Changelog for
xerces-c-3.2.5-1.4.x86_64.rpm :
* Wed Dec 27 2023 Dirk Müller
- update to 3.2.5 (bsc#1159552, CVE-2018-1311):
* [XERCESC-2163] - XercesMessages_en_US.cat is installed to wrong directory
* [XERCESC-2188] - Use-after-free on external DTD scan
* Wed Oct 26 2022 Dirk Müller - update to 3.2.4:
* [XERCESC-2195] - Invalid attribute in .gitattributes file
* [XERCESC-2196] - cross-compiling issue
* [XERCESC-2214] - Wrong delete[] in MemBufInputSource dtor
* [XERCESC-2217] - ICUTranscoder::transcodeFrom buffer overflow
* [XERCESC-2218] - CurlURLInputStream constructor memory leak
* [XERCESC-2219] - XMLReader constructor: memory leak when refreshRawBuffer() throws
* [XERCESC-2221] - InMemMsgLoader::loadMsg(): fix memory leak when transcoding fails
* [XERCESC-2222] - DFAContentModel::checkUniqueParticleAttribution(): fix memory leak
* [XERCESC-2223] - SAX2XMLReaderImpl::error(): potential memory leak
* [XERCESC-2225] - Link to installed CMake targets of CURL
* [XERCESC-2227] - Memleak fixes in ContentSpecNode and ComplexTypeInfo classes
* [XERCESC-2228] - DFAContentModel: fix memory leaks when OutOfMemoryException occurs
* [XERCESC-2229] - IGXMLScanner::scanDocTypeDecl(): fix memory leak on exception
* [XERCESC-2230] - DFAContentModel::buildSyntaxTree(): fix memory leaks when OutOfMemoryException occurs
* [XERCESC-2235] - DFAContentModel::buildDFA(): correctly zero-initialize fFollowList
* [XERCESC-2236] - Dependencies aren\'t loaded when using provided CMake config package
* [XERCESC-2241] - Integer overflows in DFAContentModel class
* [XERCESC-2242] - Non-default curl location breaks autoconf link detection
* Sat Aug 15 2020 Dirk Mueller - update to 3.2.3:
* Custom HTTP headers missing with CURL NetAccessor
* Type Confusion from DTDGrammar to SchemaGrammar
* Patch to build with older GCC
* fix build without pthread
* XMLUTF8Transcoder: One multibyte UTF8 character is swallowed from the srcData when the resulting surrogate pair does not fit in toFill at the end
* Postpone freeing the memory being used by CURL
* Memory leak in ValueVectorOf
* There is an error in the parameters of the ThreadTtest8 script in Apache xerces-c++ XML\'s tests/script
* Incorrect symbolic links created for Linux static library and MacOS static and shared libraries
* invalid windows version check for `onXPOrLater`
* Handle surrogate pairs when reading a QName instead of ASSERTing
* Janitor.hpp fails to compile on Solaris with Solaris Studio 12.2 and 12.4
* undef symbols on HPUX for ArrayJanitor
* DOM tests crash on AIX
* XMLChar with NEED_TO_GEN_TABLE has 2 buffer out of bounds reads
* Including Xerces_autoconf_config.hpp on Windows fails due to undefined ssize_t
* Wed Feb 12 2020 Tomáš Chvátal - Fixup rpmlint warning about installed Makefiles
* Tue Oct 02 2018 Tomáš Chvátal - Fix the libname dependency in devel pkg, typo after libname change
* Thu Sep 27 2018 Tomáš Chvátal - Version update to 3.2.2:
* Fixes CVE-2017-12627 bsc#1083630- Remove the switch to disable SSE2 on i586, we support pentium4 as lowest and that has sse2
* Tue Jul 05 2016 tchvatalAATTsuse.com- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
* Mon Jun 27 2016 tchvatalAATTsuse.com- Use pkgconfig requires- Disable \"pretty\" make to make it bit faster- Fix the selfobsoleting provides/requires to silence rpmlint- Use valid group for the docs
* Wed Jun 22 2016 jengelhAATTinai.de- Resolve rpmlint warnings of type \"version-control-internal-file\"
* Tue Jun 21 2016 zawel1AATTgmail.com- Update to 3.1.3
* bug fixes + memcpy used on overlapping memory regions causes sanity test failure + Typo in XMLUni::fgUnknownURIName constant + Buffer overruns in prolog parsing and error handling- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.