Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory:PowerPC:Rings:1-MinimalX
xerces-c
xerces-c.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xerces-c.changes of Package xerces-c
------------------------------------------------------------------- Fri Nov 1 12:01:55 UTC 2024 - pgajdos@suse.com - version update to 3.3.0 * no upstream changelog found, from git log: * Add functions/properties for disallowing DOCTYPE (DTD) in SAX parsers * XERCESC-2188 - Use-after-free on external DTD scan (CVE-2018-1311) * Omit unnecessary getenv() call if DTD is disabled programmatically * Fix NetAccessorTest to exit with non-zero status in case of error - modified sources % baselibs.conf ------------------------------------------------------------------- Wed Sep 11 19:08:46 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com> - Enable gnuiconv transcoder, permanent fix for bsc#1223088. ------------------------------------------------------------------- Wed Dec 27 11:53:10 UTC 2023 - Dirk Müller <dmueller@suse.com> - update to 3.2.5 (bsc#1159552, CVE-2018-1311): * [XERCESC-2163] - XercesMessages_en_US.cat is installed to wrong directory * [XERCESC-2188] - Use-after-free on external DTD scan ------------------------------------------------------------------- Wed Oct 26 22:33:32 UTC 2022 - Dirk Müller <dmueller@suse.com> - update to 3.2.4: * [XERCESC-2195] - Invalid attribute in .gitattributes file * [XERCESC-2196] - cross-compiling issue * [XERCESC-2214] - Wrong delete[] in MemBufInputSource dtor * [XERCESC-2217] - ICUTranscoder::transcodeFrom buffer overflow * [XERCESC-2218] - CurlURLInputStream constructor memory leak * [XERCESC-2219] - XMLReader constructor: memory leak when refreshRawBuffer() throws * [XERCESC-2221] - InMemMsgLoader::loadMsg(): fix memory leak when transcoding fails * [XERCESC-2222] - DFAContentModel::checkUniqueParticleAttribution(): fix memory leak * [XERCESC-2223] - SAX2XMLReaderImpl::error(): potential memory leak * [XERCESC-2225] - Link to installed CMake targets of CURL * [XERCESC-2227] - Memleak fixes in ContentSpecNode and ComplexTypeInfo classes * [XERCESC-2228] - DFAContentModel: fix memory leaks when OutOfMemoryException occurs * [XERCESC-2229] - IGXMLScanner::scanDocTypeDecl(): fix memory leak on exception * [XERCESC-2230] - DFAContentModel::buildSyntaxTree(): fix memory leaks when OutOfMemoryException occurs * [XERCESC-2235] - DFAContentModel::buildDFA(): correctly zero-initialize fFollowList * [XERCESC-2236] - Dependencies aren't loaded when using provided CMake config package * [XERCESC-2241] - Integer overflows in DFAContentModel class * [XERCESC-2242] - Non-default curl location breaks autoconf link detection ------------------------------------------------------------------- Sat Aug 15 19:33:22 UTC 2020 - Dirk Mueller <dmueller@suse.com> - update to 3.2.3: * Custom HTTP headers missing with CURL NetAccessor * Type Confusion from DTDGrammar to SchemaGrammar * Patch to build with older GCC * fix build without pthread * XMLUTF8Transcoder: One multibyte UTF8 character is swallowed from the srcData when the resulting surrogate pair does not fit in toFill at the end * Postpone freeing the memory being used by CURL * Memory leak in ValueVectorOf * There is an error in the parameters of the ThreadTtest8 script in Apache xerces-c++ XML's tests/script * Incorrect symbolic links created for Linux static library and MacOS static and shared libraries * invalid windows version check for `onXPOrLater` * Handle surrogate pairs when reading a QName instead of ASSERTing * Janitor.hpp fails to compile on Solaris with Solaris Studio 12.2 and 12.4 * undef symbols on HPUX for ArrayJanitor * DOM tests crash on AIX * XMLChar with NEED_TO_GEN_TABLE has 2 buffer out of bounds reads * Including Xerces_autoconf_config.hpp on Windows fails due to undefined ssize_t ------------------------------------------------------------------- Wed Feb 12 08:44:26 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> - Fixup rpmlint warning about installed Makefiles ------------------------------------------------------------------- Tue Oct 2 10:01:02 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com> - Fix the libname dependency in devel pkg, typo after libname change ------------------------------------------------------------------- Thu Sep 27 06:47:42 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com> - Version update to 3.2.2: * Fixes CVE-2017-12627 bsc#1083630 - Remove the switch to disable SSE2 on i586, we support pentium4 as lowest and that has sse2 ------------------------------------------------------------------- Tue Jul 5 11:59:36 UTC 2016 - tchvatal@suse.com - Version update to 3.1.4: * Fixes bnc#985860 CVE-2016-4463 * xerces-c-CVE-2016-2099.patch removed as it was included upstream ------------------------------------------------------------------- Mon Jun 27 12:07:47 UTC 2016 - tchvatal@suse.com - Use pkgconfig requires - Disable "pretty" make to make it bit faster - Fix the selfobsoleting provides/requires to silence rpmlint - Use valid group for the docs ------------------------------------------------------------------- Wed Jun 22 14:02:13 UTC 2016 - jengelh@inai.de - Resolve rpmlint warnings of type "version-control-internal-file" ------------------------------------------------------------------- Mon Jun 21 11:00:01 CEST 2016 - zawel1@gmail.com - Update to 3.1.3 * bug fixes + memcpy used on overlapping memory regions causes sanity test failure + Typo in XMLUni::fgUnknownURIName constant + Buffer overruns in prolog parsing and error handling - Dropped xerces-c-CVE-2016-0729.patch, fixed upstream. ------------------------------------------------------------------- Thu Jun 16 15:43:53 UTC 2016 - pjanouch@suse.de - added xerces-c-CVE-2016-2099.patch Exception handling mistake causing use after free (bsc#979208, CVE-2016-2099) - xerces-c-CVE-2016-0729.patch Fix for mishandling certain kinds of malformed input documents, resulting in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. (bsc#966822, CVE-2016-0729) ------------------------------------------------------------------- Mon Sep 28 16:19:17 UTC 2015 - mpluskal@suse.com - Update to 3.1.2 * bug fixes + Wrong temporary token type causes regex construction to fail + IGXMLScanner can fail to properly set its XSModel. + ICUTransService and IconvGNUransService CAN NOT deal with huge file. + xsi:type is not applied to root element + Problem in prefix parsing while creating Documnet, Element, Attributes on all platforms : Issue is in poolString creation + Whitespace in xsi:type + XMLUTF8Transcoder::transcodeTo fails with an exception when transcoding single characters that require 3 or more bytes as UTF8. + getWholeText leaks memory + Missing Libs.private in the xerces-c pkg-config file + XMLUni::fgXercesLoadSchema[] is not null-terminated in XMLUni.cpp + XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole alphabet + Xerces livelocks while reading external DTD if socket closes prematurely + Memory leak occurs if an exception is thrown in TranscodeToStr or TranscodeFromStr constructors + DOMDocumentImpl:: getPooledNString(const XMLCh *in, XMLSize_t n) returns incorrect string + OutOfMemoryException being thrown on creation of an LS Serializer + TranscodeToStr::transcode throws an exception when transcoding to UTF-8 + ContentSpecNode::getMaxTotalRange: Operator precedence flaw + Add support for GNU/Hurd by using POSIX.1-2001 and POSIX.1-2008 functions + enumeration value ‘Loop’ not handled in switch src/SEnumVal/SEnumVal.cpp: + bit operation error in DOMNodeImpl::reverseTreeOrderBitPattern + build xerces-c with icu on mingw gcc 4.7.2 + Xerces 3.1.1 Xerces.Lib fails to build with new Visual Studio 2012 Update 1 when v110_xp platform is chosen + Off-by-one error in TranscodeFromStr (with ICU) + Use icu, which is built with features + LocalFileFormatTarget leaks file handle + Curl Checking + Janitor<BinInputStream>::~Janitor() throws in unwind + String pooling in DOMDocumentImpl is unsafe, particularly on 64-bit platforms + Code analysis revealed multiple potential NULL derefence conditions (currently unconfirmed) + XMLString sizeToText/binToText produce mixed case + Crash while parsing malformed documents * improvements + MacOSUnicodeConverter.cpp: ISO C++ forbids comparison between pointer of type 'void *' and pointer-to-function + Allow compiling Xerces-C using C++11 (especially Clang) + VS2012 Project ------------------------------------------------------------------- Thu Feb 19 12:39:37 UTC 2015 - mpluskal@suse.com - Use url for source - Add gpg signature - Use fdupes to remove duplicities in documentation - Split documentation into separate package - Use curl as netaccessor, necessary for proxy support ------------------------------------------------------------------- Thu Dec 12 21:58:01 UTC 2013 - zaitor@opensuse.org - Add baselib.conf in order to build -32Bit. ------------------------------------------------------------------- Sun Oct 20 21:38:44 UTC 2013 - hrvoje.senjan@gmail.com - Disable sse2 instructions on non x86_64 arches, bnc#846539 ------------------------------------------------------------------- Fri Apr 13 17:58:48 UTC 2012 - behrisch@users.sourceforge.net - updated to 3.1.1 * Check that we have non-NULL host before trying to connect (XERCESC-1920). * Recover from the mismatching start/end even count which may happen when we continue parsing an invalid document (XERCESC-1919). * If the transcoder doesn't process any input, throw an exception (XERCESC-1916). * Delay the recursive expansion of includes until the document fragment has been placed in the final location (XERCESC-1918). * The code formatting a content model was skipping the cardinality indicators (*, +, ?) (XERCESC-1914). * Fix a few bugs and memory leaks in XInclude code. * Give proper name to 64-bit PDB file in static build (XERCESC-1907). * Spelling fixes (XERCESC-1911). * Don't include cpuid.h if we are using intrin.h (XERCESC-1912). * Fix socket leak. * Set scanner object on validation context. Needed during QName validation. Don't re-validate default/fixed values in preContentValidation when called from loadGrammar. This values are already validated in TraverseSchema. * Remove explicit setting of prefix for cloned elements and attributes since it is done properly by the create*() functions (XERCESC-1913). * Initializing unitialized variables in TranscodeToStr and TranscodeFromStr (#XERCESC-1858). * Fixed a bug when transcoding small strings using TranscodeToStr (XERCESC-1858). ------------------------------------------------------------------- Sat Jan 28 22:15:56 UTC 2012 - jengelh@medozas.de - Remove redundant tags/sections per specfile guideline suggestions - Parallel building using %_smp_mflags - Restore missing pkgconfig provides ------------------------------------------------------------------- Wed Oct 7 15:04:42 CEST 2009 - prusnak@suse.cz - fix provides and obsoletes [bnc#544957] ------------------------------------------------------------------- Thu Aug 13 16:16:03 CEST 2009 - prusnak@suse.cz - fix CVE-2009-1885 (CVE-2009-1885.patch) [bnc#530708] ------------------------------------------------------------------- Tue Mar 10 13:04:32 CET 2009 - prusnak@suse.cz - updated to 3.0.1 * More robust handling of leading/trailing whitespaces (XERCESC-1838). * Minor documentation updates, including a fix for XERCESC-1848. * Add --disable-rpath configure option. * Remove class name from method declaration (XERCESC-1850). * Fix a bug in the socket and winsock net accessors when a redirection response does not contain a "Location" header. * Make XMLMutex use the correct MemoryManager when it closes it's mutex. * Documentation fixes (XERCESC-1841). * Backport fixes for memory leaks. * Alberto Massari Force Borland projects to use CRLF EOL. * The wrong constructor was called, causing a memory leak (XERCESC-1840). * Fix memory leak (XERCESC-1834). * Update URLs in source code to point to the new pages. ------------------------------------------------------------------- Tue Mar 10 11:23:16 CET 2009 - prusnak@suse.cz - updated to 3.0.0 * changes too numerous to list - removed obsoleted patch: * lib64.patch * optflags.patch ------------------------------------------------------------------- Mon Aug 18 13:46:40 CEST 2008 - prusnak@suse.cz - add -DNDEBUG to opt_flags ------------------------------------------------------------------- Mon Aug 18 00:57:38 CEST 2008 - ro@suse.de - disable parallel build for now, breaks ------------------------------------------------------------------- Thu Aug 14 16:14:35 CEST 2008 - prusnak@suse.cz - cleaned spec file (and renamed libXerces-c-28 to libXerces-c28) ------------------------------------------------------------------- Mon Apr 7 18:41:17 CEST 2008 - zpetrova@suse.CZ - update to version 2.8.0 - this version should fix large number of bugs. - Exponential growth of memory block (from 16KB to 128KB) that are allocated by the DOM heap. - The NODE_CLONED notification is now sent to each node's user data handler when cloning the entire DOMDocument. - Allow whitespace-only nodes to be added as children of a DOMDocument. - When a node is cloned or imported the type information (PSVI) is also copied. ------------------------------------------------------------------- Tue Dec 18 16:55:18 CET 2007 - zpetrova@suse.cz - fixed Required field for libXerces-c-27 ------------------------------------------------------------------- Tue Aug 7 00:19:23 CEST 2007 - mrueckert@suse.de - fixed file section for the devel package - %post* scriptlets for ldconfig ------------------------------------------------------------------- Mon Aug 6 22:12:13 CEST 2007 - mrueckert@suse.de - added provides/obsoletes for the package rename ------------------------------------------------------------------- Mon Aug 6 09:45:51 CEST 2007 - zpetrova@suse.cz - branch/rename package according to Share library guidelines. ------------------------------------------------------------------- Wed Jan 25 21:34:03 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Mon Jan 16 21:08:22 CET 2006 - zpetrova@suse.cz - added -fno-strict-aliasing. ------------------------------------------------------------------- Wed Jan 11 09:50:07 CET 2006 - zpetrova@suse.cz - update to 2.7.0 ------------------------------------------------------------------- Fri Sep 9 11:30:56 CEST 2005 - zpetrova@suse.cz - endelementfix.patch - namespace bug (#114685) ------------------------------------------------------------------- Tue Jan 11 15:38:15 CET 2005 - didge@suse.de - update to 2.6.0 - build with icu libraries - did some cleanup ------------------------------------------------------------------- Thu Mar 18 16:34:05 CET 2004 - didge@suse.de - fixed bug #36229 with patch, provided there ------------------------------------------------------------------- Mon Feb 23 12:11:31 CET 2004 - didge@suse.de - update to 2.5.0 ------------------------------------------------------------------- Sat Jan 17 16:33:13 CET 2004 - meissner@suse.de - added missing include to fix gcc3.4 build. ------------------------------------------------------------------- Sun Jan 4 18:10:01 CET 2004 - nashif@suse.de - update to 2.4.0 ------------------------------------------------------------------- Tue Aug 26 19:46:30 CEST 2003 - nashif@suse.de - Reduced docs ------------------------------------------------------------------- Sun Jul 27 16:49:28 CEST 2003 - nashif@suse.de - update to version 2.3.0 ------------------------------------------------------------------- Tue May 27 22:59:54 CEST 2003 - nashif@suse.de - Removed CVS files ------------------------------------------------------------------- Fri May 16 05:11:33 CEST 2003 - nashif@suse.de - update to version 2.2.0 ------------------------------------------------------------------- Mon Jan 20 05:57:41 CET 2003 - nashif@suse.de - update to version 2.1.0 ------------------------------------------------------------------- Fri May 17 03:07:38 CEST 2002 - nashif@suse.de - lib64 problems fixed: Now build on all architectures ------------------------------------------------------------------- Wed May 15 07:25:48 CEST 2002 - nashif@suse.de - Java not needed for build ------------------------------------------------------------------- Fri Apr 5 15:37:50 CEST 2002 - nashif@suse.de - Update to 1.70 ------------------------------------------------------------------- Tue Dec 11 13:30:21 CET 2001 - nashif@suse.de - Update to version 1.60 ------------------------------------------------------------------- Mon Oct 29 06:22:40 CET 2001 - nashif@suse.de - Update to latest version: 1.5.2 - Among others, this release contains the following fixes and new features: - Schema support - DatatypeValidator support - XMLDeleterFor related functions and data are removed. Replace with XMLRegisterCleanup. - Various bug fixes related to runConfigure - Comment outside root element should also be reported. - Added U+0110 to XMLEBCDICTranscoder.cpp's "Unicode to IBM037" translation table. - Add "Base64::encode" for encoding binary data. - Performance: Use XMLBufBid instead of XMLBuffer directly for better performance. ------------------------------------------------------------------- Mon Oct 1 07:35:08 CEST 2001 - nashif@suse.de - Created sub-package doc ------------------------------------------------------------------- Fri Aug 31 10:07:29 CEST 2001 - nashif@suse.de - Update to version 1.5.1 - This release includes various bug fixes and Schema support ------------------------------------------------------------------- Tue May 8 01:57:00 CEST 2001 - mfabian@suse.de - bzip2 sources ------------------------------------------------------------------- Tue Feb 27 15:29:13 MET 2001 - rolf@suse.de - initial package 1.4.0 with devel subpackage
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor