expat
NOTE: Automatically created during Factory devel project migration by admin.
- Sources inherited from project devel:libraries:c_c++
- Devel package for openSUSE:Factory
-
9
derived packages
- Links to openSUSE:Factory / expat
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:redwil:15.4/expat && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
_link | 0000000124 124 Bytes | |
baselibs.conf | 0000000179 179 Bytes | |
expat-2.6.0.tar.xz | 0000483448 472 KB | |
expat-2.6.0.tar.xz.asc | 0000000833 833 Bytes | |
expat.changes | 0000050960 49.8 KB | |
expat.keyring | 0000015002 14.7 KB | |
expat.spec | 0000004005 3.91 KB | |
expatfaq.html | 0000003117 3.04 KB |
Revision 106 (latest revision is 113)
- Update keyring automatically from keyserver during OBS service run. - Explicitly use --without-docbook (before it was implicit). - Include missing files for documentation and examples. - Add manpage for xmlwf, which is not available in the release tarball. - Clean the spec file a bit. - Update to 2.6.0: * Security fixes: - CVE-2023-52425 (boo#1219559) -- Fix quadratic runtime issues with big tokens that can cause denial of service, in partial where dealing with compressed XML input. Applications that parsed a document in one go -- a single call to functions XML_Parse or XML_ParseBuffer -- were not affected. The smaller the chunks/buffers you use for parsing previously, the bigger the problem prior to the fix. Backporters should be careful to no omit parts of pull request #789 and to include earlier pull request #771, in order to not break the fix. - CVE-2023-52426 (boo#1219561) -- Fix billion laughs attacks for users compiling *without* XML_DTD defined (which is not common). Users with XML_DTD defined have been protected since Expat >=2.4.0 (and that was CVE-2013-0340 back then). * Bug fixes: - Fix parse-size-dependent "invalid token" error for external entities that start with a byte order mark - Fix NULL pointer dereference in setContext via XML_ExternalEntityParserCreate for compilation with XML_DTD undefined - Protect against closing entities out of order
Comments 0