Changelog for
xerces-c-3.1.4-43.1.x86_64.rpm :
Tue Jul 5 14:00:00 2016 tchvatalAATTsuse.com
- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
Mon Jun 27 14:00:00 2016 tchvatalAATTsuse.com
- Use pkgconfig requires
- Disable \"pretty\" make to make it bit faster
- Fix the selfobsoleting provides/requires to silence rpmlint
- Use valid group for the docs
Wed Jun 22 14:00:00 2016 jengelhAATTinai.de
- Resolve rpmlint warnings of type \"version-control-internal-file\"
Tue Jun 21 14:00:00 2016 zawel1AATTgmail.com
- Update to 3.1.3
* bug fixes
+ memcpy used on overlapping memory regions causes sanity test failure
+ Typo in XMLUni::fgUnknownURIName constant
+ Buffer overruns in prolog parsing and error handling
- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
Thu Jun 16 14:00:00 2016 pjanouchAATTsuse.de
- added xerces-c-CVE-2016-2099.patch
Exception handling mistake causing use after free
(bsc#979208, CVE-2016-2099)
- xerces-c-CVE-2016-0729.patch
Fix for mishandling certain kinds of malformed input documents,
resulting in buffer overlows during processing and error reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. (bsc#966822, CVE-2016-0729)
Mon Sep 28 14:00:00 2015 mpluskalAATTsuse.com
- Update to 3.1.2
* bug fixes
+ Wrong temporary token type causes regex construction to fail
+ IGXMLScanner can fail to properly set its XSModel.
+ ICUTransService and IconvGNUransService CAN NOT deal with
huge file.
+ xsi:type is not applied to root element
+ Problem in prefix parsing while creating Documnet, Element,
Attributes on all platforms : Issue is in poolString creation
+ Whitespace in xsi:type
+ XMLUTF8Transcoder::transcodeTo fails with an exception when
transcoding single characters that require 3 or more bytes as
UTF8.
+ getWholeText leaks memory
+ Missing Libs.private in the xerces-c pkg-config file
+ XMLUni::fgXercesLoadSchema[] is not null-terminated in
XMLUni.cpp
+ XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole
alphabet
+ Xerces livelocks while reading external DTD if socket closes
prematurely
+ Memory leak occurs if an exception is thrown in
TranscodeToStr or TranscodeFromStr constructors
+ DOMDocumentImpl:: getPooledNString(const XMLCh
*in,
XMLSize_t n) returns incorrect string
+ OutOfMemoryException being thrown on creation of an LS
Serializer
+ TranscodeToStr::transcode throws an exception when
transcoding to UTF-8
+ ContentSpecNode::getMaxTotalRange: Operator precedence
flaw
+ Add support for GNU/Hurd by using POSIX.1-2001 and
POSIX.1-2008 functions
+ enumeration value ‘Loop’ not handled in switch
src/SEnumVal/SEnumVal.cpp:
+ bit operation error in DOMNodeImpl::reverseTreeOrderBitPattern
+ build xerces-c with icu on mingw gcc 4.7.2
+ Xerces 3.1.1 Xerces.Lib fails to build with new Visual
Studio 2012 Update 1 when v110_xp platform is chosen
+ Off-by-one error in TranscodeFromStr (with ICU)
+ Use icu, which is built with features
+ LocalFileFormatTarget leaks file handle
+ Curl Checking
+ Janitor
::~Janitor() throws in unwind
+ String pooling in DOMDocumentImpl is unsafe, particularly on
64-bit platforms
+ Code analysis revealed multiple potential NULL derefence
conditions (currently unconfirmed)
+ XMLString sizeToText/binToText produce mixed case
+ Crash while parsing malformed documents
* improvements
+ MacOSUnicodeConverter.cpp: ISO C++ forbids comparison
between pointer of type \'void
*\' and pointer-to-function
+ Allow compiling Xerces-C using C++11 (especially Clang)
+ VS2012 Project
Thu Feb 19 13:00:00 2015 mpluskalAATTsuse.com
- Use url for source
- Add gpg signature
- Use fdupes to remove duplicities in documentation
- Split documentation into separate package
- Use curl as netaccessor, necessary for proxy support
Thu Dec 12 13:00:00 2013 zaitorAATTopensuse.org
- Add baselib.conf in order to build -32Bit.
Sun Oct 20 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Disable sse2 instructions on non x86_64 arches, bnc#846539
Fri Apr 13 14:00:00 2012 behrischAATTusers.sourceforge.net
- updated to 3.1.1
* Check that we have non-NULL host before trying to connect (XERCESC-1920).
* Recover from the mismatching start/end even count which may happen when we continue parsing an invalid document (XERCESC-1919).
* If the transcoder doesn\'t process any input, throw an exception (XERCESC-1916).
* Delay the recursive expansion of includes until the document fragment has been placed in the final location (XERCESC-1918).
* The code formatting a content model was skipping the cardinality indicators (
*, +, ?) (XERCESC-1914).
* Fix a few bugs and memory leaks in XInclude code.
* Give proper name to 64-bit PDB file in static build (XERCESC-1907).
* Spelling fixes (XERCESC-1911).
* Don\'t include cpuid.h if we are using intrin.h (XERCESC-1912).
* Fix socket leak.
* Set scanner object on validation context. Needed during QName validation. Don\'t re-validate default/fixed values in preContentValidation when called from loadGrammar. This values are already validated in TraverseSchema.
* Remove explicit setting of prefix for cloned elements and attributes since it is done properly by the create
*() functions (XERCESC-1913).
* Initializing unitialized variables in TranscodeToStr and TranscodeFromStr (#XERCESC-1858).
* Fixed a bug when transcoding small strings using TranscodeToStr (XERCESC-1858).
Sat Jan 28 13:00:00 2012 jengelhAATTmedozas.de
- Remove redundant tags/sections per specfile guideline suggestions
- Parallel building using %_smp_mflags
- Restore missing pkgconfig provides
Wed Oct 7 14:00:00 2009 prusnakAATTsuse.cz
- fix provides and obsoletes [bnc#544957]
Thu Aug 13 14:00:00 2009 prusnakAATTsuse.cz
- fix CVE-2009-1885 (CVE-2009-1885.patch) [bnc#530708]
Tue Mar 10 13:00:00 2009 prusnakAATTsuse.cz
- updated to 3.0.1
* More robust handling of leading/trailing whitespaces (XERCESC-1838).
* Minor documentation updates, including a fix for XERCESC-1848.
* Add --disable-rpath configure option.
* Remove class name from method declaration (XERCESC-1850).
* Fix a bug in the socket and winsock net accessors when a redirection
response does not contain a \"Location\" header.
* Make XMLMutex use the correct MemoryManager when it closes it\'s mutex.
* Documentation fixes (XERCESC-1841).
* Backport fixes for memory leaks.
* Alberto Massari Force Borland projects to use CRLF EOL.
* The wrong constructor was called, causing a memory leak (XERCESC-1840).
* Fix memory leak (XERCESC-1834).
* Update URLs in source code to point to the new pages.
Tue Mar 10 13:00:00 2009 prusnakAATTsuse.cz
- updated to 3.0.0
* changes too numerous to list
- removed obsoleted patch:
* lib64.patch
* optflags.patch