Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libxml2-2-32bit-2.9.1-16.1 RPM for x86_64

From OpenSuSE leap updates for 42.1 / oss / x86_64

Name: libxml2-2-32bit Distribution: openSUSE Leap 42.1
Version: 2.9.1 Vendor: openSUSE
Release: 16.1 Build date: Tue May 3 18:09:26 2016
Group: System/Libraries Build host: cloud115
Size: 1426464 Source RPM: libxml2-2.9.1-16.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://xmlsoft.org
Summary: A Library to Manipulate XML Files
The XML C library was initially developed for the GNOME project. It is
now used by many programs to load and save extensible data structures
or manipulate any kind of XML files.

This library implements a number of existing standards related to
markup languages, including the XML standard, name spaces in XML, XML
Base, RFC 2396, XPath, XPointer, HTML4, XInclude, SGML catalogs, and
XML catalogs. In most cases, libxml tries to implement the
specification in a rather strict way. To some extent, it provides
support for the following specifications, but does not claim to
implement them: DOM, FTP client, HTTP client, and SAX.

The library also supports RelaxNG. Support for W3C XML Schemas is in
progress.

Provides

Requires

License

MIT

Changelog

* Mon Apr 18 2016 psimons@suse.com
  - Add libxml2-2.9.1-CVE-2016-3627.patch to fix stack exhaustion
    while parsing certain XML files in recovery mode (CVE-2016-3627,
    bnc#972335).
  - Add 0001-Add-missing-increments-of-recursion-depth-counter-to.patch
    to improve protection against Billion Laughs Attack (bnc#975947).
* Tue Jan 12 2016 kstreitova@suse.com
  - add libxml2-2.9.1-CVE-2015-8710.patch to fix parsing short
    unclosed comment uninitialized access
    [bnc#960674], [CVE-2015-8710]
* Fri Dec 11 2015 kstreitova@suse.com
  - security update:
    * libxml2-2.9.1-CVE-2015-1819.patch
    * enforce the reader to run in constant memory
    * [CVE-2015-1819], [bnc#928193]
    * libxml2-2.9.1-CVE-2015-7941.patch
    * fix out of bound read with crafted xml input by stopping
      parsing on entities boundaries errors
    * [CVE-2015-7941], [bnc#951734]
    * libxml2-2.9.1-CVE-2015-7942.patch
    * fix another variation of overflow in Conditional sections
    * [CVE-2015-7942], [bnc#951735]
    * libxml2-2.9.1-CVE-2015-8035.patch
    * fix DoS when parsing specially crafted XML document if
      XZ support is compiled in
    * [CVE-2015-8035], [bnc#954429]
    * libxml2-2.9.1-CVE-2015-8241.patch
    * avoid extra processing of MarkupDecl when EOF
    * [CVE-2015-8241], [bnc#956018]
    * libxml2-2.9.1-CVE-2015-8242.patch
    * buffer overead with HTML parser in push mode
    * [CVE-2015-8242], [bnc#956021]
    * libxml2-2.9.1-CVE-2015-8317.patch
    * return if the encoding declaration is broken or encoding
      conversion failed
    * [CVE-2015-8317], [bnc#956260]
    * libxml2-2.9.1-CVE-2015-5312.patch
    * fix another entity expansion issue
    * [CVE-2015-5312], [bnc#957105]
    * libxml2-2.9.1-CVE-2015-7497.patch
    * avoid an heap buffer overflow in xmlDictComputeFastQKey
    * [CVE-2015-7497], [bnc#957106]
    * libxml2-2.9.1-CVE-2015-7498.patch
    * avoid processing entities after encoding conversion failures
    * [CVE-2015-7498], [bnc#957107]
    * libxml2-2.9.1-CVE-2015-7499.patch
    * add xmlHaltParser() to stop the parser / detect incoherency
      on GROW
    * [CVE-2015-7499], [bnc#957109]
    * libxml2-2.9.1-CVE-2015-7500.patch
    * fix memory access error due to incorrect entities boundaries
    * [CVE-2015-7500], [bnc#957110]
* Thu Dec 04 2014 vcizek@suse.com
  - fix a regression in xzlib compression support (bnc#908376)
    * added 0001-Fix-a-regression-in-xmlGetDocCompressMode.patch
  - fix a regression caused by CVE-2014-3660 patch (bgo#738805)
    * added 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
    * added 0002-Adding-example-from-bugs-738805-to-regression-tests.patch
* Fri Oct 17 2014 vcizek@suse.com
  - fix for CVE-2014-3660 (bnc#901546)
    * denial of service via recursive entity expansion
      (related to billion laughs)
    * added libxml2-CVE-2014-3660.patch
* Mon Aug 18 2014 fcrozat@suse.com
  - Add obsoletes/provides to baselibs.conf.
* Wed Jun 25 2014 vcizek@suse.com
  - removed libxml2-CVE-2014-0191.patch since it causes existing
    applications to break
* Fri May 23 2014 vcizek@suse.com
  - fix for CVE-2014-0191 (bnc#876652)
    * libxml2: external parameter entity loaded when entity
      substitution is disabled
    * added libxml2-CVE-2014-0191.patch
* Fri Aug 02 2013 vcizek@suse.com
  - update to 2.9.1
    dropped patches (in upstream):
    * libxml2-2.9.0-CVE-2012-5134.patch
    * libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
    * libxml2-CVE-2013-1969.patch
    New features:
    * Support for Python3
    * Add xmlXPathSetContextNode and xmlXPathNodeEval
* Thu Apr 18 2013 vcizek@suse.com
  - fix for CVE-2013-1969 (bnc#815665)
    * libxml2-CVE-2013-1969.patch
* Thu Mar 07 2013 vcizek@suse.com
  - fix for CVE-2013-0338 (bnc#805233)
    libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
* Sat Dec 15 2012 p.drouand@gmail.com
  - update to 2.9.0 version:
    * please see the Changelog
  - Updated patchs to get working with new version:
    * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch )
    * fix-perl.diff
* Fri Dec 07 2012 vcizek@suse.com
  - Add libxml2-CVE-2012-5134.patch to fix CVE-2012-5134 (bnc#793334)
* Sun Sep 23 2012 dimstar@opensuse.org
  - Add a comment next to libxml2.la to make sure that anybody
    removing it knows why it's there and reconsiders.
* Sun Sep 23 2012 coolo@suse.com
  - readd .la file, python-libxml2 needs it
* Fri Sep 21 2012 jengelh@inai.de
  - Remove .la files; make sure installation succeeds for
    Fedora_17 target
* Tue Jun 12 2012 chris@computersalat.de
  - update to 2.8.0
    * please se ChangeLog for more info
  - remove obsolete bigendian64 patch
  - rebase fix-perl patch
* Sun Mar 11 2012 jengelh@medozas.de
  - libxml2-2 should not require libxml2-tools. There is no trouble
    expected, since attempting to install libxml2 will already pull
    in libxml2-tools due to Provides tags.
* Mon Mar 05 2012 coolo@suse.com
  - revert the two commits that broke perl-XML-LibXML's test case,
    I hope the two upstreams will figure it out
* Fri Mar 02 2012 coolo@suse.com
  - update to git to fix some issues
    * Fix a logic error in Schemas Component ConstraintsHEADmaster
    * Fix a wrong enum type use in Schemas Types
* Thu Mar 01 2012 meissner@suse.de
  - fixed a 64bit big endian bug in the file reader.
* Sat Feb 25 2012 coolo@suse.com
  - the fallout of requiring libxml2-tools as explicit buildrequire
    is just too large, so avoid it for now and create a cycle between
    libxml2-2 and libxml2-tools
* Sat Feb 25 2012 coolo@suse.com
  - add provide for the old name to fix packages with explicit
    library dependency
* Thu Feb 23 2012 coolo@suse.com
  - update to today's GIT snapshot:
      include XZ support
  - split libxml2-2 according to shared library policy
* Mon Dec 26 2011 jengelh@medozas.de
  - Remove redundant tags/sections
* Wed Dec 21 2011 coolo@suse.com
  - add autoconf as buildrequire to avoid implicit dependency
* Tue Dec 20 2011 coolo@suse.com
  - own aclocal directory, there is no other reason to buildrequire
    automake
* Fri Jul 08 2011 saschpe@suse.de
  - update to libxml-2.7.8+git20110708
    - several important bugfixes
  - drop upstreamed patches:
    * libxml2-CVE-2010-4494.patch
    * libxml2-CVE-2011-1944.patch
    * noxref.patch
    * symbol-versioning.patch
* Wed Jun 29 2011 puzel@novell.com
  - add libxml2-CVE-2011-1944.patch (bnc#697372)
* Sun Jun 05 2011 cshorler@googlemail.com
  - add symbol-versioning.patch to restore 11.3 versioned symbols
* Mon Jan 03 2011 puzel@novell.com
  - add libxml2-CVE-2010-4494.patch (bnc#661471)
* Fri Dec 03 2010 puzel@novell.com
  - update to libxml-2.7.8
    - number of bufixes, documentation and portability fixes
    - update language ID parser to RFC 5646
    - sort python generated stubs
    - add an HTML parser option to avoid a default doctype
    - see http://xmlsoft.org/news.html for exact details
  - drop libxml2-xpath-ns-attr-axis.patch (in upstream)
  - clean up specfile
* Mon Nov 01 2010 puzel@novell.com
  - add libxml2-xpath-ns-attr-axis.patch (bnc#648277)
* Sat Oct 30 2010 cristian.rodriguez@opensuse.org
  - Use --disable-static
* Mon Sep 20 2010 puzel@novell.com
  - drop libxml2-largefile64.patch (revert last change)
    - the issue is fixed in zlib
* Fri Sep 17 2010 puzel@novell.com
  - add libxml2-largefile64.patch (fixes build)
    - debian bug#439843
* Wed Jul 14 2010 jw@novell.com
  - added noxref.patch,
    this implements a new --noxref option, which turns
    validation errors about missing xrefs into warnings.
    Upstreamed as https://bugzilla.gnome.org/show_bug.cgi?id=624386
* Sat Apr 24 2010 coolo@novell.com
  - buildrequire pkg-config to fix provides
* Tue Mar 23 2010 mrdocs@opensuse.org
  - update to 2.7.7
  - add extra options to ./configure for scribus features and avoid a crash
  - updates from 2.7.3 > 2.7.7 include a number of portability, correctness
    memory leaks and build fixes including some CVE
  - see http://xmlsoft.org/news.html for exact details
* Mon Feb 22 2010 mrdocs@opensuse.org
  - add sax parser option compiled in
* Mon Dec 14 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - package documentation as noarch
* Sun Aug 02 2009 jansimon.moeller@opensuse.org
  - Disable the check for ARM as qemu-arm can't keep up atm.
* Thu Mar 19 2009 prusnak@suse.cz
  - updated to 2.7.2
    * Portability fix: fix solaris compilation problem,
      fix compilation if XPath is not configured in
    * Bug fixes: nasty entity bug introduced in 2.7.0, restore old
      behaviour when saving an HTML doc with an xml dump function,
      HTML UTF-8 parsing bug, fix reader custom error handlers
      (Riccardo Scussat)
    * Improvement: xmlSave options for more flexibility to save
      as XML/HTML/XHTML, handle leading BOM in HTML documents
  - updated to 2.7.3
    * Build fix: fix build when HTML support is not included.
    * Bug fixes: avoid memory overflow in gigantic text nodes,
      indentation problem on the writed (Rob Richards),
      xmlAddChildList pointer problem (Rob Richards and Kevin Milburn),
      xmlAddChild problem with attribute (Rob Richards and Kris Breuker),
      avoid a memory leak in an edge case (Daniel Zimmermann),
      deallocate some pthread data (Alex Ott).
    * Improvements: configure option to avoid rebuilding docs
      (Adrian Bunk), limit text nodes to 10MB max by default,
      add element traversal APIs, add a parser option to enable
      pre 2.7 SAX behavior (Rob Richards),
      add gcc malloc checking (Marcus Meissner),
      add gcc printf like functions parameters checking (Marcus Meissner).
  - dropped obsoleted patches:
    * alloc_size.patch (mainline)
    * CVE-2008-4225.patch (mainline)
    * CVE-2008-4226.patch (mainline)
    * CVE-2008-4409.patch (mainline)
    * oldsax.patch (mainline)
    * pritnf.patch (mainline)
    * xmlsave.patch (mainline)

Files

/usr/lib/libxml2.so.2
/usr/lib/libxml2.so.2.9.1


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Nov 11 05:16:29 2017