SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libexpat1-debuginfo-2.1.0-17.9.x86_64.rpm :

* Tue May 17 2016 kstreitovaAATTsuse.com- add expat-2.1.0-heap_buffer_overflow.patch to fix multiple integer overflows [bnc#980391], [CVE-2015-1283]- fix some issues with the current version of the expat-2.1.0-parser_crashes_on_malformed_input.patch [bnc#979441], [CVE-2016-0718]
* Wed May 11 2016 kstreitovaAATTsuse.com- add expat-2.1.0-parser_crashes_on_malformed_input.patch to fix Expat XML parser that mishandles certain kinds of malformed input documents [bnc#979441], [CVE-2016-0718]
* Tue Mar 26 2013 mmeisterAATTsuse.com- Added url as source. Please see http://en.opensuse.org/SourceUrls
* Thu Feb 21 2013 jengelhAATTinai.de- Sanitize description of expat (replace it with a more current one from the homepage)
* Mon Feb 04 2013 schwabAATTsuse.de- Update config.guess/sub for aarch64
* Wed Jan 23 2013 pgajdosAATTsuse.com- fix of fix of [bnc#798644]- according to upstream changelog: - Improved ability to build without the configure-generated expat_config.h header. This is useful for applications which embed Expat rather than linking in the library. because I am not exactly sure about implication of this, rather use - DXML_HAVE_VISIBILITY in CFLAG_VISIBILITY in expat-visibility.patch
* Tue Jan 22 2013 jengelhAATTinai.de- Executing autoreconf requires autoconf BuildRequire
* Fri Jan 18 2013 pgajdosAATTsuse.com- really hide private Xml
* symbols [bnc#798644]
* modified visibility.patch
* Tue Apr 10 2012 tabrahamAATTnovell.com- update to 2.1.0 - Bug Fixes: [#1742315]: Harmful XML_ParserCreateNS suggestion. [#2895533]: CVE-2012-1147 - Resource leak in readfilemap.c. [#1785430]: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. [#1983953], 2517952, 2517962, 2649838: Build modifications using autoreconf instead of buildconf.sh. [#2815947], #2884086: OBJEXT and EXEEXT support while building. [#1990430]: CVE-2009-3720 - Parser crash with special UTF-8 sequences. [#2517938]: xmlwf should return non-zero exit status if not well-formed. [#2517946]: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. [#2855609]: Dangling positionPtr after error. [#2894085]: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). [#2958794]: CVE-2012-1148 - Memory leak in poolGrow. [#2990652]: CMake support. [#3010819]: UNEXPECTED_STATE with a trailing \"%\" in entity value. [#3206497]: Unitialized memory returned from XML_Parse. [#3287849]: make check fails on mingw-w64. [#3496608]: CVE-2012-0876 - Hash DOS attack. - Patches: [#1749198]: pkg-config support. [#3010222]: Fix for bug #3010819. [#3312568]: CMake support. [#3446384]: Report byte offsets for attr names and values. - New Features / API changes:
* Added new API member XML_SetHashSalt() that allows setting an intial value (salt) for hash calculations. This is part of the fix for bug #3496608 to randomize hash parameters.
* When compiled with XML_ATTR_INFO defined, adds new API member XML_GetAttributeInfo() that allows retrieving the byte offsets for attribute names and values (patch #3446384).
* Added CMake build system. See bug #2990652 and patch #3312568.
* Added run-benchmark target to Makefile.in - relies on testdata module present in the same relative location as in the repository.
* Tue Mar 06 2012 tabrahamAATTnovell.com- update to 2.1.0 beta
* refreshed expat-visibility.patch
* removed obsolete expat-CVE-2009-3560.patch
* removed obsolete expat-CVE-2009-2625.patch - hash table DOS attack fix - accumulated bug fixes and some changes to the build system - new conditional feature to make byte offsets for attributes and attribute names available
* Sun Feb 12 2012 crrodriguezAATTopensuse.org- Put libraries back to %{_libdir}, /usr merge project
* Fri Dec 02 2011 cooloAATTsuse.com- add automake as buildrequire to avoid implicit dependency
* Sun Oct 30 2011 crrodriguezAATTopensuse.org- Hide non public symbols reusing existing win32 API export/imports- annotate malloc/realloc-like functions with attribute alloc_size to catch possible misuses in calling code.
* Sun Sep 18 2011 jengelhAATTmedozas.de- Remove redundant/obsolete tags/sections from specfile (cf. packaging guidelines)- Use %_smp_mflags for parallel build- Add libexpat-devel to baselibs
* Fri Feb 25 2011 prusnakAATTopensuse.org- fix license (MIT) in spec file
* Fri Jan 08 2010 prusnakAATTsuse.cz- fix CVE-2009-3560.patch [bnc#566434]
* Sun Dec 13 2009 jengelhAATTmedozas.de- add baselibs.conf as a source
* Fri Dec 04 2009 prusnakAATTsuse.cz- fix DoS (CVE-2009-3560.patch) [bnc#558892]
* Thu Oct 29 2009 prusnakAATTsuse.cz- fix DoS (CVE-2009-2625.patch) [bnc#550664]
* Sun Apr 05 2009 crrodriguezAATTsuse.de- test suite requires gcc-c++ to compile
  
ICM