29 18:30:43 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.9 + * Other changes: + - examples: Drop executable bits from elements.c + #349 Windows: Change the name of the Windows DLLs from expat*.dll + to libexpat*.dll once more (regression from 2.2.8, first + fixed in 1.95.3, issue #61 on SourceForge today, + was issue #432456 back then); needs a fix due + case-insensitive file systems on Windows and the fact that + Perl's XML::Parser::Expat compiles into Expat.dll. + #347 Windows: Only define _CRT_RAND_S if not defined + Version info bumped from 7:10:6 to 7:11:6 + +------------------------------------------------------------------- +Mon Sep 16 08:21:52 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.8 + * Security fixes: (CVE-2019-15903, bsc#1149429) + - CVE-2019-15903 -- Fix heap overflow triggered by XML_GetCurrentLineNumber + (or XML_GetCurrentColumnNumber), and deny internal entities closing the doctype; + * Bug fixes: + - Fix cases where XML_StopParser did not have any effect + when called from inside of an end element handler + - xmlwf: Fix exit code for operation without "-d DIRECTORY"; + previously, only "-d DIRECTORY" would give you a proper exit code: + Now both cases return exit code 2. + * Other changes: + - examples: Improve elements.c + - Autotools: Add argument --enable-xml-attr-info + - Autotools: Add arguments --with-getrandom --without-getrandom --with-sys-getrandom --without-sys-getrandom + - Autotools: Fix linking issues with "./configure LD=clang" + - Autotools: Fix "make run-xmltest" for out-of-source builds + - CMake: Pull all options from Expat <=2.2.7 into namespace + - CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), default OFF + - CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), default OFF + - CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), default OFF + - CMake: Add arguments -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO + - CMake: Add arguments -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO + - CMake: Install expat_config.h to include directory + - CMake: Generate and install configuration files for future find_package(expat [..] CONFIG [..]) + - CMake: Now produces a summary of applied configuration + - CMake: Require C++ compiler only when tests are enabled + - CMake: Fix compilation for 16bit character types, i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) + - CMake: Port "make run-xmltest" from GNU Autotools to CMake + - CMake: Integrate OSS-Fuzz fuzzers, option -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF +- Removed patches fixed in the update: + * expat-CVE-2019-15903.patch + * expat-CVE-2019-15903-tests.patch + +------------------------------------------------------------------- +Wed Sep 4 17:11:38 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix (CVE-2019-15903, bsc#1149429) + * Crafted XML input results in heap-based buffer over-read by fooling + the parser into changing from DTD parsing to document parsing + * Added patches: + - expat-CVE-2019-15903.patch + - expat-CVE-2019-15903-tests.patch + +------------------------------------------------------------------- +Tue Jul 2 10:33:51 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937) + * Security fixes: + - CVE-2018-20843 - Fix extraction of namespace prefixes from + XML names; XML names with multiple colons could end up in + the wrong namespace, and take a high amount of RAM and CPU + resources while processing, opening the door to use for + denial-of-service attacks + * Other changes: + - Autotools/CMake: Utilize -fvisibility=hidden to stop + exporting non-API symbols + - Autotools: Add --without-examples and --without-tests + - Autotools: Modernize configure.ac + - Autotools: Fix check for -fvisibility=hidden for Clang + - Autotools: Fix compilation for lack of docbook2x-man + - CMake: Make libdir of pkgconfig expat.pc support multilib + - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR + - Remove fallback to bcopy, assume that memmove(3) exists +- Removed expat-2.2.6-fix-make-clean.patch + +------------------------------------------------------------------- +Thu Feb 7 10:45:14 UTC 2019 - Bernhard Wiedemann + +- Add expat-2.2.6-fix-make-clean.patch +- Allow profile guided optimization again + +------------------------------------------------------------------- +Thu Jan 3 13:08:57 UTC 2019 - Tomáš Chvátal + +- Drop docbook2x dependency, the manpages are generated in + the upstream archive and this way we break buildcycle + +------------------------------------------------------------------- +Tue Sep 11 11:32:10 UTC 2018 - pmonrealgonzalez@suse.com + +- Version update to 2.2.6 Sun August 12 2018 + * Bug fixes: + - Avoid doing arithmetic with NULL pointers in XML_GetBuffer + - Fix 2.2.5 regression with suspend-resume while parsing + a document like '' + * Other changes: + - Autotools: Fix docbook-related configure syntax error + - Autotools: Avoid grep option `-q` for Solaris + - Autotools: Support + ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" + - Autotools: Support DOCBOOK_TO_MAN command which produces + xmlwf.1 rather than XMLWF.1; also covers case insensitive + file systems + - Autotools: Drop -rpath option passed to libtool + - Autotools: Detect and deny SGML docbook2man as ours is XML + - Autotools/CMake: Support command db2x_docbook2man as well + - CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF + - CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF + - CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, + both defaulting to OFF + - CMake: Prefer check_symbol_exists over check_function_exists + - CMake: Create the same pkg-config file as with GNU Autotools + - CMake: Use GNUInstallDirs module to set proper defaults for + install directories + - CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM + - Address compiler warnings + - Fix miscellaneous typos + +------------------------------------------------------------------- +Thu Nov 16 10:22:18 UTC 2017 - jengelh@inai.de + +- Expand description of expat-devel. + +------------------------------------------------------------------- +Thu Nov 16 09:04:25 UTC 2017 - mpluskal@suse.com + +- Do not generate manpages from docbook +- Temporarily disable profiling due to bug in build system + +------------------------------------------------------------------- +Wed Nov 8 20:01:31 UTC 2017 - aavindraa@gmail.com + +- Version update to 2.2.5 Tue October 31 2017 + * Bug fixes: + - If the parser runs out of memory, make sure its internal + state reflects the memory it actually has, not the memory + it wanted to have. + - The default handler wasn't being called when it should for + a SYSTEM or PUBLIC doctype if an entity declaration handler + was registered. + - Fix a case of mistakenly reported parsing success where + XML_StopParser was called from an element handler + - Function XML_ErrorString was returning NULL rather than + a message for code XML_ERROR_INVALID_ARGUMENT + introduced with release 2.2.1 + * Other changes: + - Add argument -N adding notation declarations + - various compiler-specific fixes + - Improve docbook2x-man detection +- drop expat-docbook.patch + * fixed in 0f5186c7b8e503c669e332d944712de010b265f3 +- switch to github for release tarballs and website + +------------------------------------------------------------------- +Thu Oct 26 09:53:50 UTC 2017 - pmonrealgonzalez@suse.com + +- Version update to 2.2.4 Sat August 19 2017 + * Bug fixes: + #115 Fix copying of partial characters for UTF-8 input + * Other changes: + #109 Fix "make check" for non-x86 architectures that default + to unsigned type char (-128..127 rather than 0..255) + #109 coverage.sh: Cover -funsigned-char + Autotools: Introduce --without-xmlwf argument + #65 Autotools: Replace handwritten Makefile with GNU Automake + #43 CMake: Auto-detect high quality entropy extractors, add new + option USE_libbsd=ON to use arc4random_buf of libbsd + #74 CMake: Add -fno-strict-aliasing only where supported + #114 CMake: Always honor manually set BUILD_* options + #114 CMake: Compile man page if docbook2x-man is available, only + #117 Include file tests/xmltest.log.expected in source tarball + (required for "make run-xmltest") + #111 Fix some typos in documentation + Version info bumped from 7:5:6 to 7:6:6 + +- Release 2.2.3 Wed August 2 2017 + * Bug fixes: + #85 Fix a dangling pointer issue related to realloc + * Other changes: + #91 Linux: Allow getrandom to fail if nonblocking pool has not + yet been initialized and read /dev/urandom then, instead. + This is in line with what recent Python does. + #86 Check that a UTF-16 encoding in an XML declaration has the + right endianness +#4 #5 #7 Recover correctly when some reallocations fail + Repair "./configure && make" for systems without any + provider of high quality entropy + and try reading /dev/urandom on those + Ensure that user-defined character encodings have converter + functions when they are needed + Fix mis-leading description of argument -c in xmlwf.1 + Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) + for CloudABI + #100 Fix use of SIPHASH_MAIN in siphash.h + #23 Test suite: Fix memory leaks + Version info bumped from 7:4:6 to 7:5:6 + +- Release 2.2.2 Wed July 12 2017 + * Security fixes: + #43 Protect against compilation without any source of high + quality entropy enabled, e.g. with CMake build system; + * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; + resulted in NULL dereference, previously; + * Bug fixes: + #69 Fix improper use of unsigned long long integer literals + * Other changes: + #73 Start requiring a C99 compiler + #49 Fix "==" Bashism in configure script + #58 Address compile warnings + #68 Fix "./buildconf.sh && ./configure" for some versions + of Dash for /bin/sh + #72 CMake: Ease use of Expat in context of a parent project + with multiple CMakeLists.txt files + #72 CMake: Resolve mistaken executable permissions + #76 Address compile warning with -DNDEBUG (not recommended!) + #77 Address compile warning about macro redefinition + + * Added patch expat-docbook.patch to compile the man pages with + docbook-to-man + + * Cleaned spec file with spec-cleaner + +------------------------------------------------------------------- +Sat Oct 7 14:32:27 UTC 2017 - jayvdb@gmail.com + +- Allow building when do_profiling is undefined + +------------------------------------------------------------------- +Tue Jul 11 15:02:55 UTC 2017 - mpluskal@suse.com + +- Build with profiling when possible + +------------------------------------------------------------------- +Tue Jul 4 14:33:00 UTC 2017 - meissner@suse.com + +- Version update to 2.2.1 Sat June 17 2017 + - Security fixes: + CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS + Details: https://libexpat.github.io/doc/cve-2017-9233/ + Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f + - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; + (Fixed version of existing downstream patches!) + - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off + longer tag names; + #25 More integer overflow detection (function poolGrow); + - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; + - [MOX-005] #30 Use high quality entropy for hash initialization: + * arc4random_buf on BSD, systems with libbsd + (when configured with --with-libbsd), CloudABI + * RtlGenRandom on Windows XP / Server 2003 and later + * getrandom on Linux 3.17+ + In a way, that's still part of CVE-2016-5300. + https://github.com/libexpat/libexpat/pull/30/commits + - [MOX-005] For the low quality entropy extraction fallback code, + the parser instance address can no longer leak, + - [MOX-003] Prevent use of uninitialised variable; commit + - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b + Add missing parameter validation to public API functions + and dedicated error code XML_ERROR_INVALID_ARGUMENT: + - [MOX-006] * NULL checks; commits + * Negative length (XML_Parse); commit + - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f + - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash + to go further with fixing CVE-2012-0876. + https://github.com/libexpat/libexpat/pull/39/commits + - Bug fixes: + #32 Fix sharing of hash salt across parsers; + relevant where XML_ExternalEntityParserCreate is called + prior to XML_Parse, in particular (e.g. FBReader) + #28 xmlwf: Auto-disable use of memory-mapping (and parsing + as a single chunk) for files larger than ~1 GB (2^30 bytes) + rather than failing with error "out of memory" + #3 Fix double free after malloc failure in DTD code; commit + 7ae9c3d3af433cd4defe95234eae7dc8ed15637f + #17 Fix memory leak on parser error for unbound XML attribute + prefix with new namespaces defined in the same tag; + found by Google's OSS-Fuzz; commits + xmlwf on Windows: Add missing calls to CloseHandle + - New features: + #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 + for runtime debugging of entropy extraction + Bump version info from 7:2:6 to 7:3:6 + +------------------------------------------------------------------- +Mon Jul 18 23:02:23 UTC 2016 - jengelh@inai.de + +- Remove pointless --with-pic (for static only) + +------------------------------------------------------------------- +Thu Jul 14 08:43:31 UTC 2016 - tchvatal@suse.com + +- Version update to 2.2.0: + * Fixes bnc#983215 CVE-2012-6702 + * Fixes bnc#983216 CVE-2016-5300 + * Various cmake and autotools script updates + * Fix detection of utf8 character boundaries +- Remove all patches merged upstream: + * expat-2.1.1-avoid_relying_on_undef_behaviour.patch + * expat-2.1.1-parser_crashes_on_malformed_input.patch + * expat-alloc-size.patch + * expat-visibility.patch + +------------------------------------------------------------------- +Wed May 18 11:43:51 UTC 2016 - kstreitova@suse.com + +- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid + relying on undefined behavior in the original CVE-2015-1283 fix + [bnc#980391], [bnc#983985], [CVE-2016-4472] +- add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix + Expat XML parser that mishandles certain kinds of malformed input + documents [bnc#979441], [CVE-2016-0718] +- use spec-cleaner to clean specfile + +------------------------------------------------------------------- +Fri Apr 1 16:32:27 UTC 2016 - crrodriguez@opensuse.org + +- After simplification of expat-visibility.patch, it became + uneffective as no symbols are getting hidden. add + -fvisibility=hidden to CFLAGS again. +- expat-alloc-size.patch: fix braino, realloc()-like functions + should not take __attribute__(malloc) + +------------------------------------------------------------------- +Wed Mar 23 08:31:29 UTC 2016 - idonmez@suse.com + +- Update to version 2.1.1 + * Fixes CVE-2015-1283 — Multiple integer overflows in the + XML_GetBuffer function + * Fix potential null pointer dereference + * Symbol XML_SetHashSalt was not exported + * Output of xmlwf -h was incomplete + * Document behavior of calling XML_SetHashSalt with salt 0 + * Minor improvements to man page xmlwf(1) +- Simplify expat-visibility.patch, refresh expat-alloc-size.patch +- Drop config-guess-sub-update.patch, fixed upstream. + +------------------------------------------------------------------- +Sat Jul 11 12:10:03 UTC 2015 - mpluskal@suse.com + +- Cleanup spec file with spec-cleaner +- Remove old ppc obsoletes/provides + +------------------------------------------------------------------- +Tue Mar 26 13:10:01 UTC 2013 - mmeister@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Thu Feb 21 16:02:17 UTC 2013 - jengelh@inai.de + +- Sanitize description of expat (replace it with a more current + one from the homepage) + +------------------------------------------------------------------- +Mon Feb 4 12:59:44 UTC 2013 - schwab@suse.de + +- Update config.guess/sub for aarch64 + +------------------------------------------------------------------- +Wed Jan 23 09:07:25 UTC 2013 - pgajdos@suse.com + +- fix of fix of [bnc#798644] +- according to upstream changelog: + - Improved ability to build without the configure-generated + expat_config.h header. This is useful for applications + which embed Expat rather than linking in the library. + + because I am not exactly sure about implication of this, rather use + -DXML_HAVE_VISIBILITY in CFLAG_VISIBILITY in expat-visibility.patch + +------------------------------------------------------------------- +Tue Jan 22 12:40:02 UTC 2013 - jengelh@inai.de + +- Executing autoreconf requires autoconf BuildRequire + +------------------------------------------------------------------- +Fri Jan 18 08:53:33 UTC 2013 - pgajdos@suse.com + +- really hide private Xml* symbols [bnc#798644] + * modified visibility.patch + +------------------------------------------------------------------- +Tue Apr 10 19:06:34 UTC 2012 - tabraham@novell.com + +- update to 2.1.0 + - Bug Fixes: + #1742315: Harmful XML_ParserCreateNS suggestion. + #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. + #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. + #1983953, 2517952, 2517962, 2649838: + Build modifications using autoreconf instead of buildconf.sh. + #2815947, #2884086: OBJEXT and EXEEXT support while building. + #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. + #2517938: xmlwf should return non-zero exit status if not well-formed. + #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. + #2855609: Dangling positionPtr after error. + #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). + #2958794: CVE-2012-1148 - Memory leak in poolGrow. + #2990652: CMake support. + #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. + #3206497: Unitialized memory returned from XML_Parse. + #3287849: make check fails on mingw-w64. + #3496608: CVE-2012-0876 - Hash DOS attack. + + - Patches: + #1749198: pkg-config support. + #3010222: Fix for bug #3010819. + #3312568: CMake support. + #3446384: Report byte offsets for attr names and values. + + - New Features / API changes: + * Added new API member XML_SetHashSalt() that allows setting an + intial value (salt) for hash calculations. This is part of the + fix for bug #3496608 to randomize hash parameters. + * When compiled with XML_ATTR_INFO defined, adds new API member + XML_GetAttributeInfo() that allows retrieving the byte + offsets for attribute names and values (patch #3446384). + * Added CMake build system. See bug #2990652 and patch #3312568. + * Added run-benchmark target to Makefile.in - relies on testdata + module present in the same relative location as in the repository. + +------------------------------------------------------------------- +Tue Mar 6 03:01:08 UTC 2012 - tabraham@novell.com + +- update to 2.1.0 beta + * refreshed expat-visibility.patch + * removed obsolete expat-CVE-2009-3560.patch + * removed obsolete expat-CVE-2009-2625.patch + + - hash table DOS attack fix + - accumulated bug fixes and some changes to the build system + - new conditional feature to make byte offsets for attributes + and attribute names available + +------------------------------------------------------------------- +Sun Feb 12 14:42:34 UTC 2012 - crrodriguez@opensuse.org + +- Put libraries back to %{_libdir}, /usr merge project + +------------------------------------------------------------------- +Fri Dec 2 12:43:19 UTC 2011 - coolo@suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Sun Oct 30 22:03:29 UTC 2011 - crrodriguez@opensuse.org + +- Hide non public symbols reusing existing win32 API export/imports +- annotate malloc/realloc-like functions with attribute alloc_size + to catch possible misuses in calling code. + +------------------------------------------------------------------- +Sun Sep 18 17:17:12 UTC 2011 - jengelh@medozas.de + +- Remove redundant/obsolete tags/sections from specfile + (cf. packaging guidelines) +- Use %_smp_mflags for parallel build +- Add libexpat-devel to baselibs + +------------------------------------------------------------------- +Fri Feb 25 16:01:01 UTC 2011 - prusnak@opensuse.org + +- fix license (MIT) in spec file + +------------------------------------------------------------------- +Fri Jan 8 15:04:28 CET 2010 - prusnak@suse.cz + +- fix CVE-2009-3560.patch [bnc#566434] + +------------------------------------------------------------------- +Sun Dec 13 19:28:22 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source + +------------------------------------------------------------------- +Fri Dec 4 15:43:29 CET 2009 - prusnak@suse.cz + +- fix DoS (CVE-2009-3560.patch) [bnc#558892] + +------------------------------------------------------------------- +Thu Oct 29 14:22:47 CET 2009 - prusnak@suse.cz + +- fix DoS (CVE-2009-2625.patch) [bnc#550664] + +------------------------------------------------------------------- +Sun Apr 5 15:45:49 CEST 2009 - crrodriguez@suse.de + +- test suite requires gcc-c++ to compile + +------------------------------------------------------------------- +Thu Feb 19 04:55:08 CET 2009 - crrodriguez@suse.de + +- remove static libraries, shouldnt be needed anymore. +- run make check + +------------------------------------------------------------------- +Wed Dec 10 12:34:56 CET 2008 - olh@suse.de + +- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade + (bnc#437293) + +------------------------------------------------------------------- +Thu Oct 30 12:34:56 CET 2008 - olh@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Sat Jul 28 19:38:40 CEST 2007 - coolo@suse.de + +- fix devel symlink + +------------------------------------------------------------------- +Wed Jul 25 11:29:59 CEST 2007 - prusnak@suse.cz + +- move libraries from /usr/lib to /lib [#285472] +- replace deprecated %run_ldconfig with /sbin/ldconfig + +------------------------------------------------------------------- +Thu Jun 7 16:46:32 CEST 2007 - prusnak@suse.cz + +- update to 2.0.1: + ( from Changes ) + * Fixed bugs #1515266, 1515600: The character data handler's calling + of XML_StopParser() was not handled properly; if the parser was + stopped and the handler set to NULL, the parser would segfault. + * Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed + some character constants to be ASCII encoded. + * Minor cleanups of the test harness. + * Fixed xmlwf bug #1513566: "out of memory" error on file size zero. + * Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. + * Fixes and improvements for Windows platform: + bugs #1409451, #1476160, 1548182, 1602769, 1717322. + * Build fixes for various platforms: + HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. + All Unix: #1554618 (refreshed config.sub/config.guess). + #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, + without relying on GNU-Make specific features. + #1647805: Patched configure.in to work better with Intel compiler. + * Fixes to Makefile.in to have make check work correctly: + bugs #1408143, #1535603, #1536684. + * Added Open Watcom support: patch #1523242. + +------------------------------------------------------------------- +Tue Apr 17 18:49:10 CEST 2007 - prusnak@suse.cz + +- split libexpat1 and libexpat-devel subpackages [#260214] + +------------------------------------------------------------------- +Thu Oct 19 12:37:07 CEST 2006 - dmueller@suse.de + +- strip .la file + +------------------------------------------------------------------- +Wed Jan 25 21:30:10 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Fri Jan 13 00:21:55 CET 2006 - ro@suse.de + +- fixed file list for debuginfo package (do not pack all of libdir) + +------------------------------------------------------------------- +Wed Jan 11 17:43:46 CET 2006 - mjancar@suse.cz + +- update to 2.0.0 + +------------------------------------------------------------------- +Mon Jan 9 13:25:07 CET 2006 - mjancar@suse.cz + +- update to 2.0 pre release + +------------------------------------------------------------------- +Wed Nov 10 11:54:21 CET 2004 - ro@suse.de + +- fixed filelist + +------------------------------------------------------------------- +Mon Aug 09 16:26:05 CEST 2004 - tcrhak@suse.cz + +- update to 1.95.8 + +------------------------------------------------------------------- +Thu Feb 5 18:28:34 CET 2004 - kukuk@suse.de + +- Build as user + +------------------------------------------------------------------- +Thu Feb 05 18:00:24 CET 2004 - tcrhak@suse.cz + +- update to version 1.95.7 + +------------------------------------------------------------------- +Tue Feb 18 15:36:28 CET 2003 - tcrhak@suse.cz + +- in expat.h, declare enum XML_Status before using it; + put into patch "...-header.diff" [bug #23742] + +------------------------------------------------------------------- +Mon Feb 17 18:05:52 CET 2003 - tcrhak@suse.cz + +- updated to version 1.95.6 + +------------------------------------------------------------------- +Sun Dec 22 18:21:13 CET 2002 - tcrhak@suse.cz + +- update to version 1.95.5 + +------------------------------------------------------------------- +Sat Jul 13 15:14:59 CEST 2002 - tcrhak@suse.cz + +- update to version 1.95.4 + +------------------------------------------------------------------- +Thu Mar 28 15:17:43 CET 2002 - tcrhak@suse.cz + +- added parameter --target to configure + +------------------------------------------------------------------- +Mon Jan 14 13:25:11 CET 2002 - rvasice@suse.cz + +- use %{_libdir} and %{_lib} + +------------------------------------------------------------------- +Tue Nov 20 18:41:35 CET 2001 - rvasice@suse.cz + +- fix URL in spec file + +------------------------------------------------------------------- +Wed Aug 15 19:54:16 CEST 2001 - rvasice@suse.cz + +- update to version 1.95.2 +- spec file cleanup +- added DESTDIR + +------------------------------------------------------------------- +Mon May 14 12:08:01 CEST 2001 - pblaha@suse.cz + +- fixed links for soname of libexpat.so* + +------------------------------------------------------------------- +Fri May 11 09:03:03 CEST 2001 - cihlar@suse.cz + +- fixed soname of libexpat.so.1.2 + +------------------------------------------------------------------- +Fri Jan 5 10:13:20 CET 2001 - pblaha@suse.cz + +- back on stable version 1.2 added build shared libexpat.so + +------------------------------------------------------------------- +Thu Jan 4 15:46:21 CET 2001 - pblaha@suse.cz + +- update on 1.95.1 on sourgeforge needed for midgard +- new description + +------------------------------------------------------------------- +Thu Mar 9 11:01:23 CET 2000 - ke@suse.de + +- Don't "install" symlinks; use "cp"; reported by bs; proposed fix + by ro. +- Cleanup the spec file: better Group tag; more accurate files list. + +------------------------------------------------------------------- +Tue Nov 23 14:59:17 CET 1999 - ke@suse.de + +- first SuSE package: version 1.1. +- apply Debian patch to build shared libs. +- build libexpat.a. + diff --git a/expat.keyring b/expat.keyring new file mode 100644 index 0000000..38534e3 --- /dev/null +++ b/expat.keyring @@ -0,0 +1,388 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: Hockeypuck 2.2-27-g4c3b6d7 +Comment: Hostname: butcherbird.keys.gentoo.org + +xsFNBFzUcE0BEACzkr4qR9zoM63YCJU/oQTJEtt7SR9Hcvntk351O5QQbNJS55Za +h+XfiAl1j45yrxP+ve3xU64Cl/GctZMLgkx8Qd3JECZCUkm72cvlBF1bJ0hkvcJR +tTyuc9XXBBQBNoRS1Tn4Gc/QE8L7669mS0FPPKpy4m7yY9SLtkauUTVkeKVz65Wo +9jEB4cc4hJGzqeBndSmPbznOPkATSadeLX7xNFG4nM20wCGZ1+UmY4j1NTBJnbxt +xcPQ4/OiAKvAsfAzvZrlAMhJtFAfnooP7VkIsbZyQqPeUznhGOK1nVpjl7DZ5c4g +eJa3OLfeDM5c1mSx3VsU8SkKbBqNeog5dV9yHAKFBa10M+VAylwlRg5i6TE/5JP4 +LneWoh/dZP6216MMelDcZeXn6JCgLWmjbCmuwDgA5S7y2cewRU3hopGvCpTkgEg8 +XuXZgP8O1ZAOOqBWOt/mk71Bm6LdIe501f60aVcnODJDSb6tDwYTxkn5vGPvu8bi +u2K+zdFqZskPTZo44qZDjLd7HpN5SigFMCCSk9LTWcwpa4eSFcezmfku+dB5T79Y +0W0qCKJKBtNLOj5atVk9j+BA0BNTmE8e95bTdPW3UbmXPhQQt8J+6UXsUC0brn3/ +9pXTXHvPiQsYMKcMzOnbdXKvlMxF+dN3BT+uhEF5tyYgqSDaF07EnIJzdwARAQAB +zSRTZWJhc3RpYW4gUGlwcGluZyA8c3BpbmdAZ2VudG9vLm9yZz7CwZQEEwEIAD4C +GwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQQxdu99sjZ/H8pPMGsfmw6QmvNy +hQUCZZgh3wUJDIYYkgAKCRAfmw6QmvNyhfRcEACU3hFFTVRyZTB+/Phui6bFhhbH +oRVMZl7llwGdtmUR76moGAnOilKK3UG4Xn+yHk0Au0kMDciDzET1KL5pTk3FYaX5 +SdhMK5P3CQIRvGVQGEyzm2riGMGBQwbMTN1cWSrW39lORPDanDKIzzu0mvAe9Ufs +M5Ecrz6xTIxMcMfBEaYH0snwMGFLowcDETk8DIM8qn6oOrH86S2+HP3LKeCM1DOI +uAILj438lTgaHKfOmtAMxqwXzVtknQN5upIBvfDtYXeLH/zSztt3XIcDYrBVCFd+ +7wxvelu0C6e1yG3vQ6eQt4OAeSNBOXUAcIWsCti9uGL2//pE9gQs4s1ijJYFQuuE +er3sTTqg4JU5y9NkDo6p9roZt+uDFSyj3wgOinfxMipNLniJpjrvV+tmqGhYZY0R +WEP757A1M/xVaf89d9rp5pJ9QawNUIDfM8gH+m0FuX5YKlSvFak+uB9/Oeu+BKy+ +wWyBiEM3fOjnFBpAGz1nKGQFYvUuRtqFAmlLUhN3EA2ixL6tMvlkWmHS0o0o+YGX +tANGcsS3KwWILlRarfhkHuc0s+gFiTKvfS/pTbiy6XbtYTtQ0n1HkLz32zwdnFig +/do+xYVyb9w1IZSc3HZAA2h8NlW2crMbzHr4FlSF5p/Zk5gVdfnhuKqWsE/nKAjg +/GwACVGzFbZiD2CqsMLBlAQTAQgAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIX +gBYhBDF2732yNn8fyk8wax+bDpCa83KFBQJjxyuuBQkI0+7hAAoJEB+bDpCa83KF +cesQAK0yPR7YSvy+uumbMJ02Be/7bu60yUk5O8nngpmebzQLEDAOyp1/HTcNk8VO +zyKsQfWOsCvupAvPpdlaTfXanJQa0kOBjos1B/hoc4lQg3UwpSxUbmAml8MZfWgs +QOexENXh3kGQBHTQS7fObCx8P96BLgOvCzq/wo7dUf4cugfg0RQSVI6yQNUIesRq +NSDHTRAKy6hWieW3itZRs/DCD9e/aesDAIGaFlxOWb5wl0mHHbYw2IhgK/RbSY7K +kt24SPEom7rc7dD/ToG2qNv/5uUujSQdjQu0WE+5JVVOaYsKWkWTcdKVURhhRJQt +FmBA+CQyC/gUmrPvjfWFk9LpbFi/5cFWaqWQpMjz0pQPyKcLRNNotYMaPWpxqIpt +0sBtVBZSVHv1emyMkYccxgP49lfHpzWIdILZwKJyJ6PPtojV3lrcXc53ILsOTGi7 +iSSQDEmxwJ6hT0lzrJ0bGnTidO4pN6VqtpQUt3HsODtivodxfkGskuSMkPVunZLG +4OIsdco/mdKpEEc6g2+dQnYl2tYFZ8w/l0gEakLbkFVIvsYdzCJpR39OJgRWE+YD +aWWitak50L30tu5gXcIMw4+79s0gqUBBxYRo79bx31uV1fPcj+ajovLQD9o5lwfY +TdPIaNPmQh6oyz9CVzTovUgsHP8Ji0Yepma09p89Ov1NFPlawsGUBBMBCAA+AhsD +BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUF +AmHSMvMFCQb/66YACgkQH5sOkJrzcoVQXQ//bVDypVzLbR1pbJKy0ZrxxHzJQVBI +6Ji2f4NsByIGV75Eci+cFyaR3JGZE021CHCDpzfBevxffz+Oyikftzb2/2Qq8GgF +MTj3lLzkgq5py7H/498vyK1JmwXroQ8RX0X3iwAZncT5U5QI+GYZA9SkJe3ETFIn +fkqZUdYXR0ZH3kt5ci+PxnwmD+HXAJUx/MWAX74Hi2/i+fkirpQ2tE0Kbo484Biy +WTtfebajNLv97Sw/8TpGKgcLJKgBL0aY5QQoJ8dE8YQn8LNRDFk79YyZRHrXGpOs +TpzEsQZD2ZS8YC3LmyWKhm/1lzYbKs1mlVbkodU6kkaJn8p19s5bI79gajjnoMm3 +Yh7q/Fp3nC2HpIpxWKnKqMdok/u+McivV7ue4VfRrKV7mXJ/0XUtcc8KYehDlDpn +nbqETUkQPU/DGpUIxB3BR3ihEZJ6EpIkysXfgfpBPNvPpjnaV7+uPFgAzlst44FL +RqQH0gI7IsBLABrgX+yioF1zQzOkp8iI8PJkuBmxeA1Q/M68VIIF4Wma3ej677M2 +ATdwX5cFqgrhvbwiBSst67YJjbyehwnl/tRAexV6/lIk4NnTKHPE2domgeAR+uLk +mMO/o/G5Gk1cYbRXG38RM3vDqAAFEznec1pLla9UV6LrugJCHErnxI9Pm9h0njwG +NJWpgz1NDMLlyvLCwZQEEwEIAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AW +IQQxdu99sjZ/H8pPMGsfmw6QmvNyhQUCYIszpgUJBZf22QAKCRAfmw6QmvNyhTjF +D/0XjMa2vEePxvJG5upokP5yzVQoMqAi1nryvXTiC8yzJWXD8/E9C+/K9AnHv1cv +p3kojQmbqnP/1B2o/IYzJVJdLZR9F7yVmB2H6Z/C13X27u811DuEWEt4KYQSdNuT +O9qZdtL2xS3WTNiCx3Tu9N2sE5jXR+6JKZvU1+gCyM+GqWhFWIRphVUngoeTFcy1 +/2C9C5d7fg3IzcQ9VxdinheYMLcPg4mumjMRMV7MqRZUCzPYkXulm5YBYDVATHfR +WBmR+MP+0jrciVDkEYONKzeVRv9QVCoppJ5D26t/Cw6COJJAKDfsUngkWFOIIz7r +vSdxe2KcVxWQU7COB2Pf7oeV1Yay7onSrYbl6dTvQyBXBmCD77w1jl8DyrgwLJIw +m7Hx7/T5StSO0W2B+rpZDpceNou7TUDok3ZagIbKhsiOuLEofkV+Mg4KIBdvnn/Q +OqAeeu7OWIyyXUFWbTHYqDzucPoy98zUP+J73mm90B6/q9HFl7d2eCOXucvyUUrw +1Qh7K562Ye1v0q9dEyaDecM/4zeioTShzMfqtPUXtS+inUiEjis8YtnwTmIWKZaD +K4eGnO9IndXbkeox19z86tPepu/JvnAUXIhgzct4IIHGKo1RG55HIAIpMrRaNMG6 +JScWOkzDU9slgOZFSbnTsSTHzrJlkxn6kagdTC2rvXKrI8LBlAQTAQgAPgIbAwUL +CQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBDF2732yNn8fyk8wax+bDpCa83KFBQJe +ssWcBQkDv4jPAAoJEB+bDpCa83KFOmoP/0xqddoMT0nyxH/ieFuWJXBYIJA4WAV3 +V85YM4ATjs+yxGSBTialgV45Xpv+bVoXxyz0b9fVXnBn10MmkZuLX7utQyDRAnWm +Qcx3BWgKnYle6Rfk7bg7WZGJZGOJi6aOh/nXB4kIICTAeWwRoovt2+X3leIqA/JD +70iyB+CWwn7vfz7FtDBd8VfHVIYqmaFY/6qhD4v2bw7S0mSrOXoBF91QUApK5lCj +lTtIt3IftaT6+Ic9IxJeh30WXQqbxCxhw0LQD//XJEf0rz1L0K1362umyi5Bjlmw +ZDSDJlkqc8H1+3sZf5ofBQElMoSVDP0vvWgavoUiwbfj+vljuI9aEfaSSE5K91+Y +OmRMe2b/18ZCkCXICCPU/DqS7CAkvFkweiJBG+P0dgMzTgpRKcrOX0GIQmRVIYw4 +zBlwzomxBvaZ4fS6GSgkX3s0W/wdc7t/Vw9OkKZPcrIs1845RH/dsuzdaaVWw1BK +s1nqAV8MoRfJ2YLJKkjxoBjoS3opQwTVj12bhUuBieMX+SmqE187bzmRmprDcH8E +8mQv8STih+3pjxD9Q8NVupAjB3zlCEyTeKJIWYv/2ixYL7z1CbN+YAdRUEA0YCup +R4R7tfFeHXp+bv9v+ak+HNkiGlF9U72Wc3q+y7rbODqfE+9pYsgec1mbdDVGeaez +s1VfosOpCiI4wsGUBBMBCAA+FiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUFAlzUcE0C +GwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQH5sOkJrzcoVYFRAA +qnEdpZvRw8o1MvgoahonEQQ0KoNK2Q6IQT1iAlFg43hsf2Q6Lj1N8gaClrty5NKL +iDxdFbIQzn2m/B+FJVftOlnCBLGIVe861FD7Mwg61bGbftl0irEgaXT2qASFa9FM +WzfJbP7EukwTWjf9cHZkzqlF6+tpcKBf3LviuAc2kU+cmirNEmG9JnKoODEprUTw +Fo5cGQbx8BWWMoWkGqdOtLleThos38Gd0CxZXTLbEjOY7kAKJOFqHdTgjh2GPkWo +UWo/2eWz4GBN8nDPOBto/Te5ybujCS8srdpjluPY45IHiie2j5Xnb7rsrdxCdBkI +iUkIIy1xv+sI5jfl5gSZHMnWpaTEcZP2Leje1R33reOrz/Jgv4zW7VG+cBUhq0SX +MmT9Hpc7zulYUodZpUaKhFBypG9QhVQmBqK3xnVLokYU1ysD3IyKntWSUGiCsijn +MtgqCLSzZHAjR7U5aDed+/GOoTviD9wSMkbZQXA97/USGLEI9k7vVZ5bpPwMG8C5 +JjpwusALA5ppoSustAFZ9xaQGe5tew6RYiJTabpjZI2lC3xChS9jzxwfFW2ItVdS +ABuvV/vdSSsc01PN7Pgdkc/IXotozW7WG4/xP1bImrTrnDn/WI/INLZ0uF344Wtl +T10EEoQU9roZvoRenrAWqaQ4I6IffwBhCg+CYceO7y7CXQQTEQIAHRYhBD1+lZ2J ++s/uODcZIbALxmpAGhYABQJc1HOXAAoJELALxmpAGhYAwxYAniPJOey52Zkpy2UL +NZXpLnMfU4ccAKCRtqJckPvSBE69v8XIF9imvxX09cLApQQQAQoATxYhBCwTgjuC +NzEPohMDSTDRMv8P9Q7rBQJc1cMyBYMB4TOAKxpodHRwczovL3d3dy5nZW50b28u +b3JnL2dsZXAvZ2xlcC0wMDc5Lmh0bWwACgkQMNEy/w/1DusYEQf/YoER3M3OLkUT +7DgWiZBakNs3ifv63fvBDVhwZcerobSxlqjFFQK6CC+vFumkxV0hFIvS9yfCTLNY +McLa8C9TuWJSqOtTXLGoYDbD6tEOQbMnKJ+W/vypbf1VqVHlptwkPpNd5R6acsEv +4rNK1bbzDVWzrCvLBRsHHiyr8MFHVjJjPZFqQfc56K2CHNv7Yhk6h3DG/0LQl2Lb +pxxcYKkF+gw5AwJazBf/DwpomwyrMRRmiqcgJ0kDyDO9ktMd+7z81t12G6tiEFVo +iyPCmYkU0CjpArg0nMBWMzocrr3i7RNO5675VwefF5+i/hBykyaGiunmpJ5G16Ja +PAvs1eLOicLBcwQTAQgAHRYhBGPrBPqjDHbilS5u1lZZU7lTcnVsBQJeLf7nAAoJ +EFZZU7lTcnVsdKQQAJFajikh3xSQ/n4/LRz2eAEiI4TePxmkDKxml1MpZpkxI1Sr +yF0Dd67wPxiZ45z0YZ2GO/FcP2BVei5A8etgQ0/aFt1WZ565ZgjtZf+entraAqU7 +EEy6MhNV53/uRBtFGfDHSmGrP/2HtPJzcvqmnPVtyUBMKGDBOxCNB3ivPcDsu80f ++Xd+junrwEi1p7pxlmCP0ZmJFj0U5Bf2QRkfVfXvL6QqEAOBTUqCXTfmTmZ1Tpen +B8muWDgqok/3Qme8Y+0oTe3O+t+0IRxi2V1lDkB1Dd1QOfEXp3WV4Le1b6O/rOgT +5fW0XUEQJ9CN58zVEqPTw6aPW/qLA65UfbkiO/H54BnOeHSlFU9YPrEcCf2qooTH +qZyUEgEdB5A61NhravO78/uwgaHGiIKzopjLr8D5Le9YTD54DAlbP6X+0Jb93buV +cvm2rm9cKIbN6mwbH5gri7USDI0UAUySVYebB1UdFmOOYLovzDN7Us/sWJYksmWX +pw70IZLmSVxEWR+IurbzPgl+twksZv5EPOPhVa3plyRY+ARakisVmtdRWzBNwbd6 +RMG1urRiWXyD60r5XbiXN3sPvTdvYkgFKWDQ8WS/+AyewznnU4ZU2eLFYRZi4TWu +gzaZVyAv7CRJi1UMOXSafqW/MlcWlM2Gqw4WhEHX70YKQRJwC2yGWF2P0T3fwsCl +BBABCgBPFiEELBOCO4I3MQ+iEwNJMNEy/w/1DusFAl629s8FgwHhM4ArGmh0dHBz +Oi8vd3d3LmdlbnRvby5vcmcvZ2xlcC9nbGVwLTAwNzkuaHRtbAAKCRAw0TL/D/UO +68YgB/9kV1UOYkFrvukODCz1MMCDfvdDi3i3boOKan8YB6M/0vzkdEYTdwHCmnRT +k3a6gTIFCatCeh76CBoQ5xBdu/qrYYh4DgtGkztjD9SZ9tx3spCFGy1mIldvZ5y2 +RKWIO94CetJ9LjIHqmOczrhdMJloowJc6nXiiJHp7ywv6nhAj3LwkVG/My2BAJuY +VbkmlJ46Et2duNvrKpZnzNATHeUv9N07OT3PhSwvamJ3K1xQx7NgfcjOolH7FMwy +3cQtBZS0QiVqDLga9eQoxM4re2q13ec8oIF8AtgR+G66geiRMuShu8Axe2I0mBZQ +Jt4k9pb5sxk7dPTttUJirCrsHcpkwsClBBABCgBPFiEELBOCO4I3MQ+iEwNJMNEy +/w/1DusFAmCZe7AFgwHhM4ArGmh0dHBzOi8vd3d3LmdlbnRvby5vcmcvZ2xlcC9n +bGVwLTAwNzkuaHRtbAAKCRAw0TL/D/UO6+r2CADB1q1g9jSBvgtoOpRPx9Jr0A4J +YSoFv5cXcOIZVouxICwwczvUxJ2TG9ddVvlBXCcU9NEYLfQtezsfMSrMGoiLdC+n +neDhf8Fw1isc8wK82EO0qf23bu6dw77NzGVj3THrHnyWLLFCNLZJuiXPBFhG2GKw +3PEDjkSAlxTZHeXWuCNzC39f9bcW4G3ftiQQUWArk6PdGIfY+M2zZ3Z/W9+3//UL +GKDf+ws0iG+P/FV/J4eUCeiv5n9D6/DFxcJ2c5HS1LgMJs/j10PZc010Kkm67U2z +BqxLzpyOOGu5yGD7bbDBAUWJYu+yJeN9cP2p0xjpsI0PJAXZ0yF41TghhDmxwsCl +BBABCgBPFiEELBOCO4I3MQ+iEwNJMNEy/w/1DusFAmJ6rzEFgwHhM4ArGmh0dHBz +Oi8vd3d3LmdlbnRvby5vcmcvZ2xlcC9nbGVwLTAwNzkuaHRtbAAKCRAw0TL/D/UO +60T5CADmIo88rk4fHIwVUEaXYQV30elZsRjtBLStJZi7v3Py4HinqkWQ3cGixQgS +4RBbs1gsjmnCdFfTt6oi+0YJ4TbYl4YIsfQAjl7KIlxcDo6slG4u0u38Yzc5vSUv +xmXXNVtde/fd3qRRUKI9y2ZgHVKewkAdceWFarg8SvxYux8beOhy8jAl5MXz0W3p +69vqDJlKXT7CJtYljMMvSGtPIGVw0HGNOHrgJsnhOCheChKOqMaKeX1pzYeKmPvb +VaXGfPJ7a3dWwzCJATDQfTVb1nIxrh9XNfl1oV5fmiWD0YmKGeJf3NrJfGjvAZXe +tyDepmAgQWxuQis1J7DoJmSvRxmtwsClBBABCgBPFiEELBOCO4I3MQ+iEwNJMNEy +/w/1DusFAmRdNDAFgwHhM4ArGmh0dHBzOi8vd3d3LmdlbnRvby5vcmcvZ2xlcC9n +bGVwLTAwNzkuaHRtbAAKCRAw0TL/D/UO63L9B/4sHQRIRN9OSdZU/GUkXopLJ1Zn +n6Kb5HXr53G0VhqBCMBWp+y1dSk76WIWZX2zj7CQy91QR3T0A6be6ifIrM2FP64l +mzRRne5mOEWUT3+lwJtqaTibtrOcyPY9I9gMEktnRcAj/FbbyFTWS/kzXBT+3xj7 +5JQFXu+nGPOR4HSevf0hQKYnooiQIAGP8KmvIOH7HUSBWnfLxUHn+B8juZaVHiqk +2ogZMSr0ZMZCiyqbfE4ZCaWe2dVEHXjQsbQ5/wuh8ABHY4xBfX6FiebKEWrBc1D7 +AbN/ZOLcbN04ZyrQP97O8BnjW8zvtFfAXWMKyTgIQU7BTpZJsrcTyjT/FJcEwsCl +BBABCgBPFiEELBOCO4I3MQ+iEwNJMNEy/w/1DusFAmY+jAMFgwHhM4ArGmh0dHBz +Oi8vd3d3LmdlbnRvby5vcmcvZ2xlcC9nbGVwLTAwNzkuaHRtbAAKCRAw0TL/D/UO +66SyCACNKAriN/ihz1aGnFZNirxMzZogsQjCGleunIeJuFoqLPYrpc1pgecn5kQm +x1ZPMXEtCJwoYnbAxW0IgmMInef/UwMyxWxQerKa+KxKEw5xYT78g5YYmGi/D923 +bABh/kKilPYVd1Q+vey2Z7QXjGq1HDhSjflUyObtQ1dW6eSJgSUP81O639tb0PLh +4q/wu6V+mIlXKMWkW8TdM1ZOdXO/n0ZNEy5wQW8v0YjZae8cqTZNh9iP5/YPuirx +L1m8y5GFFdDALz799rY4A/7t1uZI8DAXx1Him9Qgj7YO/uEnqdSoe6k0z0NFZYfq ++6Gk4NRsUrD0ASiggA/LxjDc3exLzsFNBFzUcE0BEADoTMBwOhcQ43cSw5z2GWfx +0Qgd4/hZ+bPnP6oityeeBuMmD/dfO9RYw3he6Q7JnEEYAs9JOhnmTsxTpKQkxoOm +jD5DogaPd9TqnJM4ZQApy0gs0eW9myC02lBp3+LeNQ+vrQhStnXyQXUNMmHwd5Wv +JIPWu77Z5WjPVDtE6/qPTWDlsrFAGuX8UvY0hdgs4HmepPVmtG4/dLvDfXH7BqzA +exek1TxuE3+xmwr4DMGgX0kCu+IV1VndMI01tFRiKcUXwGLnScgf9nWuazrDFoeY +RHunUocBENbSR547gSCSNVGUslbRajI/DcrH7Q+/la3ejdxaebplM3OrVYmoPrur +PEPE8QlzGksKFbQVdRx26iogs8HeFzcB37/4dFa4DNEl62FZh8FJC1DXTpQClkWe +xMWkzMdKDWisI69xYVe1ubrX+pEPZTH0vIFdHSTNZ2adGZIIv6I7iHnKgUFycE6d +WEKNUJiRzNLCk7uqTjpU8Ys2k+AJNHrUH/Ui4p5bTHmBHQqBWr1pFlyCD+GDPeH7 +g+RJHNN29oogjClTjUq+HSmgDxRLVd7hSKEv1cBuUEPJhIWWR/cpjnlK5vmL5YxU +n6dUw6fXRomDSgsedmY+8AoarMM1RFRU6hhGarGLcrrg0DNCYV+kxk++c5rKoiYQ +Rpep4oBq3WkQp1r1r9J9HQARAQABwsF8BBgBCAAmAhsMFiEEMXbvfbI2fx/KTzBr +H5sOkJrzcoUFAmWYIgoFCQyGGL0ACgkQH5sOkJrzcoXjcg//bhEQo0cCcwWhe3jp +euEardu5mC4CSlPXgPuMYreWRAEzwJU7iG26qdHnWEC6NqXjDoAAA1pkmLozk1Cu +/ntP4R6OzI69kcG05yjrSqxu7Y+HpqkkOJWtCxpCeCdUaERzy0MPlQzku1x5InV8 +FOESc89tJ2Rl1Xwh5m7zTs6Km4VAt+koenTjRXMlDS5N9HKwAYerxlaikS/SjNgN +wh90VPa3i2+JISoE1JQ1rdIPYrVOVeq4odnchJAKQ7dDjj95LMsEwqiTQUp1WKKV +Z9SJZBBmwihH3gDSbXg0Kbtz+UZArvKX75GJznYpPhW5n5jQrX3uu5ZoE9Ls3XzE +c0fT8/tuE5Ia7s8Zbd9JteJ/vEB8H2aggJHnQYsht73+ILjrp67Z+kYHnl2R3ygY +Mv8YbIIP0SaQ1JKBnhg0q3Z9HpUW0l3Oe1msraJyGti7IZdD1SIk20BQzrR4XgKY +lf32d9K1zZVldc1LLoP982RZsyAnPu4g0vSMUgKKFeiTACJo77LfrhY5LOT81A9l +whn9+c9k8qdYhF5B8x08AevilVLt9i/kAwWidHd9RJ6Ouhd4jJkHoOC3+/Xew4FD +rUYW3SfvmxfbBKVzw2+RcsbfGnCo9nsmzxNp1zscrdHuSwKlHDP6skefqwS9VlLH +r5LkTNPDtM1aoN5zOyZH5g9hG97CwXwEGAEIACYCGwwWIQQxdu99sjZ/H8pPMGsf +mw6QmvNyhQUCY8crkAUJCNPuwwAKCRAfmw6QmvNyhRdeD/0fPhLa/BJrXmautbez +INa3RpnXSWgs2LeQv1knhD3kyPrgkpHuoCTN9DdDubCKeL/a10N4yDySDjJD544I +BiHJITd6ITROFoWVRhecJI1VKA7JPpi0CzoWPHes3FL34nkTfNvIHA7xOla+RPaO +vuUpTldmnQvVFC4o3QMHeLW2DRyAktt0WQuvvaVCgNhBNUxqK/ci7+Z2ACTiYJKd +H1REU3EJsthZQEuEfUq0IAJsOFddJ9WcZRVzRv+NVOceweb4PZzS2f2Stn041n0n +bZohlBCDzTHFLPrqRbRtafOF0CB7/dPSOh56BkvJE4ROsEVstb5FyK3RJfob6YKD +UncUAsiwS0H2cb1rlO6b5swvTbXCJMf4xUsfQY/VyS0Nkf/M25HoK3EuyvDa+Aux +F3VAaIH0s33qwpgFAcXhizv1XngBIFUFMrvu/Fxbh0h3Zk/GLQtTnuMveYl/pJAF +UDWzT8c1o1zuu256KVipwiRTrCli1u1Xn4bswe/dHBeZF0DWRhtzcQz9h+MSMrZs +YIpGsrhymOvwEh/E/8fqaKhO0tmpVvk7e6LuQDXUZLh9Ze6sYsxY5U+ZxUBSb+Vn +zojmtf2n1XjlnVWI6QYgoZ+rlCpm/F0NGm/6F+2k6tZ4gIH8VkH0WGRLdZLYQodq +pxaTmUq2lGA9yxUPhmTVOWaLoMLBewQYAQgAJgIbDBYhBDF2732yNn8fyk8wax+b +DpCa83KFBQJh0jMLBQkG/+u+AAoJEB+bDpCa83KFcrkP+MEwIB2glVb1qLi0qA1p +zezEWOu2cs+jqUTMHgBeeW2QLVXBQt4Mv47ci55gK3uTJGv2++iAb/L97ySlUga8 +fxNxl3vUS9SQzsN/1fzwjls+sDvwylYARAYTVHGwUtBWmnMA56JdVNfL+fBL/wso +/bxbkU0UfQz2pia9ON5LRhjDGvsMlTnboHQkaKKziReXzW1id3YfjpzHWqNIyZYx +XR09YxtQbmCzce1Ti7kOkGCftr6SWKGma3F5tY1Xa87dMKpgmmz5Zu8M8elSwcWl +b7Bi8TRWiwH2NgrOE5L3hobPhiXt9Nmr+0Xhq0FF6h4RImLpElam82Z1JA9ism7c +EAZadhO6eJb3GEeFJicJKsfdZ9lJ6uZTpeICYq1kHlfDgfKO4mAqNQOPNUM6+lNB +VyemQFeQ53DR0hkOTrVyrzWn9HpubEQawiQwc2nFF8DU83CPKmCKgsXYLKrmQHch +Vzwp2lbg7ddpVKIx+9eWS+lAmYI+3G6nwipSaAv4gtOosloc6GltvpuyKRMN6RQL +0MhXnzFDke4cjSppOsPJmwbwIrp/47DEptcmHlAMVqszlis4gdo5oFIgJC0KAIEf +8mnfzws6bytMOpIcBDGn1mNBp/IsFoYeUdHau+fO19XUsdL70++96foncWPivmHO +0le4pSs5n8GwvDxzsOc4jRTCwXwEGAEIACYCGwwWIQQxdu99sjZ/H8pPMGsfmw6Q +mvNyhQUCYIszjgUJBZf2wQAKCRAfmw6QmvNyhU1fD/9mJGguTFO4J1nJAR2/n4DR +V62L/IjaORhePqiiw5FOBNr5/9+ggj8yV7Il4MU9oWTM1DRcYMfHOvsA2yS5hrHP +yifWHpcTqkudnecPBT1JnVvMivzX+s4x1ol4EyOQRByBoYCFsEYaRscNrDITMid4 +zWPy7rkVPDr1RB+cJb4lQzfRx6XG8bJuF8MymEd9S5GNxeHNigdnFP3v3QwhiqSa +bWHpul+k5VelSRqOlfVPNCoCABIfd5nEEwkzpndsmRRjx3Qidkh7Dwp/l/PQC/QM +6RM+m/3LpXJ+Xah3DqkZHq4EYhmq4QmLljzMoT9EUXxWhiB6r8Xfg9kXHLEw7fed +5nB9lXo1UgnEiWiL9Fpc/7Zfm3hmkO9p1CO4SJCO6zHYNpL463Z6USnN/tLFcJFA +JJNpChXRHPF4g2YEy4gs8IDNmzjyOMLDcnt9v6DNt23SVxdi5PrxlPvLTA09tjOQ +lR2jTCsfEW96F7AE3XKorvdm4GkU7jWFeIzv3RlpZZIZxGgfHvJ0gEA1UGKhdV9q +Zh46y5i2MwGILp7DZgr1ew9ekotmoqkO6Gh6SxI1d3c+IeS26+VNocVjQFjQvfoJ +0CtR29AVCP5jYZtFeVIhwpLmoaIdfTKgo/QVOtzldK4dCxFNShiCYj3gDv5ZyAzx +4QYWqCT7kmJ70fDzMgnipcLBfAQYAQgAJgIbDBYhBDF2732yNn8fyk8wax+bDpCa +83KFBQJessXFBQkDv4j4AAoJEB+bDpCa83KFuSYP/RNv570SCl0AkfLewYczK+Kn +COa6gGP6QP0sbiOht86sideHZNoOkDe5IXXrBWmGyY2pNqU1cgYn35uVAc/Tcw+g +GoujGFEiZygRPeN9oGlWL+S9T2lZcm8BxWyt2sqPnSOIJDdIGJawOJdQVF+krA7p +msJUzFkwd/+H6ijeXOLvly/3HE+8/gUULtdpGC5lI98V44dy8R/cbsCeqo9CqvXD +WTBwnzuWCVfHYcQNNBr3TQiGX4Jphm2RY6A0daszOd0spKnBQvVFytCMxL9Kds0k +Sd1GcJG8T+wlptsRFi7/YJVUDOcE1C3EYXQEbYM3sqvNnzEuw8hJrIWChC+KP5AH +EcGjsvCspeT0mnaREHRAcF9w7rRgD7f1eVbpncfLypdiV+OBdXrojQmHkBJjWHdR +fE9mvMUnUFdU1CKB7oEN0BnsdvrHEdknTlXaXsvlSSze4cZOcVMfeexO0kFX+7Ql +aqugRJVJL5EAK+PF0X49vihTxIZm9eNFSyf4pQSE0PQsoQmJMsGq/Ug4fcX+Kv3H +wXYQV5/ZyvrzoEtZj03Y4Hf0bkd595+0VCk5zgXcfO+OH4CzSnyfzFsVUKrnz1F+ +98cajWQ41wynvG+WIBzJoCY9kQzapwY//rioXFT6CO8tg0FPmngS5ascqZlO+B9O +BHQ/IpGwcqzFdpQRcCH8wsF8BBgBCAAmFiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUF +AlzUcE0CGwwFCQHhM4AACgkQH5sOkJrzcoUMYw/+P8uPNx1N+IdYdzoTsRQzeo9Z +/yhtIvsW3iXvvHS9QZ/YbelByeBMjVIgxNMsAqReF3qo+oJU+YzqQcrojPAVycxE +WgzKgf9tWdmRSzQ3JTcM+Dc5RzUi6e9yDbucd1k8sVG/x7L+pLI2IgQm7eHPIEhQ +7RkN061TCSqfOeuuL4ilOgPuBahgzQIL8B6uj85oLbRzp1TWzjPCYCOp/NvQ2qK/ +cIOuu8XSneDp+fsEDIfGdhtLtldLyc9ARjSqn7ILQJHeNx5cLC/0LU+FCJJ+qI8F +MvsKCU7PTZZIDFjsYieHdWK0zauu4pxpyktV+OJmYUfhJQLKz/tzVKf6klN+Ko7/ +axXi+63F+7dDTENiZx/sMr0E3ttnTWbezNNf/7kh5/SSlj57lmt9xEdQ4DMD91d5 +bywSt/5i8JT0fKL97mJa9uFoyD0fAwDftwR+EGZXAYE5Lqe4UeftMWhmsI2cVYSl +9Qlj75NOGE1pUqXPmfc9cREUImV9m1d/T3twklEmeIGgDaN19CpIkCBcCttk/FFb +SiEh+CP6We+o3AHbu2t2coqnELqTo/WTRBnUw/e0NFrP+TRatWLhLGmzvz9HMDsj +2cBHWi9VTHxPDYj2u7rhLLLJi5oDYzmdCziQzMDc/eh4U7233VvL9387WWP0e0Zg +SfnEvNvjQ7JN94NLJOnOwU0EXNRyTQEQAODCcEkEdYGcrAeEQkth6Lg8wiZElKOi +JhmLUSaIJPe736oRb8g7L5Uk/J/Y7Isz1GgvMysJGZiLjV4VmvJax6enMdBU/bwp +swc/6Z0k5PK9f0u3w6HFr+b5kbS+OFcsMGxEWaEQUNXXgCzw1wjUaK+enI3FMUMN +ZubEMzDvNNKSMfx2p4H9n8dNda7Sl06uFdvzmJkyw5kNTOZsrAFBMA5fvM+2aLjO +F4/j1Vccafd82C9RvpC7NJA20ApLsLao+Ugy6D+9jJdE0zh2cL1oZh2PBe4TI1gs +3XfWWobqr3zHE9Gxt2fMOpOA8JmqTZ1mrTfcB3bOE1uHKfJzFcOnFCxGfg9B8oGC +mv4h00Q/hR69o655pUtLC29y9dyoxi2vNJghw27S2dsMNlHGGAoz7dOSllzXTuqj +Crr5JI/NZuDqFRju/ErMMCC9iGfk6Kfn2wBF+jQqRIAzUfz+jNjF00bJKohAV7By +OMsOlCcjbH9kBTyeTSGW0TOP4qaQl0kkjdt5x6e2at04PJIs7R+J2sKbOGK6Twcu +h0ND1qlj7nh9bAMNTCzffITgO1fljb/WdS/AM2mKXp1GScBUZ1zc68h75YCewZH1 +IxLLgeu4/9h/45lIIW05KWh7gy0/6p3J/HS8OD+Yt99nETyv7NJ4HkgCnQFJvBSF +1t5YZ35SlYILABEBAAHCw7IEGAEIACYCGwIWIQQxdu99sjZ/H8pPMGsfmw6QmvNy +hQUCZZgiCgUJDIYWvQJAwXQgBBkBCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYF +AlzUck0ACgkQliYqz/vTrsbazxAAg/8wf9fNu6HPu477oUU1LuSTTTNAiYLVjTJj +J7LLZRaxIPgdR0TTkKgkIxLAdelM3MOz9ppyROwqK8Qg1g+9PBsQY8w+q/0xUPvx +PjqLBK4D5CDfYIMsCO5tvLxDnkNdhL+rjQJlovODs5BPwgfTd7DHOu2l0uudedg3 +WS3AEWiS/lmzEHkGEQl9sQcSp2g2TZJNC/mn8iStzkL+F58dIpdXhwlFig+St2ev +RkfJ68HmIa5H3MzGaQsP43IiqpWrGNZA2MugR1j7Eqd7MeIhm8ZvqcfnkOixljn8 +geAtQmwsVxg18sVJV0DMXSnL4DmdjQ8lquVmm06Lba1KxJdfkQpYctNlRRyzW4Gu +bJ1UUyxPdkL7ykfEvIoaf5/7z2N1QLOJ1D7njk5ic1PPFOMbK0b1j8oRUNhRYCb0 +5JIsmMOm3hENUXrK17xwcl90L1ilrN63ZnYYy0ZrqDp2/s2EMX4kISGcyto9osdt +acAE/jsAlnVxG9h8TaXIcHN8pbJYnnoFYf1J/unoPB6GogCjR6s8BycENxut+sdp +KcUu9b1SkgYAa8ExdmoChk02xeqrs4wdG32tZlc4aR4YAg2fCVAhPd98oyi6dRL3 +HMszSRl1/sFLsrn7mByMk+HVvXK8FgCmKgEBdudpOaq93CvTcUuegaLn/TrvW3SJ +QZKpsXgJEB+bDpCa83KFnU0P/jbOD64i9YqNunKWSruwjKZcJCZ+cSMqFfrRSR26 +4Jme3LHaNUICx8iNCwgP7yMNtlwq09PYrfGp0GJG8/9yR0AJzLbCTmSPI+o/4iE6 +JjVXGWS99+GMQ9DQfmhSRGYryGvTgrxVOYEAoCG84qNTz+g7dj6Myket7/+ob9JK +d0lZZJ1i0U5CtwsG7WIT5n5KzfRyVc8s/uiW1Jkz5NvAGp57M7pj0gO3yDHiCpqY +JE3g7KMzerZXKgQ80ZLNJEJRzM4RpObqQn4Fn+2oqkxfnJVUjMk4ly1vt8YzfgEB +5+IB0QfG7gKFmj1fieb2RfMVOlS+st33sHwEZGC5mTcuUqd9GrWgbuSz1Tz+tTzG +9ILJIQA/7WBAtaE7gkl+3lkmBAPxho1JADV20ctVi/GLg7nJCuVPRR7qZG97WRbX +7sP2ac+a3/kc4wQD6wLQg5FAkA+VoNhfyn1T60cSgidb2vttQup4MJkCoIQ4iHIz +FKbPb534sQToU1NoYPsKGJypzjpIPtEw+8yTztIFfbN/VuQf9n3Q3yKa56unZObS +V3KiFVLZ8ZalGptXDASpIKkl0MS8LzFDoxQR+jMV5icFtzlQWTfhmFxbFZw7QnBz +amxBhIkDCIfoYQW60rXPj4kQmrnZImddZbcddZ4xHVe1W2xsXqbrN5k0LsVcVNRh +XUt4wsOyBBgBCAAmAhsCFiEEMXbvfbI2fx/KTzBrH5sOkJrzcoUFAmPHK5QFCQjT +7MMCQMF0IAQZAQgAHRYhBMuN5wqQz79sO/XMVpYmKs/7067GBQJc1HJNAAoJEJYm +Ks/7067G2s8QAIP/MH/Xzbuhz7uO+6FFNS7kk00zQImC1Y0yYyeyy2UWsSD4HUdE +05CoJCMSwHXpTNzDs/aackTsKivEINYPvTwbEGPMPqv9MVD78T46iwSuA+Qg32CD +LAjubby8Q55DXYS/q40CZaLzg7OQT8IH03ewxzrtpdLrnXnYN1ktwBFokv5ZsxB5 +BhEJfbEHEqdoNk2STQv5p/Ikrc5C/hefHSKXV4cJRYoPkrdnr0ZHyevB5iGuR9zM +xmkLD+NyIqqVqxjWQNjLoEdY+xKnezHiIZvGb6nH55DosZY5/IHgLUJsLFcYNfLF +SVdAzF0py+A5nY0PJarlZptOi22tSsSXX5EKWHLTZUUcs1uBrmydVFMsT3ZC+8pH +xLyKGn+f+89jdUCzidQ+545OYnNTzxTjGytG9Y/KEVDYUWAm9OSSLJjDpt4RDVF6 +yte8cHJfdC9Ypazet2Z2GMtGa6g6dv7NhDF+JCEhnMraPaLHbWnABP47AJZ1cRvY +fE2lyHBzfKWyWJ56BWH9Sf7p6DwehqIAo0erPAcnBDcbrfrHaSnFLvW9UpIGAGvB +MXZqAoZNNsXqq7OMHRt9rWZXOGkeGAINnwlQIT3ffKMounUS9xzLM0kZdf7BS7K5 ++5gcjJPh1b1yvBYApioBAXbnaTmqvdwr03FLnoGi5/0671t0iUGSqbF4CRAfmw6Q +mvNyhYI2D/4zjk1kNeiJisQG0Bi6Era5VN5LAxL4BNzrdQR5B/oy2ViLO3/zgPUj +PY/GmKnB0/lAoIgIqg6FNWsRH9gHn6UIvubeSpZYONrx091SC5FiG8ui5XWGc0XD +yg3YrNmF+/FpUQqXDeqaGU3AMec+jLL49DN1HXII7IQYKrWmtqX8KRqfqZlId7Zc ++CqqfsE66KFLMrbgSxP6b0hOHILfN49U7tG1MEEKX2ha36hlm3vURm0kTai8T6is +mnJErphr85jo11K8429uf0QG1mcwtcVUE9PxOx20EjbXYvGhPTcYLBFXx/Ylx7sT +jpCiTKh5K5haMqxUoWLIw/DphwnrN1rBFRYLbunnFD7wHKw590kwuUO9RpKHu7JW +0/LwRCaBDQEQqNWypfM84CIjYrikOKuw/3KAkwRG8OOUBVSVfmKA6llG6Ym2xwuD +sfYXh6NapI51x4xLEzclKfVTdq+GilV61nZm9nnPixdC7fEmUnKC3K/zj+G153B3 +KJKk4eN9OAO5siV5EmaolY7LHZJLbOCjypDAKNlsd9GY2gQ06OKEZtoit61xSOi0 +uApVARtdCZcD6PfA5JPcs0MQryDCBgEvz0wptaLMcu5GVg6YiW+MBgatAWYgstt5 +P+05HqpAv+dc+1OJhmQEX0CPecMMB8S1EYCcybLofBu4JE3By9NZJMLDsgQYAQgA +JgIbAhYhBDF2732yNn8fyk8wax+bDpCa83KFBQJh0jMuBQkG/+nhAkDBdCAEGQEI +AB0WIQTLjecKkM+/bDv1zFaWJirP+9OuxgUCXNRyTQAKCRCWJirP+9OuxtrPEACD +/zB/1827oc+7jvuhRTUu5JNNM0CJgtWNMmMnsstlFrEg+B1HRNOQqCQjEsB16Uzc +w7P2mnJE7CorxCDWD708GxBjzD6r/TFQ+/E+OosErgPkIN9ggywI7m28vEOeQ12E +v6uNAmWi84OzkE/CB9N3sMc67aXS65152DdZLcARaJL+WbMQeQYRCX2xBxKnaDZN +kk0L+afyJK3OQv4Xnx0il1eHCUWKD5K3Z69GR8nrweYhrkfczMZpCw/jciKqlasY +1kDYy6BHWPsSp3sx4iGbxm+px+eQ6LGWOfyB4C1CbCxXGDXyxUlXQMxdKcvgOZ2N +DyWq5WabTottrUrEl1+RClhy02VFHLNbga5snVRTLE92QvvKR8S8ihp/n/vPY3VA +s4nUPueOTmJzU88U4xsrRvWPyhFQ2FFgJvTkkiyYw6beEQ1ResrXvHByX3QvWKWs +3rdmdhjLRmuoOnb+zYQxfiQhIZzK2j2ix21pwAT+OwCWdXEb2HxNpchwc3ylslie +egVh/Un+6eg8HoaiAKNHqzwHJwQ3G636x2kpxS71vVKSBgBrwTF2agKGTTbF6quz +jB0bfa1mVzhpHhgCDZ8JUCE933yjKLp1EvccyzNJGXX+wUuyufuYHIyT4dW9crwW +AKYqAQF252k5qr3cK9NxS56Bouf9Ou9bdIlBkqmxeAkQH5sOkJrzcoWxdQ//YSdF +UFNwY2gVSUymLH2bL0gy8YKhhxXc+U88i5xmqbIUfWTL6Mo1GVMpbqWKb52ysesq +cWRD+zC/p1meOSmHS0rGqlxzfJgiJ5Q+jL3Kl13HLlDX33IEFx4ZT/5RNgxapWA4 +4Qtd5uVMgKhX4ZO95D0OTGlF/ZT2QnxWFvmFQDiZQLZZ7P325yWPBCXvZrI/tGgM +hDXYautfl8VCL7WafCok+7zLYBR4JILsPPPJ+BkL2EkPw7wp4fTdcJ5+hJ/EA7gc +f0SvVQ31NIVLOwh+0r8bhxbxeiqHtL/m0tpGTv90IZy2YQzTpJtpzCJkWBg/vECR +iCDnm0ZfxQvFVAjgqmNc/dEtrDlrdFRSb1KDv5tCBTWMHSrGrYu5ek8xaZqmJfq5 +bHw8mtYnbVc2ceZyzPBK3JNYJgxofVlx2rLltZ72iSUgpUG6zyTYi7RGTfiGY+Bo +HdMb/DI6tpSc1l7BxzEVz2aWzmjW/jyWubhkRFb12PBQiP94JTlnd9u5t2TfZHkT +028yVzFwT7lIcoUl3QfZxVk+eEjkb3Q/95AUCSYaGka2lJD0CYf2s/4r8YHUmPgY +za7cgPAyB2wmFMZR8mHVRbqmEHHrHlYw3+evKUW/tTuymCAV9K2UrcCYrLrNHfGW +6CaaYpzrlcJOX8obvC6cblW60T0ELGW+JUp4Tl7Cw7IEGAEIACYCGwIWIQQxdu99 +sjZ/H8pPMGsfmw6QmvNyhQUCYIszkgUJBZf0wQJAwXQgBBkBCAAdFiEEy43nCpDP +v2w79cxWliYqz/vTrsYFAlzUck0ACgkQliYqz/vTrsbazxAAg/8wf9fNu6HPu477 +oUU1LuSTTTNAiYLVjTJjJ7LLZRaxIPgdR0TTkKgkIxLAdelM3MOz9ppyROwqK8Qg +1g+9PBsQY8w+q/0xUPvxPjqLBK4D5CDfYIMsCO5tvLxDnkNdhL+rjQJlovODs5BP +wgfTd7DHOu2l0uudedg3WS3AEWiS/lmzEHkGEQl9sQcSp2g2TZJNC/mn8iStzkL+ +F58dIpdXhwlFig+St2evRkfJ68HmIa5H3MzGaQsP43IiqpWrGNZA2MugR1j7Eqd7 +MeIhm8ZvqcfnkOixljn8geAtQmwsVxg18sVJV0DMXSnL4DmdjQ8lquVmm06Lba1K +xJdfkQpYctNlRRyzW4GubJ1UUyxPdkL7ykfEvIoaf5/7z2N1QLOJ1D7njk5ic1PP +FOMbK0b1j8oRUNhRYCb05JIsmMOm3hENUXrK17xwcl90L1ilrN63ZnYYy0ZrqDp2 +/s2EMX4kISGcyto9osdtacAE/jsAlnVxG9h8TaXIcHN8pbJYnnoFYf1J/unoPB6G +ogCjR6s8BycENxut+sdpKcUu9b1SkgYAa8ExdmoChk02xeqrs4wdG32tZlc4aR4Y +Ag2fCVAhPd98oyi6dRL3HMszSRl1/sFLsrn7mByMk+HVvXK8FgCmKgEBdudpOaq9 +3CvTcUuegaLn/TrvW3SJQZKpsXgJEB+bDpCa83KFy7gP/RN+bavZBEC31ZP1yD2j +XCtXGLYTiAn/y32VXDb5RsSHzBn7hG0PtXlnHVWv1FtSn391VDmWgI8kW6Xa1WxF +AsqBZ5zBLPxmwhufoFhqYMA+o7e7REggqUCLLKd2/L3+vUljR/IymOC1z5Hkmsbo +RVpVI2iV57wjGFnh0z05HgSh1TKACmFiq+7eo4CwxqDTvgdJeL1RqtivDNKG3eVp +/B1dSIGLvcj+Ql/Cs2JEsoPVXNnY0OJPWinwrYVcMCifjh9TCRaRCmIoZlMHmhqP +ft9rB3U+In8p+s0vivBx2RpSug3gZaq1pMexj8B2Vraur9g8XKG2Yni6C5sg2ZSR +SR42ymfQYPzqlGqgsrhcx6FQtFE0SIL25QbrbdWoGjD8/+/lXV2VCpl42Y6KVuke +0nMSv6uLryspGPq9Hg04oS6ejcm+5vel7/B75QXvVc8Zv/z7aLGVLLEGrSRzHnCn +jxIZGNIv26puAgLq+xEn1mrYGYWQtDCBtI0wgeju7ngVUyl/NHl3shK2Lflq2oh+ +sLgVvBgi7rjJwImlZKJJ8e+Tsqoq691J2tsaBhjHBEdvkE1k8Q/xrojyDius9ZLY +JQoyB4Svm3nbEq7+qZybXHXONm7b+e2ZrJco4kiDsJwh0DXzg43PSnuPxbVZ7EZi +IZ/zVyPDnS+aB7yOB7v7FlnRwsOyBBgBCAAmAhsCFiEEMXbvfbI2fx/KTzBrH5sO +kJrzcoUFAl6yxcUFCQO/hvgCQMF0IAQZAQgAHRYhBMuN5wqQz79sO/XMVpYmKs/7 +067GBQJc1HJNAAoJEJYmKs/7067G2s8QAIP/MH/Xzbuhz7uO+6FFNS7kk00zQImC +1Y0yYyeyy2UWsSD4HUdE05CoJCMSwHXpTNzDs/aackTsKivEINYPvTwbEGPMPqv9 +MVD78T46iwSuA+Qg32CDLAjubby8Q55DXYS/q40CZaLzg7OQT8IH03ewxzrtpdLr +nXnYN1ktwBFokv5ZsxB5BhEJfbEHEqdoNk2STQv5p/Ikrc5C/hefHSKXV4cJRYoP +krdnr0ZHyevB5iGuR9zMxmkLD+NyIqqVqxjWQNjLoEdY+xKnezHiIZvGb6nH55Do +sZY5/IHgLUJsLFcYNfLFSVdAzF0py+A5nY0PJarlZptOi22tSsSXX5EKWHLTZUUc +s1uBrmydVFMsT3ZC+8pHxLyKGn+f+89jdUCzidQ+545OYnNTzxTjGytG9Y/KEVDY +UWAm9OSSLJjDpt4RDVF6yte8cHJfdC9Ypazet2Z2GMtGa6g6dv7NhDF+JCEhnMra +PaLHbWnABP47AJZ1cRvYfE2lyHBzfKWyWJ56BWH9Sf7p6DwehqIAo0erPAcnBDcb +rfrHaSnFLvW9UpIGAGvBMXZqAoZNNsXqq7OMHRt9rWZXOGkeGAINnwlQIT3ffKMo +unUS9xzLM0kZdf7BS7K5+5gcjJPh1b1yvBYApioBAXbnaTmqvdwr03FLnoGi5/06 +71t0iUGSqbF4CRAfmw6QmvNyhXnWD/4h3rEK6AkbcZ5EMiWdCphpje+vbjIBGj2o +XaJIKSWiXrvI+ueWfrFcdOfl4vq2CGMp/rjKTR26xkTk+JQws7mcXX6xHCODQreQ +EfOFQnpGkQBxJ/Mlx3dqjKlEgHCUp9sDYS2UaYMM4b6D3WWohSbFK/KhC/qH+51c +viBcCFoaXtCaGy6vgFzhwUpXmmk3aMaPvJ/yWFa5qfP3IcSVd2mK6QPSUkRjqqUE +nXk79Q3j2tmvh2Dl4+KOlt+2aPvs4oITr3bhHHK4nvbwc/JAl744mxg8EE/dlkS+ +uHGlNfHzzQuud75dLxGeyjLCr/FGUUrAg12D4Z4tDPtJHLwWOs9rIZWk3W16VpVS +yzP+7bREuiNsCat0saGQm5T4TCBn7JiuHu5R/jG0gHBjrEZ0EvQxUyRqmT2irnCQ +8EY6icuVA6oJGjX+nt1HO7n/5XFFb32ZZueX575zg47VGgUY18z5tURzHRS0/OkY +jKlCau6JPqe4tmePSHTi51KfpnlzZ5f7L3vYVFlh4i30TQVX3qoZw8R4qOTkashJ +CDOnB2Y4Ll8gww5ttfuC7Kc3H5P/QvcEQj6G5m895QlVyD7keyssKA2hycTp81OH +kNd9bxkkxFXw+ebVTii8R4Fu3uFLDD7nPPIJyES5rzHuQDGwZ+GdQs+a9lDQrBfN +KGy0tGGIscLDsgQYAQgAJhYhBDF2732yNn8fyk8wax+bDpCa83KFBQJc1HJNAhsC +BQkB4TOAAkAJEB+bDpCa83KFwXQgBBkBCAAdFiEEy43nCpDPv2w79cxWliYqz/vT +rsYFAlzUck0ACgkQliYqz/vTrsbazxAAg/8wf9fNu6HPu477oUU1LuSTTTNAiYLV +jTJjJ7LLZRaxIPgdR0TTkKgkIxLAdelM3MOz9ppyROwqK8Qg1g+9PBsQY8w+q/0x +UPvxPjqLBK4D5CDfYIMsCO5tvLxDnkNdhL+rjQJlovODs5BPwgfTd7DHOu2l0uud +edg3WS3AEWiS/lmzEHkGEQl9sQcSp2g2TZJNC/mn8iStzkL+F58dIpdXhwlFig+S +t2evRkfJ68HmIa5H3MzGaQsP43IiqpWrGNZA2MugR1j7Eqd7MeIhm8ZvqcfnkOix +ljn8geAtQmwsVxg18sVJV0DMXSnL4DmdjQ8lquVmm06Lba1KxJdfkQpYctNlRRyz +W4GubJ1UUyxPdkL7ykfEvIoaf5/7z2N1QLOJ1D7njk5ic1PPFOMbK0b1j8oRUNhR +YCb05JIsmMOm3hENUXrK17xwcl90L1ilrN63ZnYYy0ZrqDp2/s2EMX4kISGcyto9 +osdtacAE/jsAlnVxG9h8TaXIcHN8pbJYnnoFYf1J/unoPB6GogCjR6s8BycENxut ++sdpKcUu9b1SkgYAa8ExdmoChk02xeqrs4wdG32tZlc4aR4YAg2fCVAhPd98oyi6 +dRL3HMszSRl1/sFLsrn7mByMk+HVvXK8FgCmKgEBdudpOaq93CvTcUuegaLn/Trv +W3SJQZKpsXinJw/+PtR1IOXCq30k12TbLjlOwJ5cm1qVOyZfGHcX3rggnviOVt40 +2KpY6QkRlgQB7RN7nQd+yVykp/Mh+9Cc10A1i/fhtcKpOYsJL7ZiqgGqcyRbmfZW +DZTRmA8SPX6E6vfX/joXhZ0951JvCAPTdDMIxgiCeedNRzPjTvFspVaMtGPnq8W8 +kBgthMu2I1WUrgk2aNwbmIkgj/AZnfah8QiZgRkIG7QP9kAXC2fKP8/cNFN/SMLH +ovKGnGZ3FUyBZwQ7FNxNuTNXskPFXXAKiy+791BTovttMwQbPoPIwQXc11FYafkQ +LF5XaPIv6rXQ+P/dFF0+xQV5iJhrczlZs2tt7+w8quz/2bnhAKoa+77Vve1EO/mJ +Fw2uKx4uB6xiQpa3cYsRMgkz6w/vkr8MQLnd4QFCmRfYTm9Hw/QO3J+txBEVYGiR +gIu6fTqqm6p4vCTrLEBek3glBT/l950ePosvBF+LHHzei1Aev5p4aEVWdxjRMzwG +YvTxnvEalialDLawVVD1cXMAIH4oz5pjCFyFMmZOcrE0Hk93iVXd0d8sTkX2h0g+ +ZLh511sLKf8mJbbCyP4QbVWvDe12Xc2fSQ0/HyFo+edeQ7H7p07ZLKzm6UXYquJc +QKGKom6CPi9QQh8L2k8vYIV4YaYJ8ptAyZNm5rnEWoq/emqU83WKLM3e4iw= +=5R9m +-----END PGP PUBLIC KEY BLOCK----- diff --git a/expat.spec b/expat.spec new file mode 100644 index 0000000..d10ae2d --- /dev/null +++ b/expat.spec @@ -0,0 +1,118 @@ +# +# spec file for package expat +# +# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2024 Andreas Stieger +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%global unversion 2_6_3 +%define sover 1 +Name: expat +Version: 2.6.3 +Release: 0 +Summary: XML Parser Toolkit +License: MIT +Group: Development/Libraries/C and C++ +URL: https://libexpat.github.io +Source0: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz +Source1: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz.asc +Source2: baselibs.conf +Source3: %{name}faq.html +# https://www.gentoo.org/inside-gentoo/developers/index.html#sping +# https://github.com/libexpat/libexpat/issues/537#issuecomment-1003796884 +Source4: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3176ef7db2367f1fca4f306b1f9b0e909af37285#/expat.keyring +BuildRequires: c++_compiler +BuildRequires: pkgconfig + +%description +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +%package -n libexpat%{sover} +Summary: XML Parser Toolkit +Group: System/Libraries + +%description -n libexpat%{sover} +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +%package -n libexpat-devel +Summary: Development files for expat, an XML parser toolkit +Group: Development/Libraries/C and C++ +Requires: glibc-devel +Requires: libexpat%{sover} = %{version} + +%description -n libexpat-devel +Expat is an XML parser library written in C. It is a stream-oriented +parser in which an application registers handlers for things the +parser might find in the XML document (like start tags). + +This package contains the development headers for the library found +in libexpat. + +%prep +%autosetup -p1 +cp %{SOURCE3} . + +%build +%configure \ + --disable-silent-rules \ + --docdir="%{_docdir}/%{name}" \ + --disable-static \ + --without-docbook + +%if 0%{?do_profiling} + %make_build CFLAGS="%{optflags} %{cflags_profile_generate}" LDFLAGS="%{optflags} %{cflags_profile_generate}" + %make_build CFLAGS="%{optflags} %{cflags_profile_generate}" LDFLAGS="%{optflags} %{cflags_profile_generate}" check + %make_build clean + %make_build CFLAGS="%{optflags} %{cflags_profile_feedback}" +%else + %make_build CFLAGS="%{optflags}" +%endif + +%check +%make_build check + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print + +%ldconfig_scriptlets -n libexpat%{sover} + +%files +%license COPYING +%doc AUTHORS README.md expatfaq.html +%doc doc/reference.html doc/*.css +%doc examples/*.c examples/Makefile.am examples/Makefile.in +%doc changelog +%{_bindir}/xmlwf +%{_mandir}/man1/xmlwf.1%{?ext_man} + +%files -n libexpat1 +%license COPYING +%{_libdir}/libexpat.so.%{sover} +%{_libdir}/libexpat.so.%{sover}.* + +%files -n libexpat-devel +%license COPYING +%{_includedir}/* +%{_libdir}/libexpat.so +%{_libdir}/pkgconfig/expat.pc +%dir %{_libdir}/cmake +%{_libdir}/cmake/expat-%{version} + +%changelog diff --git a/expatfaq.html b/expatfaq.html new file mode 100644 index 0000000..af7555f --- /dev/null +++ b/expatfaq.html @@ -0,0 +1,100 @@ + + + + + + +expat FAQ + + + +

Frequently Asked Questions about Expat

+ +

Where can I get help in using expat?

+ +

Try the xml-dev mailing list (subscribe by mailing to majordomo@xml.org +with the message subscribe xml-dev). Alternatively try +the mailing lists hosted by sourceforge.net.

+ +

Where is expat's API documented?

+ +

In xmlparse/xmlparse.h. There's also an advanced, +low-level API you can use which is documented in +xmltok/xmltok.h.

+ +

There's also an excellent article +about expat on XML.com by Clark Cooper.

+ +

Is there a simple example of using expat's API?

+ +

See sample/elements.c

+ +

How can I get expat to deal with non-ASCII characters?

+ +

By default, expat assumes that documents are encoded in UTF-8. In +UTF-8, ASCII characters are represented by a single byte as they would +be in ASCII, but non-ASCII characters are represented by a sequence of +two or more bytes all with the 8th bit set. The encoding most widely +used for European languages is ISO 8859-1 which is not compatible with +UTF-8. To use this encoding, expat must be told either by supplying +an argument of "iso-8859-1" to +XML_ParserCreate, or by starting the document with +<?xml version="1.0" encoding="iso-8859-1"?>.

+ +

What encodings does expat support?

+ +

expat has built in support for the following encodings:

+ +
    +
  • utf-8
    • +
  • utf-16
    • +
  • iso-8859-1
    • +
  • us-ascii
    • +
+ +

Additional encodings can be supported by using +XML_SetUnknownEncodingHandler.

+ +

How can I get expat to validate my XML documents?

+ +

You can't. expat is not a validating parser.

+ +

How can I get expat to read my DTD?

+ +

Compile with -DXML_DTD and call +XML_SetParamEntityParsing.

+ +

How can I get expat to recover from errors?

+ +

You can't. All well-formedness errors stop processing. Note that +the XML Recommendation does not permit conforming XML processors to +continue normal processing after a fatal error.

+ +

How do I get at the characters between tags?

+ +

Use XML_SetCharacterDataHandler.

+ +

How can I minimize the size of expat?

+ +

Compile with -DXML_MIN_SIZE. With Visual C++, use the +Win32 MinSize configuration: this creates an +xmlparse.dll that does not require +xmltok.dll.

+ +
+ +James Clark + +
+ + + +