Revisions of xerces-c
Ana Guerrero (anag+factory)
accepted
request 1135297
from
Dirk Mueller (dirkmueller)
(revision 26)
- update to 3.2.5 (bsc#1159552, CVE-2018-1311):
* [XERCESC-2163] - XercesMessages_en_US.cat is installed to
wrong directory
* [XERCESC-2188] - Use-after-free on external DTD scan
* [XERCESC-2242] - Non-default curl location breaks autoconf link detection
* Custom HTTP headers missing with CURL NetAccessor
+ ICUTransService and IconvGNUransService CAN NOT deal with
+ Problem in prefix parsing while creating Documnet, Element,
+ Whitespace in xsi:type
+ XMLUTF8Transcoder::transcodeTo fails with an exception when
transcoding single characters that require 3 or more bytes as
+ XMLUni::fgXercesLoadSchema[] is not null-terminated in
+ XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole
+ Xerces livelocks while reading external DTD if socket closes
+ Memory leak occurs if an exception is thrown in
+ DOMDocumentImpl:: getPooledNString(const XMLCh *in,
+ OutOfMemoryException being thrown on creation of an LS
+ TranscodeToStr::transcode throws an exception when
+ ContentSpecNode::getMaxTotalRange: Operator precedence
+ Add support for GNU/Hurd by using POSIX.1-2001 and
+ enumeration value ‘Loop’ not handled in switch
+ Xerces 3.1.1 Xerces.Lib fails to build with new Visual
+ Code analysis revealed multiple potential NULL derefence
+ MacOSUnicodeConverter.cpp: ISO C++ forbids comparison
- Add baselib.conf in order to build -32Bit.
* Check that we have non-NULL host before trying to connect (XERCESC-1920).
* Recover from the mismatching start/end even count which may happen when we continue parsing an invalid document (XERCESC-1919).
* If the transcoder doesn't process any input, throw an exception (XERCESC-1916).
* Delay the recursive expansion of includes until the document fragment has been placed in the final location (XERCESC-1918).
Dominique Leuenberger (dimstar_suse)
accepted
request 1031419
from
Dirk Mueller (dirkmueller)
(revision 25)
- update to 3.2.4: * [XERCESC-2195] - Invalid attribute in .gitattributes file * [XERCESC-2196] - cross-compiling issue * [XERCESC-2214] - Wrong delete[] in MemBufInputSource dtor * [XERCESC-2217] - ICUTranscoder::transcodeFrom buffer overflow * [XERCESC-2218] - CurlURLInputStream constructor memory leak * [XERCESC-2219] - XMLReader constructor: memory leak when refreshRawBuffer() throws * [XERCESC-2221] - InMemMsgLoader::loadMsg(): fix memory leak when transcoding fails * [XERCESC-2222] - DFAContentModel::checkUniqueParticleAttribution(): fix memory leak * [XERCESC-2223] - SAX2XMLReaderImpl::error(): potential memory leak * [XERCESC-2225] - Link to installed CMake targets of CURL * [XERCESC-2227] - Memleak fixes in ContentSpecNode and ComplexTypeInfo classes * [XERCESC-2228] - DFAContentModel: fix memory leaks when OutOfMemoryException occurs * [XERCESC-2229] - IGXMLScanner::scanDocTypeDecl(): fix memory leak on exception * [XERCESC-2230] - DFAContentModel::buildSyntaxTree(): fix memory leaks when OutOfMemoryException occurs * [XERCESC-2235] - DFAContentModel::buildDFA(): correctly zero-initialize fFollowList * [XERCESC-2236] - Dependencies aren't loaded when using provided CMake config package * [XERCESC-2241] - Integer overflows in DFAContentModel class * [XERCESC-2242] - Non-default curl location breaks autoconf link detection
Dominique Leuenberger (dimstar_suse)
accepted
request 826884
from
Dirk Mueller (dirkmueller)
(revision 24)
- update to 3.2.3: * Custom HTTP headers missing with CURL NetAccessor * Type Confusion from DTDGrammar to SchemaGrammar * Patch to build with older GCC * fix build without pthread * XMLUTF8Transcoder: One multibyte UTF8 character is swallowed from the srcData when the resulting surrogate pair does not fit in toFill at the end * Postpone freeing the memory being used by CURL * Memory leak in ValueVectorOf * There is an error in the parameters of the ThreadTtest8 script in Apache xerces-c++ XML's tests/script * Incorrect symbolic links created for Linux static library and MacOS static and shared libraries * invalid windows version check for `onXPOrLater` * Handle surrogate pairs when reading a QName instead of ASSERTing * Janitor.hpp fails to compile on Solaris with Solaris Studio 12.2 and 12.4 * undef symbols on HPUX for ArrayJanitor * DOM tests crash on AIX * XMLChar with NEED_TO_GEN_TABLE has 2 buffer out of bounds reads * Including Xerces_autoconf_config.hpp on Windows fails due to undefined ssize_t
Dominique Leuenberger (dimstar_suse)
accepted
request 773618
from
Tomáš Chvátal (scarabeus_iv)
(revision 23)
- Fixup rpmlint warning about installed Makefiles (forwarded request 773617 from scarabeus_iv)
Dominique Leuenberger (dimstar_suse)
accepted
request 639559
from
Tomáš Chvátal (scarabeus_iv)
(revision 22)
- Fix the libname dependency in devel pkg, typo after libname change - Version update to 3.2.2: * Fixes CVE-2017-12627 bsc#1083630 - Remove the switch to disable SSE2 on i586, we support pentium4 as lowest and that has sse2
Dominique Leuenberger (dimstar_suse)
accepted
request 406725
from
Tomáš Chvátal (scarabeus_iv)
(revision 21)
- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
- Use pkgconfig requires
- Disable "pretty" make to make it bit faster
- Fix the selfobsoleting provides/requires to silence rpmlint
- Use valid group for the docs
- Resolve rpmlint warnings of type "version-control-internal-file"
- Update to 3.1.3
* bug fixes
+ memcpy used on overlapping memory regions causes sanity test failure
+ Typo in XMLUni::fgUnknownURIName constant
+ Buffer overruns in prolog parsing and error handling
- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
- added xerces-c-CVE-2016-2099.patch
Exception handling mistake causing use after free
(bsc#979208, CVE-2016-2099)
- xerces-c-CVE-2016-0729.patch
Fix for mishandling certain kinds of malformed input documents,
resulting in buffer overlows during processing and error reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. (bsc#966822, CVE-2016-0729)
Dominique Leuenberger (dimstar_suse)
accepted
request 334657
from
Ismail Dönmez (namtrac)
(revision 20)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 287041
from
Ismail Dönmez (namtrac)
(revision 19)
1
Stephan Kulow (coolo)
accepted
request 210759
from
Sascha Peilicke (saschpe)
(revision 17)
Add baselibs.conf -- Citrix reciver (ICAclient) needs libxerces-c-3_1-32bit (forwarded request 210742 from Zaitor)
Tomáš Chvátal (scarabeus_factory)
accepted
request 204068
from
Ismail Dönmez (namtrac)
(revision 16)
Disable sse2 instructions on non x86_64 arches, bnc#846539 (forwarded request 204065 from sumski)
Stephan Kulow (coolo)
accepted
request 113453
from
Ismail Dönmez (namtrac)
(revision 12)
update to most recent version (forwarded request 113448 from behrisch)
Stephan Kulow (coolo)
accepted
request 104019
from
Factory Maintainer (factory-maintainer)
(revision 11)
Automatic submission by obs-autosubmit
Adrian Schröter (adrianSuSE)
committed
(revision 9)
Displaying revisions 1 - 20 of 26
