SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libxml2-2.7.6-17.el6_6.1.i686.rpm :
Sat Oct 11 14:00:00 2014 Daniel Veillard - libxml2-2.7.6-17.el6.1
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149085)

Wed Jun 11 14:00:00 2014 Daniel Veillard - libxml2-2.7.6-17.el6
- Fix a set of regressions introduced in CVE-2014-0191 (rhbz#1105011)

Tue May 6 14:00:00 2014 Daniel Veillard - libxml2-2.7.6-16.el6
- Improve handling of xmlStopParser(CVE-2013-2877)

Tue May 6 14:00:00 2014 Daniel Veillard - libxml2-2.7.6-15.el6
- Do not fetch external parameter entities (CVE-2014-0191)

Wed Jun 5 14:00:00 2013 Daniel Veillard - libxml2-2.7.6-14.el6
- Fix a regression in 2.9.0 breaking validation while streaming (rhbz#863166)

Tue Feb 19 13:00:00 2013 Daniel Veillard - 2.7.6-13.el6
- detect and stop excessive entities expansion upon replacement (rhbz#912575)

Thu Nov 29 13:00:00 2012 Daniel Veillard - 2.7.6-12.el6
- fix out of range heap access (CVE-2012-5134)

Wed Sep 5 14:00:00 2012 Daniel Veillard - 2.7.6-11.el6
- Change the XPath code to percolate allocation error (CVE-2011-1944)

Wed Aug 22 14:00:00 2012 Daniel Veillard - 2.7.6-10.el6
- Fix an off by one pointer access (CVE-2011-3102)

Tue Aug 21 14:00:00 2012 Daniel Veillard - 2.7.6-9.el6
- Fix a failure to report xmlreader parsing failures
- Fix parser local buffers size problems (rhbz#843742)
- Fix entities local buffers size problems (rhbz#843742)
- Fix an error in previous commit (rhbz#843742)
- Do not fetch external parsed entities
- Impose a reasonable limit on attribute size (rhbz#843742)
- Impose a reasonable limit on comment size (rhbz#843742)
- Impose a reasonable limit on PI size (rhbz#843742)
- Cleanups and new limit APIs for dictionaries (rhbz#843742)
- Introduce some default parser limits (rhbz#843742)
- Implement some default limits in the XPath module
- Fixup limits parser (rhbz#843742)
- Enforce XML_PARSER_EOF state handling through the parser
- Avoid quadratic behaviour in some push parsing cases (rhbz#843742)
- More avoid quadratic behaviour (rhbz#843742)
- Strengthen behaviour of the push parser in problematic situations (rhbz#843742)
- More fixups on the push parser behaviour (rhbz#843742)
- Fix a segfault on XSD validation on pattern error
- Fix an unimplemented part in RNG value validation

Wed Feb 15 13:00:00 2012 Daniel Veillard - 2.7.6-8.el6
- remove chunk in patch related to configure.in as it breaks rebuild
- Resolves: rhbz#788846

Mon Feb 13 13:00:00 2012 Daniel Veillard - 2.7.6-7.el6
- fix previous build to force compilation of randomization code
- Resolves: rhbz#788846

Fri Feb 10 13:00:00 2012 Daniel Veillard - 2.7.6-6.el6
- adds randomization to hash and dict structures CVE-2012-0841
- Resolves: rhbz#788846

Fri Jan 6 13:00:00 2012 Daniel Veillard - 2.7.6-5.el6
- Make sure the parser returns when getting a Stop order CVE-2011-3905
- Fix an allocation error when copying entities CVE-2011-3919
- Resolves: rhbz#771910

Tue Oct 11 14:00:00 2011 Daniel Veillard - 2.7.6-4
- Fixes another XPath problem CVE-2011-2834
- Resolves: rhbz#732335

Mon Aug 22 14:00:00 2011 Daniel Veillard - 2.7.6-3
- Fixes various other issues in 2.7.6 XPath evaluation
- Resolves: rhbz#732335

Tue Jun 28 14:00:00 2011 Daniel Veillard - 2.7.6-2
- Fix a potential crasher in XPath or XSLT, CVE-2011-1944
- Resolves: rhbz#710397

Tue Oct 6 14:00:00 2009 Daniel Veillard - 2.7.6-1
- Upstream release of 2.7.6
- restore thread support off by default in 2.7.5

Thu Sep 24 14:00:00 2009 Daniel Veillard - 2.7.5-1
- Upstream release of 2.7.5
- fix a couple of Relax-NG validation problems
- couple more fixes

Tue Sep 15 14:00:00 2009 Daniel Veillard - 2.7.4-2
- fix a problem with little data at startup affecting inkscape #523002

Thu Sep 10 14:00:00 2009 Daniel Veillard - 2.7.4-1
- upstream release 2.7.4
- symbol versioning of libxml2 shared libs
- very large number of bug fixes

Mon Aug 10 14:00:00 2009 Daniel Veillard - 2.7.3-4
- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416

Sat Jul 25 14:00:00 2009 Fedora Release Engineering - 2.7.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Wed Feb 25 13:00:00 2009 Fedora Release Engineering - 2.7.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Sun Jan 18 13:00:00 2009 Daniel Veillard - 2.7.3-1
- new release 2.7.3
- limit default max size of text nodes
- special parser mode for PHP
- bug fixes and more compiler checks

Wed Dec 3 13:00:00 2008 Ignacio Vazquez-Abrams - 2.7.2-7
- Pull back into Python 2.6

Wed Dec 3 13:00:00 2008 Caolán McNamara - 2.7.2-6
- AutoProvides requires BuildRequires pkgconfig

Wed Dec 3 13:00:00 2008 Caolán McNamara - 2.7.2-5
- rebuild to get provides(libxml-2.0) into HEAD rawhide

Mon Dec 1 13:00:00 2008 Ignacio Vazquez-Abrams - 2.7.2-4
- Rebuild for pkgconfig logic

Fri Nov 28 13:00:00 2008 Ignacio Vazquez-Abrams - 2.7.2-3
- Rebuild for Python 2.6

Wed Nov 12 13:00:00 2008 Daniel Veillard - 2.7.2-2.fc11
- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226

Fri Oct 3 14:00:00 2008 Daniel Veillard 2.7.2-1.fc10
- new release 2.7.2
- Fixes the known problems in 2.7.1
- increase the set of options when saving documents

Thu Oct 2 14:00:00 2008 Daniel Veillard 2.7.1-2.fc10
- fix a nasty bug in 2.7.x, http://bugzilla.gnome.org/show_bug.cgi?id=554660

Mon Sep 1 14:00:00 2008 Daniel Veillard 2.7.1-1.fc10
- fix python serialization which was broken in 2.7.0
- Resolve: rhbz#460774

Sat Aug 30 14:00:00 2008 Daniel Veillard 2.7.0-1.fc10
- upstream release of 2.7.0
- switch to XML 1.0 5th edition
- switch to RFC 3986 for URI parsing
- better entity handling
- option to remove hardcoded limitations in the parser
- more testing
- a new API to allocate entity nodes
- and lot of fixes and clanups

Mon Aug 25 14:00:00 2008 Daniel Veillard 2.6.32-4.fc10
- fix for entities recursion problem
- Resolve: rhbz#459714

Fri May 30 14:00:00 2008 Daniel Veillard 2.6.32-3.fc10
- cleanup based on Fedora packaging guidelines, should fix #226079
- separate a -static package

Thu May 15 14:00:00 2008 Daniel Veillard 2.6.32-2.fc10
- try to fix multiarch problems like #440206

Tue Apr 8 14:00:00 2008 Daniel Veillard 2.6.32-1.fc9
- upstream release 2.6.32 see http://xmlsoft.org/news.html
- many bug fixed upstream

Wed Feb 20 13:00:00 2008 Fedora Release Engineering - 2.6.31-2
- Autorebuild for GCC 4.3

Fri Jan 11 13:00:00 2008 Daniel Veillard 2.6.31-1.fc9
- upstream release 2.6.31 see http://xmlsoft.org/news.html
- many bug fixed upstream

Thu Aug 23 14:00:00 2007 Daniel Veillard 2.6.30-1
- upstream release 2.6.30 see http://xmlsoft.org/news.html
- many bug fixed upstream

Tue Jun 12 14:00:00 2007 Daniel Veillard 2.6.29-1
- upstream release 2.6.29 see http://xmlsoft.org/news.html
- many bug fixed upstream

Wed May 16 14:00:00 2007 Matthias Clasen 2.6.28-2
- Bump revision to fix N-V-R problem

Tue Apr 17 14:00:00 2007 Daniel Veillard 2.6.28-1
- upstream release 2.6.28 see http://xmlsoft.org/news.html
- many bug fixed upstream

Thu Dec 7 13:00:00 2006 Jeremy Katz - 2.6.27-2
- rebuild against python 2.5

Wed Oct 25 14:00:00 2006 Daniel Veillard 2.6.27-1
- upstream release 2.6.27 see http://xmlsoft.org/news.html
- very large amount of bug fixes reported upstream

Wed Jul 12 14:00:00 2006 Jesse Keating - 2.6.26-2.1.1
- rebuild

Wed Jul 12 14:00:00 2006 Jesse Keating - 2.6.26-2.1
- rebuild

Wed Jun 7 14:00:00 2006 Daniel Veillard 2.6.26-2
- fix bug #192873

Tue Jun 6 14:00:00 2006 Daniel Veillard 2.6.26-1
- upstream release 2.6.26 see http://xmlsoft.org/news.html

Tue Jun 6 14:00:00 2006 Daniel Veillard
- upstream release 2.6.25 broken, do not ship !


  
ICM