SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libxml2-python-2.7.6-21.el6_8.1.i686.rpm :

* Tue Jun 07 2016 Daniel Veillard - 2.7.6-21.el6.8.1- Heap-based buffer overread in xmlNextChar (CVE-2016-1762)- Bug 763071: Heap-buffer-overflow in xmlStrncat (CVE-2016-1834)- Bug 757711: Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)- Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal (CVE-2016-1838)- Bug 758605: Heap-based buffer overread in xmlDictAddString (CVE-2016-1839)- Bug 759398: Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)- Fix inappropriate fetch of entities content (CVE-2016-4449)- Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (CVE-2016-1837)- Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)- Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)- Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)- Add missing increments of recursion depth counter to XML parser. (CVE-2016-3705)- Avoid building recursive entities (CVE-2016-3627)- Fix some format string warnings with possible format string vulnerability (CVE-2016-4448)- More format string warnings with possible format string vulnerability (CVE-2016-4448)
* Sun Jan 24 2016 Daniel Veillard - libxml2-2.7.6-21.el6.8- Fix large parse of file from memory (rhbz#862969)
* Mon Nov 30 2015 Daniel Veillard - 2.7.6-20.1- Fix a series of CVEs (rhbz#1286495)- CVE-2015-7941 Cleanup conditional section error handling- CVE-2015-8317 Fail parsing early on if encoding conversion failed- CVE-2015-7942 Another variation of overflow in Conditional sections- CVE-2015-7942 Fix an error in previous Conditional section patch- Fix parsing short unclosed comment uninitialized access- CVE-2015-7498 Avoid processing entities after encoding conversion failures- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey- CVE-2015-5312 Another entity expansion issue- CVE-2015-7499 Add xmlHaltParser() to stop the parser- CVE-2015-7499 Detect incoherency on GROW- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries- CVE-2015-8242 Buffer overead with HTML parser in push mode- Libxml violates the zlib interface and crashes
* Wed May 06 2015 Daniel Veillard - libxml2-2.7.6-20.el6- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)
* Mon Mar 23 2015 Daniel Veillard - libxml2-2.7.6-19.el6- Stop parsing on entities boundaries errors- Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)
* Mon Mar 16 2015 Daniel Veillard - libxml2-2.7.6-18.el6- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149086)- Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)
* Wed Jun 11 2014 Daniel Veillard - libxml2-2.7.6-17.el6- Fix a set of regressions introduced in CVE-2014-0191 (rhbz#1105011)
* Tue May 06 2014 Daniel Veillard - libxml2-2.7.6-16.el6- Improve handling of xmlStopParser(CVE-2013-2877)
* Tue May 06 2014 Daniel Veillard - libxml2-2.7.6-15.el6- Do not fetch external parameter entities (CVE-2014-0191)
* Wed Jun 05 2013 Daniel Veillard - libxml2-2.7.6-14.el6- Fix a regression in 2.9.0 breaking validation while streaming (rhbz#863166)
* Tue Feb 19 2013 Daniel Veillard - 2.7.6-13.el6- detect and stop excessive entities expansion upon replacement (rhbz#912575)
* Thu Nov 29 2012 Daniel Veillard - 2.7.6-12.el6- fix out of range heap access (CVE-2012-5134)
* Wed Sep 05 2012 Daniel Veillard - 2.7.6-11.el6- Change the XPath code to percolate allocation error (CVE-2011-1944)
* Wed Aug 22 2012 Daniel Veillard - 2.7.6-10.el6- Fix an off by one pointer access (CVE-2011-3102)
* Tue Aug 21 2012 Daniel Veillard - 2.7.6-9.el6- Fix a failure to report xmlreader parsing failures- Fix parser local buffers size problems (rhbz#843742)- Fix entities local buffers size problems (rhbz#843742)- Fix an error in previous commit (rhbz#843742)- Do not fetch external parsed entities- Impose a reasonable limit on attribute size (rhbz#843742)- Impose a reasonable limit on comment size (rhbz#843742)- Impose a reasonable limit on PI size (rhbz#843742)- Cleanups and new limit APIs for dictionaries (rhbz#843742)- Introduce some default parser limits (rhbz#843742)- Implement some default limits in the XPath module- Fixup limits parser (rhbz#843742)- Enforce XML_PARSER_EOF state handling through the parser- Avoid quadratic behaviour in some push parsing cases (rhbz#843742)- More avoid quadratic behaviour (rhbz#843742)- Strengthen behaviour of the push parser in problematic situations (rhbz#843742)- More fixups on the push parser behaviour (rhbz#843742)- Fix a segfault on XSD validation on pattern error- Fix an unimplemented part in RNG value validation
* Wed Feb 15 2012 Daniel Veillard - 2.7.6-8.el6- remove chunk in patch related to configure.in as it breaks rebuild- Resolves: rhbz#788846
* Mon Feb 13 2012 Daniel Veillard - 2.7.6-7.el6- fix previous build to force compilation of randomization code- Resolves: rhbz#788846
* Fri Feb 10 2012 Daniel Veillard - 2.7.6-6.el6- adds randomization to hash and dict structures CVE-2012-0841- Resolves: rhbz#788846
* Fri Jan 06 2012 Daniel Veillard - 2.7.6-5.el6- Make sure the parser returns when getting a Stop order CVE-2011-3905- Fix an allocation error when copying entities CVE-2011-3919- Resolves: rhbz#771910
* Tue Oct 11 2011 Daniel Veillard - 2.7.6-4- Fixes another XPath problem CVE-2011-2834- Resolves: rhbz#732335
* Mon Aug 22 2011 Daniel Veillard - 2.7.6-3- Fixes various other issues in 2.7.6 XPath evaluation- Resolves: rhbz#732335
* Tue Jun 28 2011 Daniel Veillard - 2.7.6-2- Fix a potential crasher in XPath or XSLT, CVE-2011-1944- Resolves: rhbz#710397
* Tue Oct 06 2009 Daniel Veillard - 2.7.6-1- Upstream release of 2.7.6- restore thread support off by default in 2.7.5
* Thu Sep 24 2009 Daniel Veillard - 2.7.5-1- Upstream release of 2.7.5- fix a couple of Relax-NG validation problems- couple more fixes
* Tue Sep 15 2009 Daniel Veillard - 2.7.4-2- fix a problem with little data at startup affecting inkscape #523002
* Thu Sep 10 2009 Daniel Veillard - 2.7.4-1- upstream release 2.7.4- symbol versioning of libxml2 shared libs- very large number of bug fixes
* Mon Aug 10 2009 Daniel Veillard - 2.7.3-4- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416
* Sat Jul 25 2009 Fedora Release Engineering - 2.7.3-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Feb 25 2009 Fedora Release Engineering - 2.7.3-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sun Jan 18 2009 Daniel Veillard - 2.7.3-1- new release 2.7.3- limit default max size of text nodes- special parser mode for PHP- bug fixes and more compiler checks
* Wed Dec 03 2008 Ignacio Vazquez-Abrams - 2.7.2-7- Pull back into Python 2.6
* Wed Dec 03 2008 Caolán McNamara - 2.7.2-6- AutoProvides requires BuildRequires pkgconfig
* Wed Dec 03 2008 Caolán McNamara - 2.7.2-5- rebuild to get provides(libxml-2.0) into HEAD rawhide
* Mon Dec 01 2008 Ignacio Vazquez-Abrams - 2.7.2-4- Rebuild for pkgconfig logic
* Fri Nov 28 2008 Ignacio Vazquez-Abrams - 2.7.2-3- Rebuild for Python 2.6
* Wed Nov 12 2008 Daniel Veillard - 2.7.2-2.fc11- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226
* Fri Oct 03 2008 Daniel Veillard 2.7.2-1.fc10- new release 2.7.2- Fixes the known problems in 2.7.1- increase the set of options when saving documents
* Thu Oct 02 2008 Daniel Veillard 2.7.1-2.fc10- fix a nasty bug in 2.7.x, http://bugzilla.gnome.org/show_bug.cgi?id=554660
* Mon Sep 01 2008 Daniel Veillard 2.7.1-1.fc10- fix python serialization which was broken in 2.7.0- Resolve: rhbz#460774
* Sat Aug 30 2008 Daniel Veillard 2.7.0-1.fc10- upstream release of 2.7.0- switch to XML 1.0 5th edition- switch to RFC 3986 for URI parsing- better entity handling- option to remove hardcoded limitations in the parser- more testing- a new API to allocate entity nodes- and lot of fixes and clanups
* Mon Aug 25 2008 Daniel Veillard 2.6.32-4.fc10- fix for entities recursion problem- Resolve: rhbz#459714
* Fri May 30 2008 Daniel Veillard 2.6.32-3.fc10- cleanup based on Fedora packaging guidelines, should fix #226079- separate a -static package
* Thu May 15 2008 Daniel Veillard 2.6.32-2.fc10- try to fix multiarch problems like #440206
* Tue Apr 08 2008 Daniel Veillard 2.6.32-1.fc9- upstream release 2.6.32 see http://xmlsoft.org/news.html- many bug fixed upstream
* Wed Feb 20 2008 Fedora Release Engineering - 2.6.31-2- Autorebuild for GCC 4.3
* Fri Jan 11 2008 Daniel Veillard 2.6.31-1.fc9- upstream release 2.6.31 see http://xmlsoft.org/news.html- many bug fixed upstream
* Thu Aug 23 2007 Daniel Veillard 2.6.30-1- upstream release 2.6.30 see http://xmlsoft.org/news.html- many bug fixed upstream
* Tue Jun 12 2007 Daniel Veillard 2.6.29-1- upstream release 2.6.29 see http://xmlsoft.org/news.html- many bug fixed upstream
* Wed May 16 2007 Matthias Clasen 2.6.28-2- Bump revision to fix N-V-R problem
* Tue Apr 17 2007 Daniel Veillard 2.6.28-1- upstream release 2.6.28 see http://xmlsoft.org/news.html- many bug fixed upstream
* Thu Dec 07 2006 Jeremy Katz - 2.6.27-2- rebuild against python 2.5
* Wed Oct 25 2006 Daniel Veillard 2.6.27-1- upstream release 2.6.27 see http://xmlsoft.org/news.html- very large amount of bug fixes reported upstream
* Wed Jul 12 2006 Jesse Keating - 2.6.26-2.1.1- rebuild
* Wed Jul 12 2006 Jesse Keating - 2.6.26-2.1- rebuild
* Wed Jun 07 2006 Daniel Veillard 2.6.26-2- fix bug #192873
* Tue Jun 06 2006 Daniel Veillard 2.6.26-1- upstream release 2.6.26 see http://xmlsoft.org/news.html
* Tue Jun 06 2006 Daniel Veillard - upstream release 2.6.25 broken, do not ship !
  
ICM