mirror of
https://gitlab.gnome.org/GNOME/libxml2.git
synced 2025-03-10 08:58:16 +03:00
2960178fe8
* configure.ac, doc/xslt.html: updated for the release * doc/*, python/setup.py, testapi.c: regenerated
103 lines
6.5 KiB
XML
103 lines
6.5 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE xsa PUBLIC "-//LM Garshol//DTD XML Software Autoupdate 1.0//EN//XML" "http://www.garshol.priv.no/download/xsa/xsa.dtd">
|
|
<xsa>
|
|
<vendor>
|
|
<name>Daniel Veillard</name>
|
|
<email>daniel@veillard.com</email>
|
|
<url>http://veillard.com/</url>
|
|
</vendor>
|
|
<product id="libxml2">
|
|
<name>libxml2</name>
|
|
<version>2.9.4</version>
|
|
<last-release> May 23 2016</last-release>
|
|
<info-url>http://xmlsoft.org/</info-url>
|
|
<changes> - Security:
|
|
More format string warnings with possible format string vulnerability (David Kilzer),
|
|
Avoid building recursive entities (Daniel Veillard),
|
|
Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde),
|
|
Heap-based buffer-underreads due to xmlParseName (David Kilzer),
|
|
Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde),
|
|
Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde),
|
|
Fix some format string warnings with possible format string vulnerability (David Kilzer),
|
|
Detect change of encoding when parsing HTML names (Hugh Davenport),
|
|
Fix inappropriate fetch of entities content (Daniel Veillard),
|
|
Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde),
|
|
Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde),
|
|
Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer),
|
|
Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde),
|
|
Add missing increments of recursion depth counter to XML parser. (Peter Simons)
|
|
|
|
- Documentation:
|
|
Fix typo: s{ ec -> cr }cipt (Jan Pokorný),
|
|
Fix typos: dictio{ nn -> n }ar{y,ies} (Jan Pokorný),
|
|
Fix typos: PATH_{ SEAPARATOR -> SEPARATOR } (Jan Pokorný),
|
|
Correct a typo. (Shlomi Fish)
|
|
|
|
- Portability:
|
|
Correct the usage of LDFLAGS (Mattias Hansson),
|
|
Revert the use of SAVE_LDFLAGS in configure.ac (Mattias Hansson),
|
|
libxml2 hardcodes -L/lib in zlib/lzma tests which breaks cross-compiles (Mike Frysinger),
|
|
Fix apibuild for a recently added construct (Daniel Veillard),
|
|
Use pkg-config to locate zlib when possible (Stewart Brodie),
|
|
Use pkg-config to locate ICU when possible (Stewart Brodie),
|
|
Portability to non C99 compliant compilers (Patrick Monnerat),
|
|
dict.h: Move xmlDictPtr definition before includes to allow direct inclusion. (Patrick Monnerat),
|
|
os400: tell about xmllint and xmlcatalog in README400. (Patrick Monnerat),
|
|
os400: properly process SGML add in XMLCATALOG command. (Patrick Monnerat),
|
|
os400: implement CL command XMLCATALOG. (Patrick Monnerat),
|
|
os400: compile and install program xmlcatalog (qshell-only). (Patrick Monnerat),
|
|
os400: expand tabs in sources, strip trailing blanks. (Patrick Monnerat),
|
|
os400: implement CL command XMLLINT. (Patrick Monnerat),
|
|
os400: compile and install program xmllint (qshell-only). (Patrick Monnerat),
|
|
os400: initscript make_module(): Use options instead of positional parameters. (Patrick Monnerat),
|
|
os400: c14n.rpgle: allow *omit for nullable reference parameters. (Patrick Monnerat),
|
|
os400: use like() for double type. (Patrick Monnerat),
|
|
os400: use like() for int type. (Patrick Monnerat),
|
|
os400: use like() for unsigned int type. (Patrick Monnerat),
|
|
os400: use like() for enum types. (Patrick Monnerat),
|
|
Add xz to xml2-config --libs output (Baruch Siach),
|
|
Bug 760190: configure.ac should be able to build --with-icu without icu-config tool <https://bugzilla.gnome.org/show_bug.cgi?id=760190> (David Kilzer),
|
|
win32\VC10\config.h and VS 2015 (Bruce Dawson),
|
|
Add configure maintainer mode (orzen)
|
|
|
|
- Bug Fixes:
|
|
Avoid an out of bound access when serializing malformed strings (Daniel Veillard),
|
|
Unsigned addition may overflow in xmlMallocAtomicLoc() (David Kilzer),
|
|
Integer signed/unsigned type mismatch in xmlParserInputGrow() (David Kilzer),
|
|
Bug 763071: heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071> (Pranjal Jumde),
|
|
Integer overflow parsing port number in URI (Michael Paddon),
|
|
Fix an error with regexp on nullable counted char transition (Daniel Veillard),
|
|
Fix memory leak with XPath namespace nodes (Nick Wellnhofer),
|
|
Fix namespace axis traversal (Nick Wellnhofer),
|
|
Fix null pointer deref in docs with no root element (Hugh Davenport),
|
|
Fix XSD validation of URIs with ampersands (Alex Henrie),
|
|
xmlschemastypes.c: accept endOfDayFrag Times set to "24:00:00" mean "end of day" and should not cause an error. (Patrick Monnerat),
|
|
xmlcatalog: flush stdout before interactive shell input. (Patrick Monnerat),
|
|
xmllint: flush stdout before interactive shell input. (Patrick Monnerat),
|
|
Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression (Nick Wellnhofer),
|
|
Fix namespace::node() XPath expression (Nick Wellnhofer),
|
|
Fix OOB write in xmlXPathEmptyNodeSet (Nick Wellnhofer),
|
|
Fix parsing of NCNames in XPath (Nick Wellnhofer),
|
|
Fix OOB read with invalid UTF-8 in xmlUTF8Strsize (Nick Wellnhofer),
|
|
Do normalize string-based datatype value in RelaxNG facet checking (Audric Schiltknecht),
|
|
Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix for "xmlSaveUri() incorrectly recomposes URIs with rootless paths" <https://bugzilla.gnome.org/show_bug.cgi?id=760921> (David Kilzer),
|
|
Bug 760861: REGRESSION (bf9c1dad): Missing results for test/schemas/regexp-char-ref_[01].xsd <https://bugzilla.gnome.org/show_bug.cgi?id=760861> (David Kilzer),
|
|
error.c: *input->cur == 0 does not mean no error (Pavel Raiskup),
|
|
Add missing RNG test files (David Kilzer),
|
|
Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer <https://bugzilla.gnome.org/show_bug.cgi?id=760183> (David Kilzer),
|
|
Bug 758572: ASAN crash in make check <https://bugzilla.gnome.org/show_bug.cgi?id=758572> (David Kilzer),
|
|
Bug 721158: Missing ICU string when doing --version on xmllint <https://bugzilla.gnome.org/show_bug.cgi?id=721158> (David Kilzer),
|
|
python 3: libxml2.c wrappers create Unicode str already (Michael Stahl),
|
|
Add autogen.sh to distrib (orzen),
|
|
Heap-based buffer overread in xmlNextChar (Daniel Veillard)
|
|
|
|
- Improvements:
|
|
Add more debugging info to runtest (Daniel Veillard),
|
|
Implement "runtest -u" mode (David Kilzer),
|
|
Add a make rule to rebuild for ASAN (Daniel Veillard)
|
|
|
|
|
|
</changes>
|
|
</product>
|
|
</xsa>
|