SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for dom4j-2.1.4-4.1.noarch.rpm :

* Wed Feb 21 2024 Gus Kenion - Use %patch -P N instead of deprecated %patchN.
* Thu Feb 15 2024 Fridrich Strba - The license is actually Plexus
* Thu Nov 02 2023 Anton Shvetz - JPMS: Add the Automatic-Module-Name attribute to the manifest.
* Thu Aug 24 2023 Fridrich Strba - Make a separate flavour for a minimal dom4j-bootstrap package used to build jaxen and full dom4j- Added patch:
* 0001-no-jaxen-dom4.patch
* for the bootstrap package, patch out the code that requires jaxen with dom4j support to build
* Thu Aug 24 2023 Fridrich Strba - Upgrade to upstream version 2.1.4
* Improvements and potentially breaking changes + Added new factory method org.dom4j.io.SAXReader.createDefault(). It has more secure defaults than new SAXReader(), which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser(). + If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j. + Following SAX parser features are disabled by default in DocumentHelper.parse() for security reasons (they were enabled in previous versions): ° http://xml.org/sax/properties/external-general-entities ° http://xml.org/sax/properties/external-parameter-entities
* Other changes: + updated pull-parser version + Reuse the writeAttribute method in writeAttributes + support build on OS with non-UTF8 as default charset + Gradle: add an automatic module name + Use Correct License Name \"Plexus\" + Possible vulnerability of DocumentHelper.parseText() to XML injection + CVS directories left in the source tree + XMLWriter does not escape supplementary unicode characters correctly + writer.writeOpen(x) doesn\'t write namespaces + concurrency problem with QNameCache + all dependencies are optional + SAXReader: hardcoded namespace features + validate QNames + StringIndexOutOfBoundsException in XMLWriter.writeElementContent() + TreeNode has grown some generics + QName serialization fix + DocumentException initialize with nested exception + Accidentally occurring error in a multi-threaded test + compatibility with W3C DOM Level 3 + use Java generics- Removed patches:
* dom4j-1.6.1-bug1618750.patch
* dom4j-CVE-2018-1000632.patch
* dom4j-CVE-2020-10683.patch
* dom4j-enable-stax-datatypes.patch
* dom4j-javadoc.patch
* dom4j-sourcetarget.patch + not needed with this version
* Mon Jul 24 2023 Fridrich Strba - Do not depend on jtidy, since it is not used during build
* Wed Mar 30 2022 Fridrich Strba - Build against the standalone JavaEE modules unconditionally
* Mon Mar 28 2022 Fridrich Strba - Add alias to the new artifact coordinates org.dom4j:dom4j- Simplify the spec file a bit
* Thu Mar 17 2022 Fridrich Strba - Add jaxb-api dependency for relevant distribution versions so that we can build with JDKs that do not include the JavaEE modules
* Fri Apr 17 2020 Pedro Monreal Gonzalez - Security fix: [bsc#1169760, CVE-2020-10683]
* External Entity vulnerability in default SAX parser
* Add dom4j-CVE-2020-10683.patch
 
ICM