Revisions of libxml2
Stefan Weiberg (suntorytimed)
committed
(revision 4)
- Security fix: [bsc#1196490, CVE-2022-23308] * Use-after-free of ID and IDREF attributes. - Add libxml2-CVE-2022-23308.patch
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 3)
Upgrade package in SLE-15-SP4 (jsc#SLE-16747)
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 2)
- Update to version 2.9.12 in SLE-15-SP4 [jsc#SLE-21255]
* Drop patches fixed upstream:
- libxml2-CVE-2018-14404.patch
- libxml2-CVE-2018-14567.patch
- Fix python-lxml regression with libxml2 2.9.12:
* Work around lxml API abuse:
gitlab.gnome.org/GNOME/libxml2/issues/255
- Add upstream patches:
* libxml2-fix-lxml-corrupted-subtree-structures.patch
* libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch
- Update to version 2.9.12
* Fix CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517,
CVE-2021-3516, CVE-2020-7595, CVE-2019-20388, CVE-2020-24977,
and CVE-2019-19956
* Fix null deref in legacy SAX1 parser
* Fix handling of unexpected EOF in xmlParseContent
* Fix user-after-free
* Validate UTF8 in xmlEncodeEntities
* Fix memory leak in xmlParseElementMixedContentDecl
* Fix integer overflow in xmlSchemaGetParticleTotalRangeMin
* Fix SEGV in xmlSAXParseFileWithData
* Don't process siblings of root in xmlXIncludeProcess
* Full changes: http://xmlsoft.org/news.html
- Drop upstream fixed
* libxml2-CVE-2021-3541.patch
* libxml2-CVE-2021-3537.patch
* libxml2-CVE-2021-3518.patch
* libxml2-CVE-2021-3517.patch
Displaying all 4 revisions
