SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libxslt1-1.1.28-17.17.3.i586.rpm :

* Wed Feb 22 2023 pmonrealAATTsuse.com- Security Fix: [bsc#1208574, CVE-2021-30560]
* Use after free in Blink XSLT
* Add libxslt-CVE-2021-30560.patch
* Thu Nov 10 2022 pmonrealAATTsuse.com- Fix broken license symlink for libxslt-tools [bsc#1203669]
* Mon Oct 21 2019 pmonrealgonzalezAATTsuse.com- Security fix [bsc#1154609, CVE-2019-18197]
* Fix dangling pointer in xsltCopyText
* Add libxslt-CVE-2019-18197.patch
* Tue Jul 02 2019 pmonrealgonzalezAATTsuse.com- Security fix: [bsc#1140101, CVE-2019-13118]
* Fix uninitialized read with UTF-8 grouping chars. Read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character
* Added libxslt-CVE-2019-13118.patch
* Tue Jul 02 2019 pmonrealgonzalezAATTsuse.com- Security fix: [bsc#1140095, CVE-2019-13117]
* Fix uninitialized read of xsl:number token. An xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers
* Added libxslt-CVE-2019-13117.patch
* Thu Apr 11 2019 pmonrealgonzalezAATTsuse.com- Security fix: [bsc#1132160, CVE-2019-11068]
* Bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
* Added libxslt-CVE-2019-11068.patch
* Fri May 05 2017 pmonrealgonzalezAATTsuse.com- Fixed CVE-2015-7995 bsc#952474
* Type confusion vulnerability may cause a DoS- Added patch libxslt-CVE-2015-7995.patch
* Tue Apr 25 2017 pmonrealgonzalezAATTsuse.com- Fixed CVE-2017-5029 bcs#1035905
* Limit buffer size in xsltAddTextString to INT_MAX- Added patch libxslt-1.1.28-CVE-2017-5029.patch
* Wed Apr 05 2017 pgajdosAATTsuse.com- security update: initialize random generator, CVE-2015-9019 [bsc#934119] + libxslt-random-seed.patch
* Tue Mar 21 2017 pmonrealgonzalezAATTsuse.com- Added patch libxslt-CVE-2016-4738.patch
* Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string.
* bsc#1005591 CVE-2016-4738
* Thu Dec 06 2012 pascal.bleserAATTopensuse.org- update to 1.1.28:
* fix generate-id() to avoid generating the same ID
* fix crash with empty xsl:key/AATTmatch attribute
* fix crash when passing an uninitialized variable to document()
* fix regression: default namespace not correctly used
* remove xsltTransStorageAdd and xsltTransStorageRemove from symbols.xml- changes from 1.1.27:
* link python module with python library (Frederic Crozat)
* report errors on variable use in key
* the XSLT namespace string is a constant one
* fix handling of names in xsl:attribute
* reserved namespaces in xsl:element and xsl:attribute
* null-terminate result string of cry:rc4_decrypt
* EXSLT date normalization fix
* exit after compilation of invalid func:result
* fix for EXSLT func:function
* rewrite EXSLT string:replace to be conformant
* avoid a heap use after free error
* fix a dictionary string usage
* output should not include extraneous newlines when indent is off
* document(\'\') fails to return stylesheets parsed from memory
* xsltproc should return an error code if xinclude fails
* forwards-compatible processing of unknown top level elements
* fix system-property with unknown namespace
* fix default template processing on namespace nodes
* fix a bug in selecting XSLT elements
* fix a memory leak with xsl:number
* fix a problem with ESXLT date:add() with January
* fix generate-id() to not expose object addresses
* allow whitespace in xsl:variable with select
* fix direct pattern matching bug
* add the saxon:systemId extension
* add an append mode to document output
* fix portability to upcoming libxml2-2.9.0
* precompile patterns in xsl:number- change soname macro back to \"1\" and enforce it in the files list- revert -tools subpackage for openSUSE < 12.2 as that has only become effective since 12.2 on the package that ships with the distribution, to avoid having a completely different package layout in this repository as compared to the stock distribution packages (added a Provides: libxslt-tools though)
* Wed Apr 25 2012 chrisAATTcomputersalat.de- add macro \"soname\" %{name}1- fix \"self obsoletion\"
* Sat Mar 17 2012 jengelhAATTmedozas.de- Make sure to follow shlib policy; put tools in a separate package like done in libxml2
* Wed Jan 04 2012 jengelhAATTmedozas.de- Remove redundant tags (License: field is inherited)- Use exact EVR for Provides:
* Wed Jan 04 2012 cfarrellAATTsuse.com- Tutorial contains GPL-2.0+ code. Either split this off into a subpackage or add GPL-2.0+ as an aggregation to the main licence tag
* Sat Dec 03 2011 agrafAATTsuse.com- don\'t run make check in QEMU builds - breaks due to massive threading
* Mon Nov 21 2011 jengelhAATTmedozas.de- Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Sun Nov 20 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Thu Sep 08 2011 dmuellerAATTsuse.de- fix provides/obsoletes
* Tue Aug 02 2011 idonmezAATTnovell.com- Add dependency on libgcrypt-devel and libgpg-error-devel for the libxslt-devel package
* Mon Aug 01 2011 idonmezAATTnovell.com- Correctly obsolete libxslt package in the baselibs.conf too
* Fri Jul 29 2011 idonmezAATTnovell.com- Fix build on SLE
* Fri Jul 29 2011 crrodriguezAATTopensuse.org- Fix broken requires,provides,Obsoletes causing \"have choice..\" build system errors- Remove all \"la\" files since they are no longer needed- Fix -devel pacakge requires and messed up -config scripts this may cause build fails of already broken dependant packages that do not link all the needed libraries in an explicit manner (This is not a bug here, it is expected to cause it)
* Wed Jul 27 2011 giecriljAATTstegny.2a.pl- package clean-up: - include library version number in the name of the binary package - add an alias for xsltproc (required by package xmlto)
* Wed Jul 21 2010 puzelAATTnovell.com- update to libxslt-1.1.26 - Improvements: - Add xsltProcessOneNode to exported symbols for lxml - Features: - Add API versioning and various cleanups - xsl:sort lang support using the locale - Bug fixes - Portability, documentation fixes- drop libxslt-1.1.24-rc4-overflow.patch (included upstream)- drop libxslt-1.1.24-am.patch (included upstream)
* Sat Apr 24 2010 cooloAATTnovell.com- buildrequire pkg-config to fix provides
* Mon Dec 14 2009 jengelhAATTmedozas.de- add baselibs.conf as a source
* Sun Jun 21 2009 cooloAATTnovell.com- fix build with automake 1.11
 
ICM