Changelog for
libxerces-c-devel-3.1.4-lp152.4.10.x86_64.rpm :
* Thu Sep 27 2018 Tomáš Chvátal
- Add patch to fix CVE-2017-12627 bsc#1083630
* xerces-c-CVE-2017-12627.patch
* Tue Jul 05 2016 tchvatalAATTsuse.com- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
* Mon Jun 27 2016 tchvatalAATTsuse.com- Use pkgconfig requires- Disable \"pretty\" make to make it bit faster- Fix the selfobsoleting provides/requires to silence rpmlint- Use valid group for the docs
* Wed Jun 22 2016 jengelhAATTinai.de- Resolve rpmlint warnings of type \"version-control-internal-file\"
* Tue Jun 21 2016 zawel1AATTgmail.com- Update to 3.1.3
* bug fixes + memcpy used on overlapping memory regions causes sanity test failure + Typo in XMLUni::fgUnknownURIName constant + Buffer overruns in prolog parsing and error handling- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
* Thu Jun 16 2016 pjanouchAATTsuse.de- added xerces-c-CVE-2016-2099.patch Exception handling mistake causing use after free (bsc#979208, CVE-2016-2099)- xerces-c-CVE-2016-0729.patch Fix for mishandling certain kinds of malformed input documents, resulting in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. (bsc#966822, CVE-2016-0729)
* Mon Sep 28 2015 mpluskalAATTsuse.com- Update to 3.1.2
* bug fixes + Wrong temporary token type causes regex construction to fail + IGXMLScanner can fail to properly set its XSModel. + ICUTransService and IconvGNUransService CAN NOT deal with huge file. + xsi:type is not applied to root element + Problem in prefix parsing while creating Documnet, Element, Attributes on all platforms : Issue is in poolString creation + Whitespace in xsi:type + XMLUTF8Transcoder::transcodeTo fails with an exception when transcoding single characters that require 3 or more bytes as UTF8. + getWholeText leaks memory + Missing Libs.private in the xerces-c pkg-config file + XMLUni::fgXercesLoadSchema[] is not null-terminated in XMLUni.cpp + XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole alphabet + Xerces livelocks while reading external DTD if socket closes prematurely + Memory leak occurs if an exception is thrown in TranscodeToStr or TranscodeFromStr constructors + DOMDocumentImpl:: getPooledNString(const XMLCh
*in, XMLSize_t n) returns incorrect string + OutOfMemoryException being thrown on creation of an LS Serializer + TranscodeToStr::transcode throws an exception when transcoding to UTF-8 + ContentSpecNode::getMaxTotalRange: Operator precedence flaw + Add support for GNU/Hurd by using POSIX.1-2001 and POSIX.1-2008 functions + enumeration value ‘Loop’ not handled in switch src/SEnumVal/SEnumVal.cpp: + bit operation error in DOMNodeImpl::reverseTreeOrderBitPattern + build xerces-c with icu on mingw gcc 4.7.2 + Xerces 3.1.1 Xerces.Lib fails to build with new Visual Studio 2012 Update 1 when v110_xp platform is chosen + Off-by-one error in TranscodeFromStr (with ICU) + Use icu, which is built with features + LocalFileFormatTarget leaks file handle + Curl Checking + Janitor::~Janitor() throws in unwind + String pooling in DOMDocumentImpl is unsafe, particularly on 64-bit platforms + Code analysis revealed multiple potential NULL derefence conditions (currently unconfirmed) + XMLString sizeToText/binToText produce mixed case + Crash while parsing malformed documents
* improvements + MacOSUnicodeConverter.cpp: ISO C++ forbids comparison between pointer of type \'void
*\' and pointer-to-function + Allow compiling Xerces-C using C++11 (especially Clang) + VS2012 Project
* Thu Feb 19 2015 mpluskalAATTsuse.com- Use url for source- Add gpg signature- Use fdupes to remove duplicities in documentation- Split documentation into separate package- Use curl as netaccessor, necessary for proxy support
* Thu Dec 12 2013 zaitorAATTopensuse.org- Add baselib.conf in order to build -32Bit.
* Sun Oct 20 2013 hrvoje.senjanAATTgmail.com- Disable sse2 instructions on non x86_64 arches, bnc#846539