Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libxslt1-32bit-1.1.32-3.8.24 RPM for x86_64

From OpenSuSE Leap 15.3 for x86_64

Name: libxslt1-32bit Distribution: SUSE Linux Enterprise 15
Version: 1.1.32 Vendor: SUSE LLC <https://www.suse.com/>
Release: 3.8.24 Build date: Thu May 14 17:12:09 2020
Group: System/Libraries Build host: sheep15
Size: 381840 Source RPM: libxslt-1.1.32-3.8.24.src.rpm
Packager: https://www.suse.com/
Url: http://xmlsoft.org/XSLT/
Summary: XSL Transformation Library
This C library allows you to transform XML files into other XML files
(or HTML, text, and more) using the standard XSLT stylesheet
transformation mechanism.

It is based on libxml (version 2) for XML parsing, tree manipulation,
and XPath support. It is written in plain C, making as few assumptions
as possible and sticks closely to ANSI C/POSIX for easy embedding.
It includes support for the EXSLT set of extension functions as well
as some common extensions present in other XSLT engines.

Provides

Requires

License

LGPL-2.1+

Changelog

* Mon Oct 21 2019 pmonrealgonzalez@suse.com
  - Security fix [bsc#1154609, CVE-2019-18197]
    * Fix dangling pointer in xsltCopyText
    * Add libxslt-CVE-2019-18197.patch
* Tue Jul 02 2019 pmonrealgonzalez@suse.com
  - Security fix: [bsc#1140101, CVE-2019-13118]
    * Fix uninitialized read with UTF-8 grouping chars. Read of
      uninitialized stack data due to too narrow xsl:number
      instruction and an invalid character
    * Added libxslt-CVE-2019-13118.patch
* Tue Jul 02 2019 pmonrealgonzalez@suse.com
  - Security fix: [bsc#1140095, CVE-2019-13117]
    * Fix uninitialized read of xsl:number token. An xsl number with
      certain format strings could lead to a uninitialized read in
      xsltNumberFormatInsertNumbers
    * Added libxslt-CVE-2019-13117.patch
* Thu Apr 11 2019 pmonrealgonzalez@suse.com
  - Security fix: [bsc#1132160, CVE-2019-11068]
    * Bypass of a protection mechanism because callers of xsltCheckRead
      and xsltCheckWrite permit access even upon receiving a -1 error
      code. xsltCheckRead can return -1 for a crafted URL that is not
      actually invalid and is subsequently loaded.
    * Added libxslt-CVE-2019-11068.patch
* Wed Nov 08 2017 vcizek@suse.com
  - Update to version 1.1.32
    * fixes xml-config detection regression (boo#1066525)
* Thu Oct 19 2017 pmonrealgonzalez@suse.com
  - Update to version 1.1.30 [bsc#1063934]
    * Documentation:
    - Misc doc fixes
    * Portability:
    - Look for libxml2 via pkg-config first
    * Bug Fixes:
    - Also fix memory hazards in exsltFuncResultElem
    - Fix NULL deref in xsltDefaultSortFunction
    - Fix memory hazards in exsltFuncFunctionFunction
    - Fix memory leaks in EXSLT error paths
    - Fix memory leak in str:concat with empty node-set
    - Fix memory leaks in error paths
    - Switch to xmlUTF8Strsize in numbers.c
    - Fix NULL pointer deref in xsltFormatNumberFunction
    - Fix UTF-8 check in str:padding
    - Fix xmlStrPrintf argument
    - Check for overflow in _exsltDateParseGYear
    - Fix double to int conversion
    - Check for overflow in exsltDateParseDuration
    - Change version of xsltMaxVars back to 1.0.24
    - Disable xsltCopyTextString optimization for extensions
    - Create DOCTYPE for HTML version 5
    - Make xsl:decimal-format work with namespaces
    - Remove norm:localTime extension function
    - Check for integer overflow in xsltAddTextString
    - Detect infinite recursion when evaluating function arguments
    - Fix memory leak in xsltElementAvailableFunction
    - Fix for pattern predicates calling functions
    - Fix cmd.exe invocations in Makefile.mingw
    - Don't try to install index.sgml
    - Fix symbols.xml
    - Fix heap overread in xsltFormatNumberConversion
    - Fix <xsl:number level="any"/> for non-element nodes
    - Fix unreachable code in xsltAddChild
    - Change version number in xsl:version warning
    - Avoid infinite recursion after failed param evaluation
    - Stop if potential recursion is detected
    - Consider built-in templates in apply-imports
    - Fix precedence with multiple attribute sets
    - Rework attribute set resolution
    * Improvements:
    - Silence tests a little
    - Set LIBXML_SRC to absolute path
    - Add missing #include
    - Adjust expected error messages in tests
    - Make xsltDebug more quiet
    - New-line terminate error message that missed this convention
    - Use xmlBuffers in EXSLT string functions
    - Switch to xmlUTF8Strsize in EXSLT string functions
    - Check for return value of xmlUTF8Strlen
    - Avoid double/long round trip in FORMAT_ITEM
    - Separate date and duration structs
    - Check for overflow in _exsltDateDifference
    - Clamp seconds field of durations
    - Change _exsltDateAddDurCalc parameter types
    - Fix date:difference with time zones
    - Rework division/remainder arithmetic in date.c
    - Remove exsltDateCastDateToNumber
    - Change internal representation of years
    - Optimize IS_LEAP
    - Link libraries with libm
    - Rename xsltCopyTreeInternal to xsltCopyTree
    - Update linker version script
    - Add local wildcard to version script
    - Make some symbols static
    - Remove redundant NULL check in xsltNumberComp
    - Fix forwards compatibility for imported stylesheets
    - Reduce warnings in forwards-compatible mode
    - Precompute XSLT elements after preprocessing
    - Fix whitespace in xsltParseStylesheetTop
    - Consolidate recursion checks
    - Treat XSLT_STATE_STOPPED same as errors
    - Make sure that XSLT_STATE_STOPPED isn't overwritten
    - Add comment regarding built-in templates and params
    - Rewrite memory management of local RVTs
    - Validate QNames of attribute sets
    - Add xsl:attribute-set regression tests
    - Ignore imported stylesheets in xsltApplyAttributeSet
  - Dropped patches fixed upstream
    * libxslt-CVE-2016-4738.patch
    * libxslt-1.1.28-CVE-2017-5029.patch
* Mon Sep 11 2017 jengelh@inai.de
  - Fix RPM groups. Drop ineffective --with-pic.
    Trim conjecture from description.
* Fri Jul 28 2017 mpluskal@suse.com
  - Add gpg signature
  - Cleanup spec file with spec-cleaner
* Tue Apr 25 2017 pmonrealgonzalez@suse.com
  - Fixed CVE-2017-5029 bcs#1035905
    * Limit buffer size in xsltAddTextString to INT_MAX
  - Added patch libxslt-1.1.28-CVE-2017-5029.patch
* Wed Apr 05 2017 pgajdos@suse.com
  - security update: initialize random generator, CVE-2015-9019
    [bsc#934119]
    + libxslt-random-seed.patch
* Mon Mar 13 2017 pmonrealgonzalez@suse.com
  - Added patch libxslt-CVE-2016-4738.patch
    * Fix heap overread in xsltFormatNumberConversion: An empty
      decimal-separator could cause a heap overread. This can be
      exploited to leak a couple of bytes after the buffer that holds
      the pattern string.
    * bsc#1005591 CVE-2016-4738
* Sat Jun 11 2016 tchvatal@suse.com
  - Update to 1.1.29:
    * new release after 4 years with few bugfies all around
  - Refresh patch 0009-Make-generate-id-deterministic.patch to apply
  - Remove cve patch that was integrated upstream:
    libxslt-1.1.28-type_confusion_preprocess_attr.patch
  - Unpack the manpage as the compression is set by buildbot not always gz
* Fri May 20 2016 kstreitova@suse.com
  - add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
    type confusion in preprocessing attributes [bnc#952474],
    [CVE-2015-7995]
* Thu Apr 09 2015 suse@microstep-mis.com
  - fix package with "soname" should obsolete libxslt package on suse < 12.2 (SLE11)
* Sun Feb 01 2015 coolo@suse.com
  - add 0009-Make-generate-id-deterministic.patch from debian's
    reproducible builds project to avoid randomness in generated IDs

Files

/usr/lib/libexslt.so.0
/usr/lib/libexslt.so.0.8.20
/usr/lib/libxslt.so.1
/usr/lib/libxslt.so.1.1.32


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Jun 9 16:02:50 2022