------------------------------------------------------------------- Wed Apr 28 16:24:13 UTC 2021 - Pedro Monreal - Security fix: [bsc#1185408, CVE-2021-3518] * Fix use-after-free in xinclude.c:xmlXIncludeDoProcess() * Add libxml2-CVE-2021-3518.patch ------------------------------------------------------------------- Wed Apr 28 16:23:42 UTC 2021 - Pedro Monreal - Security fix: [bsc#1185410, CVE-2021-3517] * Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3517.patch ------------------------------------------------------------------- Wed Apr 28 15:38:46 UTC 2021 - Pedro Monreal - Security fix: [bsc#1185409, CVE-2021-3516] * Fix use-after-free in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3516.patch ------------------------------------------------------------------- Wed Nov 25 09:07:36 UTC 2020 - Pedro Monreal - Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch ------------------------------------------------------------------- Mon Sep 7 08:12:29 UTC 2020 - Pedro Monreal - Security fix: [bsc#1176179, CVE-2020-24977] * xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal - Add patch libxml2-CVE-2020-24977.patch ------------------------------------------------------------------- Wed May 27 12:09:35 UTC 2020 - Pedro Monreal Gonzalez - Fix invalid xmlns references since the fix for CVE-2019-19956 [bsc#1172021] - Remove libxml2-CVE-2019-19956.patch ------------------------------------------------------------------- Fri Feb 28 18:36:53 UTC 2020 - Pedro Monreal Gonzalez - Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch ------------------------------------------------------------------- Wed Jan 22 11:16:39 UTC 2020 - Pedro Monreal Gonzalez - Security fix: [bsc#1161517, CVE-2020-7595] * xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation - Add libxml2-CVE-2020-7595.patch ------------------------------------------------------------------- Thu Jan 2 12:01:22 UTC 2020 - Pedro Monreal Gonzalez - Security fix: [bsc#1159928, CVE-2019-19956] * Memory leak related to newDoc->oldNs in xmlParseBalancedChunkMemoryRecover:parser.c - Add libxml2-CVE-2019-19956.patch ------------------------------------------------------------------- Wed Aug 28 16:44:17 UTC 2019 - Pedro Monreal Gonzalez - Synchronize changelog files for libxml2 and python-libxml2-python [bsc#1123919] ------------------------------------------------------------------- Thu Jul 4 08:52:14 UTC 2019 - Pedro Monreal Gonzalez - Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit when processing large XML files [bsc#1135123] * Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch ------------------------------------------------------------------- Mon Jan 28 02:06:50 UTC 2019 - mgorse@suse.com - Add libxml2-python3-string-null-check.patch: fix NULL pointer dereference when parsing invalid data (bsc#1065270 glgo#libxml2!15).). ------------------------------------------------------------------- Wed Sep 5 15:48:36 UTC 2018 - pmonrealgonzalez@suse.com - Security fix: [bsc#1088279, CVE-2018-9251][bsc#1105166, CVE-2018-14567] * Infinite loop in LZMA decompression * Fixes CVE-2018-9251 introduced by CVE-2017-18258 * Added libxml2-CVE-2018-14567.patch ------------------------------------------------------------------- Wed Sep 5 13:46:59 UTC 2018 - pmonrealgonzalez@suse.com - Security fix [bsc#1102046, CVE-2018-14404] * NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service * Added libxml2-CVE-2018-14404.patch ------------------------------------------------------------------- Sat Nov 11 15:31:50 UTC 2017 - aavindraa@gmail.com - Version update to 2.9.7 release: * Bug Fixes: + xmlcatalog: restore ability to query system catalog easily + Fix comparison of nodesets to strings * Improvements: + Add Makefile rules to rebuild HTML man pages + Remove generated file python/setup.py from version control + Fix mixed decls and code in timsort.h + Rework handling of return values in thread tests + Fix unused variable warnings in testrecurse + Fix -Wimplicit-fallthrough warnings + Upgrade timsort.h to latest revision + Fix a couple of warnings in dict.c and threads.c + Fix unused variable warnings in nanohttp.c + Don't include winsock2.h in xmllint.c + Use __linux__ macro in generated code * Portability: + Add declaration for DllMain + Fix preprocessor conditional in threads.h + Fix macro redefinition warning + many Windows specific improvements * Documentation: + xmlcatalog: refresh man page wrt. quering system catalog easily - Includes bug fixes from 2.9.6: * Fix XPath stack frame logic * Report undefined XPath variable error message * Fix regression with librsvg * Handle more invalid entity values in recovery mode * Fix structured validation errors * Fix memory leak in LZMA decompressor * Set memory limit for LZMA decompression * Handle illegal entity values in recovery mode * Fix debug dump of streaming XPath expressions * Fix memory leak in nanoftp * Fix memory leaks in SAX1 parser - Drop libxml2-bug787941.patch * upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8 ------------------------------------------------------------------- Sat Nov 11 15:30:27 UTC 2017 - aavindraa@gmail.com - clean with spec-cleaner ------------------------------------------------------------------- Thu Oct 26 14:10:55 UTC 2017 - jmatejek@suse.com - libxml2-python3-unicode-errors.patch: work around an issue with libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270) ------------------------------------------------------------------- Mon Oct 2 15:59:57 UTC 2017 - jmatejek@suse.com - convert to singlespec, build a python 3 version - change build instructions to use setup.py (and %python_build macros) instead of makefile-based approach - add python3.6-verify_fd.patch that fixes libxml2 on python 3.6 - rename to python-libxml2-python to conform to package naming policy (PyPI name is "libxml2-python") ------------------------------------------------------------------- Thu Sep 21 14:19:56 UTC 2017 - jengelh@inai.de - Update package summaries and RPM groups. Trim descriptions for size on secondary subpackages. Replace install call by a commonly-used macro. ------------------------------------------------------------------- Thu Sep 21 14:05:29 UTC 2017 - tchvatal@suse.com - Add patch to fix TW integration: * libxml2-bug787941.patch ------------------------------------------------------------------- Sun Sep 10 09:54:07 UTC 2017 - tchvatal@suse.com - Version update to 2.9.5 release: * Merged all the previous cve fixes that were patched in * Few small tweaks - Remove merged patches: * libxml2-CVE-2016-4658.patch * libxml2-CVE-2017-0663.patch * libxml2-CVE-2017-5969.patch * libxml2-CVE-2017-9047.patch * libxml2-CVE-2017-9048.patch * libxml2-CVE-2017-9049.patch * libxml2-2.9.4-fix_attribute_decoding.patch ------------------------------------------------------------------- Thu Jun 15 13:12:25 UTC 2017 - pmonrealgonzalez@suse.com - Security fix: * libxml2-CVE-2017-0663.patch [bsc#1044337, CVE-2017-0663] * Fix Heap buffer overflow in xmlAddID ------------------------------------------------------------------- Wed Jun 14 14:15:38 UTC 2017 - pmonrealgonzalez@suse.com - Security fix: * libxml2-CVE-2017-5969.patch [bsc#1024989, CVE-2017-5969] * Fix NULL pointer deref in xmlDumpElementContent ------------------------------------------------------------------- Mon May 22 15:42:43 UTC 2017 - pmonrealgonzalez@suse.com - Security fixes: * libxml2-CVE-2017-9049.patch [bsc#1039066] * heap-based buffer overflow (xmlDictComputeFastKey func) * libxml2-CVE-2017-9048.patch [bsc#1039063] * stack overflow vulnerability (xmlSnprintfElementContent func) * libxml2-CVE-2017-9047.patch [bsc#1039064] * stack overflow vulnerability (xmlSnprintfElementContent func) ------------------------------------------------------------------- Tue Mar 7 11:42:23 UTC 2017 - pmonrealgonzalez@suse.com - Added libxml2-CVE-2016-4658.patch: Disallow namespace nodes in XPointer ranges. Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges [bsc#1005544] [CVE-2016-4658] ------------------------------------------------------------------- Wed Jun 8 12:20:43 UTC 2016 - kstreitova@suse.com - add libxml2-2.9.4-fix_attribute_decoding.patch to fix attribute decoding during XML schema validation [bnc#983288] ------------------------------------------------------------------- Fri May 27 14:22:55 UTC 2016 - psimons@suse.com - Update libxml2 to version libxml2-2.9.4. The new version is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835, CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838, CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and CVE-2016-1762. - Remove obsolete patches libxml2-2.9.1-CVE-2016-3627.patch, 0001-Add-missing-increments-of-recursion-depth-counter-to.patch, and libxml2-2.9.3-bogus_UTF-8_encoding_error.patch. ------------------------------------------------------------------- Fri May 20 14:59:32 UTC 2016 - kstreitova@suse.com - add libxml2-2.9.3-bogus_UTF-8_encoding_error.patch to fix XML push parser that fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer [bnc#962796] ------------------------------------------------------------------- Tue May 3 11:40:42 UTC 2016 - sflees@suse.de - Add libxml2-2.9.1-CVE-2016-3627.patch to fix stack exhaustion while parsing certain XML files in recovery mode (CVE-2016-3627, bnc#972335). - Add 0001-Add-missing-increments-of-recursion-depth-counter-to.patch to improve protection against Billion Laughs Attack (bnc#975947). ------------------------------------------------------------------- Tue Nov 24 16:12:35 UTC 2015 - rpm@fthiessen.de - Update to new upstream release 2.9.3 (bsc#954429): * Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819, CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500 and CVE-2015-8242 * And other bugfixes - Removed upstream fixed patches: * libxml2-dont_initialize_catalog.patch * 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch * 0002-Adding-example-from-bugs-738805-to-regression-tests.patch ------------------------------------------------------------------- Mon Nov 3 17:13:24 UTC 2014 - vcizek@suse.com - fix a missing entities after CVE-2014-3660 fix (https://bugzilla.gnome.org/show_bug.cgi?id=738805) * added patches: 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch 0002-Adding-example-from-bugs-738805-to-regression-tests.patch ------------------------------------------------------------------- Mon Nov 3 10:01:23 UTC 2014 - vcizek@suse.com - fix a regression in libxml2 2.9.2 * https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - add libxml2-dont_initialize_catalog.patch ------------------------------------------------------------------- Fri Oct 31 10:55:27 UTC 2014 - vcizek@suse.com - update to 2.9.2 * drop libxml2-CVE-2014-3660.patch (upstream) * add keyring to verify tarball Security: Fix for CVE-2014-3660 billion laugh variant CVE-2014-0191 Do not fetch external parameter entities Improvements: win32/libxml2.def.src after rebuild in doc elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode Provide cmake module Fix a couple of issues raised by make dist Fix and add const qualifiers Preparing for upcoming release of 2.9.2 Fix zlib and lzma libraries check via command line wrong error column in structured error when parsing end tag doc/news.html: small update to avoid line join while generating NEWS. Add methods for python3 iterator Support element node traversal in document fragments xmlNodeSetName: Allow setting the name to a substring of the currently set name Added macros for argument casts adding init calls to xml and html Read parsing entry points Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c Implement choice for name classes on attributes Two small namespace tweaks xmllint --memory should fail on empty files Cast encoding name to char pointer to match arg type ------------------------------------------------------------------- Fri Oct 17 13:58:17 UTC 2014 - vcizek@suse.com - fix for CVE-2014-3660 (bnc#901546) * denial of service via recursive entity expansion (related to billion laughs) * added libxml2-CVE-2014-3660.patch ------------------------------------------------------------------- Mon Aug 18 15:42:34 UTC 2014 - fcrozat@suse.com - Add obsoletes/provides to baselibs.conf. ------------------------------------------------------------------- Thu Jun 5 08:30:58 UTC 2014 - vcizek@suse.com - temporarily reverting libxml2-CVE-2014-0191.patch until there is a fix that doesn't break other applications ------------------------------------------------------------------- Fri May 23 15:01:54 UTC 2014 - vcizek@suse.com - fix for CVE-2014-0191 (bnc#876652) * libxml2: external parameter entity loaded when entity substitution is disabled * added libxml2-CVE-2014-0191.patch ------------------------------------------------------------------- Fri Aug 2 12:57:36 UTC 2013 - vcizek@suse.com - update to 2.9.1 dropped patches (in upstream): * libxml2-2.9.0-CVE-2012-5134.patch * libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch * libxml2-CVE-2013-1969.patch New features: * Support for Python3 * Add xmlXPathSetContextNode and xmlXPathNodeEval ------------------------------------------------------------------- Sun Jul 7 06:00:42 UTC 2013 - coolo@suse.com - buildignore python to avoid build cycle ------------------------------------------------------------------- Thu Apr 18 14:07:49 UTC 2013 - vcizek@suse.com - fix for CVE-2013-1969 (bnc#815665) * libxml2-CVE-2013-1969.patch ------------------------------------------------------------------- Thu Mar 7 13:28:59 UTC 2013 - vcizek@suse.com - fix for CVE-2013-0338 (bnc#805233) libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch ------------------------------------------------------------------- Sat Dec 15 15:55:26 UTC 2012 - p.drouand@gmail.com - update to 2.9.0 version: * please see the Changelog - Updated patchs to get working with new version: * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch ) * fix-perl.diff ------------------------------------------------------------------- Fri Dec 7 10:49:11 UTC 2012 - vcizek@suse.com - Add libxml2-CVE-2012-5134.patch to fix CVE-2012-5134 (bnc#793334) ------------------------------------------------------------------- Sun Sep 23 19:40:30 UTC 2012 - dimstar@opensuse.org - Add a comment next to libxml2.la to make sure that anybody removing it knows why it's there and reconsiders. ------------------------------------------------------------------- Sun Sep 23 19:28:04 UTC 2012 - coolo@suse.com - readd .la file, python-libxml2 needs it ------------------------------------------------------------------- Fri Sep 21 18:04:16 UTC 2012 - jengelh@inai.de - Remove .la files; make sure installation succeeds for Fedora_17 target ------------------------------------------------------------------- Tue Jun 12 18:10:07 UTC 2012 - chris@computersalat.de - update to 2.8.0 * please see ChangeLog for more info - remove obsolete bigendian64 patch - rebase fix-perl patch ------------------------------------------------------------------- Sun Mar 11 21:00:19 UTC 2012 - jengelh@medozas.de - libxml2-2 should not require libxml2-tools. There is no trouble expected, since attempting to install libxml2 will already pull in libxml2-tools due to Provides tags. ------------------------------------------------------------------- Mon Mar 5 10:18:12 UTC 2012 - coolo@suse.com - revert the two commits that broke perl-XML-LibXML's test case, I hope the two upstreams will figure it out ------------------------------------------------------------------- Fri Mar 2 16:47:56 UTC 2012 - coolo@suse.com - update to git to fix some issues * Fix a logic error in Schemas Component ConstraintsHEADmaster * Fix a wrong enum type use in Schemas Types ------------------------------------------------------------------- Thu Mar 1 18:36:33 CET 2012 - meissner@suse.de - fixed a 64bit big endian bug in the file reader. ------------------------------------------------------------------- Sat Feb 25 13:50:54 UTC 2012 - coolo@suse.com - the fallout of requiring libxml2-tools as explicit buildrequire is just too large, so avoid it for now and create a cycle between libxml2-2 and libxml2-tools ------------------------------------------------------------------- Sat Feb 25 08:47:58 UTC 2012 - coolo@suse.com - fix version ------------------------------------------------------------------- Sat Feb 25 08:09:00 UTC 2012 - coolo@suse.com - add provide for the old name to fix packages with explicit library dependency ------------------------------------------------------------------- Thu Feb 23 11:00:21 UTC 2012 - coolo@suse.com - renamed to python-libxml2 to follow python naming expectations - do not require python but let rpm figure it out ------------------------------------------------------------------- Thu Feb 23 10:42:16 UTC 2012 - coolo@suse.com - update to today's GIT snapshot: include XZ support - split libxml2-2 according to shared library policy ------------------------------------------------------------------- Mon Dec 26 17:08:52 UTC 2011 - jengelh@medozas.de - Remove redundant tags/sections ------------------------------------------------------------------- Wed Dec 21 10:24:19 UTC 2011 - coolo@suse.com - add autoconf as buildrequire to avoid implicit dependency ------------------------------------------------------------------- Tue Dec 20 11:05:01 UTC 2011 - coolo@suse.com - own aclocal directory, there is no other reason to buildrequire automake ------------------------------------------------------------------- Fri Jul 8 08:52:06 UTC 2011 - saschpe@suse.de - update to libxml-2.7.8+git20110708 - several important bugfixes - drop upstreamed patches: * libxml2-CVE-2010-4494.patch * libxml2-CVE-2011-1944.patch * noxref.patch * symbol-versioning.patch ------------------------------------------------------------------- Wed Jun 29 09:05:59 UTC 2011 - puzel@novell.com - add libxml2-CVE-2011-1944.patch (bnc#697372) ------------------------------------------------------------------- Sun Jun 5 21:36:07 UTC 2011 - cshorler@googlemail.com - add symbol-versioning.patch to restore 11.3 versioned symbols ------------------------------------------------------------------- Mon Jan 3 09:21:20 UTC 2011 - puzel@novell.com - add libxml2-CVE-2010-4494.patch (bnc#661471) ------------------------------------------------------------------- Mon Dec 6 09:05:53 UTC 2010 - coolo@novell.com - buildrequire python-xml to fix build ------------------------------------------------------------------- Fri Dec 3 12:09:40 UTC 2010 - puzel@novell.com - update to libxml-2.7.8 - number of bufixes, documentation and portability fixes - update language ID parser to RFC 5646 - sort python generated stubs - add an HTML parser option to avoid a default doctype - see http://xmlsoft.org/news.html for exact details - drop libxml2-xpath-ns-attr-axis.patch (in upstream) - clean up specfile ------------------------------------------------------------------- Mon Nov 1 10:00:04 UTC 2010 - puzel@novell.com - add libxml2-xpath-ns-attr-axis.patch (bnc#648277) ------------------------------------------------------------------- Sat Oct 30 22:45:22 UTC 2010 - cristian.rodriguez@opensuse.org - Use --disable-static ------------------------------------------------------------------- Mon Sep 20 11:36:31 UTC 2010 - puzel@novell.com - drop libxml2-largefile64.patch (revert last change) - the issue is fixed in zlib ------------------------------------------------------------------- Fri Sep 17 16:28:46 UTC 2010 - puzel@novell.com - add libxml2-largefile64.patch (fixes build) - debian bug#439843 ------------------------------------------------------------------- Wed Jul 14 20:05:00 UTC 2010 - jw@novell.com - added noxref.patch, this implements a new --noxref option, which turns validation errors about missing xrefs into warnings. Upstreamed as https://bugzilla.gnome.org/show_bug.cgi?id=624386 ------------------------------------------------------------------- Sat Apr 24 09:50:01 UTC 2010 - coolo@novell.com - buildrequire pkg-config to fix provides ------------------------------------------------------------------- Wed Apr 7 16:34:29 UTC 2010 - coolo@novell.com - fix build ------------------------------------------------------------------- Tue Mar 23 23:46:00 CET 2010 - mrdocs@opensuse.org - update to 2.7.7 - add extra options to ./configure for scribus features and avoid a crash - updates from 2.7.3 > 2.7.7 include a number of portability, correctness memory leaks and build fixes including some CVE - see http://xmlsoft.org/news.html for exact details ------------------------------------------------------------------- Mon Feb 22 22:11:00 CET 2010 - mrdocs@opensuse.org - add sax parser option compiled in ------------------------------------------------------------------- Tue Dec 15 12:19:16 CET 2009 - jengelh@medozas.de - enable parallel building ------------------------------------------------------------------- Mon Dec 14 16:14:49 CET 2009 - jengelh@medozas.de - add baselibs.conf as a source - package documentation as noarch ------------------------------------------------------------------- Sun Aug 2 16:58:15 UTC 2009 - jansimon.moeller@opensuse.org - Disable the check for ARM as qemu-arm can't keep up atm. ------------------------------------------------------------------- Thu Mar 19 10:16:50 CET 2009 - prusnak@suse.cz - updated to 2.7.2 * Portability fix: fix solaris compilation problem, fix compilation if XPath is not configured in * Bug fixes: nasty entity bug introduced in 2.7.0, restore old behaviour when saving an HTML doc with an xml dump function, HTML UTF-8 parsing bug, fix reader custom error handlers (Riccardo Scussat) * Improvement: xmlSave options for more flexibility to save as XML/HTML/XHTML, handle leading BOM in HTML documents - updated to 2.7.3 * Build fix: fix build when HTML support is not included. * Bug fixes: avoid memory overflow in gigantic text nodes, indentation problem on the writed (Rob Richards), xmlAddChildList pointer problem (Rob Richards and Kevin Milburn), xmlAddChild problem with attribute (Rob Richards and Kris Breuker), avoid a memory leak in an edge case (Daniel Zimmermann), deallocate some pthread data (Alex Ott). * Improvements: configure option to avoid rebuilding docs (Adrian Bunk), limit text nodes to 10MB max by default, add element traversal APIs, add a parser option to enable pre 2.7 SAX behavior (Rob Richards), add gcc malloc checking (Marcus Meissner), add gcc printf like functions parameters checking (Marcus Meissner). - dropped obsoleted patches: * alloc_size.patch (mainline) * CVE-2008-4225.patch (mainline) * CVE-2008-4226.patch (mainline) * CVE-2008-4409.patch (mainline) * oldsax.patch (mainline) * pritnf.patch (mainline) * xmlsave.patch (mainline) ------------------------------------------------------------------- Mon Jan 12 17:21:59 CET 2009 - prusnak@suse.cz - added oldsax.patch to enable pre 2.7.0 sax behaviour [bnc#457056] ------------------------------------------------------------------- Wed Dec 10 12:34:56 CET 2008 - olh@suse.de - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) ------------------------------------------------------------------- Tue Nov 25 16:00:27 CET 2008 - prusnak@suse.cz - fix broken xmlsave (xmlsave.patch) [bnc#437203] ------------------------------------------------------------------- Tue Nov 18 16:24:39 CET 2008 - prusnak@suse.cz - fixed CVE-2008-4225 [bnc#445677] ------------------------------------------------------------------- Thu Nov 6 12:02:25 CET 2008 - prusnak@suse.cz - fixed CVE-2008-4226 [bnc#441368] ------------------------------------------------------------------- Thu Oct 30 12:34:56 CET 2008 - olh@suse.de - obsolete old -XXbit packages (bnc#437293) ------------------------------------------------------------------- Mon Oct 6 14:50:38 CEST 2008 - prusnak@suse.cz - fixed CVE-2008-4409 [bnc#432486] ------------------------------------------------------------------- Tue Sep 9 17:01:12 CEST 2008 - meissner@suse.de - added GCC attribute alloc_size markup (alloc_size.patch) ------------------------------------------------------------------- Wed Sep 3 16:58:23 CEST 2008 - prusnak@suse.cz - updated to 2.7.1 * Portability fix: Borland C fix (Moritz Both) * Bug fixes: python serialization wrappers, XPath QName corner case handking and leaks (Martin) * Improvement: extend the xmlSave to handle HTML documents and trees * Cleanup: python serialization wrappers ------------------------------------------------------------------- Wed Sep 3 16:57:46 CEST 2008 - prusnak@suse.cz - updated to 2.7.0 * Documentation: switch ChangeLog to UTF-8, improve mutithreads and xmlParserCleanup docs * Portability fixes: Older Win32 platforms (Rob Richards), MSVC porting fix (Rob Richards), Mac OS X regression tests (Sven Herzberg), non GNUCC builds (Rob Richards), compilation on Haiku (Andreas Färber) * Bug fixes: various realloc problems (Ashwin), potential double-free (Ashwin), regexp crash, icrash with invalid whitespace facets (Rob Richards), pattern fix when streaming (William Brack), various XML parsing and validation fixes based on the W3C regression tests, reader tree skipping function fix (Ashwin), Schemas regexps escaping fix (Volker Grabsch), handling of entity push errors (Ashwin), fix a slowdown when encoder cant serialize characters on output * Code cleanup: compilation fix without the reader, without the output (Robert Schwebel), python whitespace (Martin), many space/tabs cleanups, serious cleanup of the entity handling code * Improvement: switch parser to XML-1.0 5th edition, add parsing flags for old versions, switch URI parsing to RFC 3986, add xmlSchemaValidCtxtGetParserCtxt (Holger Kaelberer), new hashing functions for dictionnaries (based on Stefan Behnel work), improve handling of misplaced html/head/body in HTML parser, better regression test tools and code coverage display, better algorithms to detect various versions of the billion laughts attacks, make arbitrary parser limits avoidable as a parser option - dropped obsoleted patches: * billion-laughs.patch (included in update) ------------------------------------------------------------------- Wed Aug 13 12:05:08 CEST 2008 - prusnak@suse.cz - fixed billion laughs vulnerability (billion-laughs.patch) [bnc#415371] ------------------------------------------------------------------- Fri Apr 11 14:34:30 CEST 2008 - prusnak@suse.cz - updated to 2.6.32 * Documentation: - returning heap memory to kernel (Wolfram Sang) - trying to clarify xmlCleanupParser() use - xmlXPathContext improvement (Jack Jansen) - improve the *Recover* functions documentation - XmlNodeType doc link fix (Martijn Arts) * Bug fixes: - internal subset memory leak (Ashwin) - avoid problem with paths starting with // (Petr Sumbera) - streaming XSD validation callback patches (Ashwin) - fix redirection on port other than 80 (William Brack) - SAX2 leak (Ashwin) - XInclude fragment of own document (Chris Ryan) - regexp bug with '.' (Andrew Tosh) - flush the writer at the end of the document (Alfred Mickautsch) - output I/O bug fix (William Brack) - writer CDATA output after a text node (Alex Khesin) - UTF-16 encoding detection (William Brack) - fix handling of empty CDATA nodes for Safari team - python binding problem with namespace nodes - improve HTML parsing (Arnold Hendriks) - regexp automata build bug - memory leak fix (Vasily Chekalkin) - XSD test crash - weird system parameter entity parsing problem - allow save to file:///X/ windows paths - various attribute normalisation problems - externalSubsetSplit fix (Ashwin) - attribute redefinition in the DTD (Ashwin) - fix in char ref parsing check (Alex Khesin) - many out of memory handling fixes (Ashwin) - XPath out of memory handling fixes (Alvaro Herrera) - various realloc problems (Ashwin) - UCS4 encoding conversion buffer size (Christian Fruth) - problems with EatName functions on memory errors - BOM handling in external parsed entities (Mark Rowe) * Code cleanup: - fix build under VS 2008 (David Wimsey) - remove useless mutex in xmlDict (Florent Guilian) - Mingw32 compilation fix (Carlo Bramini) - Win and MacOS EOL cleanups (Florent Guiliani) - iconv need a const detection (Roumen Petrov) - simplify xmlSetProp (Julien Charbon) - cross compilation fixes for Mingw (Roumen Petrov) - SCO Openserver build fix (Florent Guiliani) - iconv uses const on Win32 (Rob Richards) - duplicate code removal (Ashwin) - missing malloc test and error reports (Ashwin) - VMS makefile fix (Tycho Hilhorst) * improvements: - better plug of schematron in the normal error handling (Tobias Minich) ------------------------------------------------------------------- Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support ------------------------------------------------------------------- Fri Mar 21 15:33:41 CET 2008 - vuntz@suse.de - Remove libxml2-2.6.31-gcc4.patch after discussion with upstream. I compiled the package on all architectures without the patch without any problem, and upstream doesn't see the point of the patch. ------------------------------------------------------------------- Thu Mar 13 12:44:03 CET 2008 - rodrigo@suse.de - Upstream and tag patches ------------------------------------------------------------------- Thu Jan 24 11:58:17 CET 2008 - prusnak@suse.cz - rename rpmlintrc-libxml2-python to libxml2-python-rpmlintrc :) ------------------------------------------------------------------- Tue Jan 22 12:16:33 CET 2008 - prusnak@suse.cz - build --without-python to allow compilation from src.rpm ------------------------------------------------------------------- Tue Jan 22 12:15:23 CET 2008 - prusnak@suse.cz - rename rpmlintrc to rpmlintrc-libxml2-python ------------------------------------------------------------------- Tue Jan 15 13:59:58 CET 2008 - prusnak@suse.cz - updated to 2.6.31 o security fix: * missing of checks in UTF-8 parsing o bug fixes: * regexp bug * dump attribute from XHTML document * fix xmlFree(NULL) to not crash in debug mode * Schematron parsing crash * XSD crash due to double free * indentation fix in xmlTextWriterFullEndElement * error in attribute type parsing if attribute redeclared * avoid crash in hash list scanner if deleting elements, column counter bug fix * HTML embed element saving fix * avoid -L/usr/lib output from xml2-config * avoid an xmllint crash * don't stop HTML parsing on out of range chars o code cleanup: * fix open() call third argument, * regexp cut'n paste copy error, * unused variable in __xmlGlobalInitMutexLock * some make distcheck realted fixes o improvements: * HTTP Header: includes port number * testURI --debug option - removed obsolete patches: * CVE-2007-6284.patch (included in update) * open_create.patch (included in update) ------------------------------------------------------------------- Fri Jan 11 16:40:51 CET 2008 - sbrabec@suse.cz - Split documentation into a separate packages. - Install devhelp documentation (#350918). - Follow upstream documentation structure. - Build again with strict aliasing. - Removed s390* work-arounds. New gcc builds it again with -O2. ------------------------------------------------------------------- Tue Dec 18 11:16:26 CET 2007 - prusnak@suse.cz - fix libxml2 DoS (CVE-2007-6284.patch) [#349151] ------------------------------------------------------------------- Tue Dec 4 14:21:09 CET 2007 - prusnak@suse.cz - fix call to open() where 3rd parameter is needed (open_create.patch) ------------------------------------------------------------------- Tue Sep 18 15:53:03 CEST 2007 - sbrabec@suse.cz - Updated to version 2.6.30: * Portability: Solaris crash on error handling, windows path fixes, mingw build * Bugfixes: xmlXPathNodeSetSort problem, leak when reusing a writer for a new document, Schemas xsi:nil handling patch, relative URI build problem, crash in xmlDocFormatDump, invalid char in comment detection bug, fix disparity with xmlSAXUserParseMemory, automata generation for complex regexp counts problems, Schemas IDC import problems, xpath predicate evailation error handling ------------------------------------------------------------------- Thu Sep 13 12:27:10 CEST 2007 - dmueller@suse.de - build on s390x ------------------------------------------------------------------- Tue Aug 28 14:50:50 CEST 2007 - prusnak@suse.cz - applied some fixes from 2.6.30 to fix regression that prevents the documentation from updating to Beta2 [#300675] (up30.patch) ------------------------------------------------------------------- Mon Aug 20 15:55:34 CEST 2007 - sbrabec@suse.cz - Commented out NoSource to provide comfortable rebuild. ------------------------------------------------------------------- Wed Jun 13 10:10:06 CEST 2007 - prusnak@suse.cz - updated to 2.6.29: o bug fixes: * fixed xmlBufferAdd problem * regexp interpretation of '\' * XPath number serialization * nanohttp gzipped stream fix * uri bug * XPath string value of PI nodes * XPath node set sorting bugs * avoid outputting namespace decl dups in the writer * xmlCtxtReset bug * UTF-8 encoding error handling * recustion on next in catalogs * Relax-NG crash * invalid character in attribute detection bug o improved: * keep URI query parts in raw form * embed tag support in HTML - dropped obsolete patches: * pinode.patch (included in update) ------------------------------------------------------------------- Tue Jun 5 18:13:00 CEST 2007 - prusnak@suse.cz - suppress spurious-executable-perm for test scripts using rpmlintrc ------------------------------------------------------------------- Thu May 31 14:32:29 CEST 2007 - prusnak@suse.cz - moved tests to tests subdirectory in docdir - cleaned spec file ------------------------------------------------------------------- Thu May 31 12:20:09 CEST 2007 - prusnak@suse.cz - fixed problem with xpath's string-value for a PI node with no content (pinode.path) [#278173] - cleaned spec file ------------------------------------------------------------------- Tue Apr 24 11:01:57 CEST 2007 - prusnak@suse.cz - updated to 2.6.28: o bug fixes: * XPath memory leak, node comparison error * HTML parser autoclose stack usage * various regexp fixes * htmlCtxtReset fix * invalid char in text XInclude * fix the big string memory leak * fix whitespace usage * and many more ... see NEWS - dropped obsoleted patches: * null-retval.patch (included in update) * tabs-spaces.patch (included in update) ------------------------------------------------------------------- Mon Apr 2 13:39:10 CEST 2007 - rguenther@suse.de - add zlib-devel BuildRequires ------------------------------------------------------------------- Thu Feb 22 10:38:52 CET 2007 - prusnak@suse.cz - fixed inconsistent use of tabs and spaces in indentation (tabs-spaces.patch) by Andreas Hanke [#246203] ------------------------------------------------------------------- Thu Jan 25 14:06:57 CET 2007 - prusnak@suse.cz - fixed crash on ENOMEM (null-retval.patch) [#215223] ------------------------------------------------------------------- Tue Jan 9 18:39:48 CET 2007 - sbrabec@suse.cz - gnomeprefix changed to /usr. - Removed obsolete PreReq. ------------------------------------------------------------------- Mon Dec 11 14:50:27 CET 2006 - ke@suse.de - 2.6.27; many improvements and bug fixes. For details, see the NEWS file. - Remove libxml2-xpath-1.318.patch (obsolete). ------------------------------------------------------------------- Tue Nov 28 12:20:54 CET 2006 - ke@suse.de - Do not install static Python module; reported by Andreas Hanke [#223696]. ------------------------------------------------------------------- Tue Oct 17 16:10:08 CEST 2006 - ke@suse.de - Move manpage to devel subpackage; reported by Andreas Hanke [# 212441]. ------------------------------------------------------------------- Tue Aug 15 09:12:27 CEST 2006 - ke@suse.de - Remove left-over SuSEconfig traces in %files list. ------------------------------------------------------------------- Mon Aug 14 17:03:43 CEST 2006 - ke@suse.de - Remove SuSEconfig related files completely. /etc/xml/catalog is now provided by the sgml-skel package. ------------------------------------------------------------------- Wed Jun 28 17:06:32 CEST 2006 - ke@suse.de - Once the catalog is initialized, remove the SuSEconfig trigger file; reported by Stanislav Brabec [# 188885]. ------------------------------------------------------------------- Tue Jun 27 11:04:10 CEST 2006 - ke@suse.de - Apply libxml2-xpath-1.318.patch from CVS: Do not return too many nodes. ------------------------------------------------------------------- Fri Jun 16 15:04:22 CEST 2006 - ke@suse.de - 2.6.26; NEWS extract from http://xmlsoft.org/ : * Bug fixes: encoding buffer problem, mix of code and data in xmlIO.c, entities in XSD validation, various XSD validation fixes, memory leak in pattern, attribute with colon in name, XPath leak inerror reporting, XInclude text include of selfdocument. * Xpath optimizations. ------------------------------------------------------------------- Tue May 16 14:05:07 CEST 2006 - ke@suse.de - 2.6.24; NEWS extract from http://xmlsoft.org/ : * Improvements: XML catalog debugging; update to Unicode 4.01. * Bug fixes: xmlParseChunk() problem in 2.6.23, xmlParseInNodeContext() on HTML docs, comment streaming bug xmlParseComment, regexp bug fixes, xmlGetNodePath on text/CDATA, one Relax-NG interleave bug, XSD bugfixes, etc. * Documentation: man pages updates and cleanups * New features: - Relax NG structure error handlers. - xmlDOMWrapReconcileNamespaces xmlDOMWrapCloneNode. - libxml2-python-whitespace.diff: Remove it, obsolete. ------------------------------------------------------------------- Fri Feb 17 20:08:36 CET 2006 - kukuk@suse.de - Don't install binaries in doc [#151897] ------------------------------------------------------------------- Wed Jan 25 21:37:49 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Mon Jan 16 17:00:19 CET 2006 - ke@suse.de - libxml2-python-whitespace.diff: Fix inconsistent use of tabs and spaces in indentation in libxml2.py. Reported by Christoph Thiel; thanks to Jan Matejek [# 143082]. ------------------------------------------------------------------- Mon Jan 9 09:40:26 CET 2006 - ke@suse.de - Update to version 2.6.23; NEWS extract from http://xmlsoft.org/ : * Bug fixes (leaks, XPath, validation issue, etc.). * Improvements (XSD Schemas redefinitions/restrictions, node copy checks and fix for attribute, handle gzipped HTTP resources, etc.). * Documentation. ------------------------------------------------------------------- Wed Dec 21 07:44:03 CET 2005 - aj@suse.de - Package /usr/include/libxml in -devel package. ------------------------------------------------------------------- Fri Sep 16 13:15:15 CEST 2005 - ke@suse.de - Update to version 2.6.22; NEWS from http://xmlsoft.org/ (extract since .21): * Bug fixes (too many to list here). * Improvements on interfaces for schemas and RNG error reports. * Optimization of the char data inner loop parsing. * More lax mode for the HTML parser. * XML Schemas improvements preparing for derive (Kasimier Buchcik). - libxml2-printf.patch: Adjust it. - xml-error-handling.patch: Obsolete. - Remove misleading link flag statement; thanks for advise to Dirk Mueller. ------------------------------------------------------------------- Tue Aug 9 17:16:32 CEST 2005 - ke@suse.de - Add missing require statement; reported by Ludwig Nussel [# 95216]. ------------------------------------------------------------------- Thu Jul 28 14:29:02 CEST 2005 - ke@suse.de - Fix error handling. Reported by Michael Radziej, apply fix from CVS as proposed by JP Rosevear [# 98487]. ------------------------------------------------------------------- Mon Jul 11 09:22:07 CEST 2005 - ke@suse.de - Update to version 2.6.20; NEWS from http://xmlsoft.org/: * Major improvement in XSD Schemas. * XSD Schemas streaming support (SAX and Reader), flagged as somewhat experimental. * New DOM importing functions * Various build and bug fixes, including memory leaks; for details check the NEWS file. ------------------------------------------------------------------- Wed Apr 6 22:11:38 CEST 2005 - meissner@suse.de - make build again on gcc >= 4, added parallel make. ------------------------------------------------------------------- Mon Apr 4 10:05:48 CEST 2005 - ke@suse.de - Update to version 2.6.19; NEWS (extract since .18) from http://xmlsoft.org/: * Bugfixes: xmlSchemaElementDump namespace, push and xmlreader stopping on non-fatal errors, thread support for dictionnaries reference counting, internal subset and push problem, URL saved in xmlCopyDoc, various schemas bug fixes, Python paths fixup, xmlGetNodePath and namespaces, xmlSetNsProp fix, warning should not count as error, xmlCreatePushParser empty chunk, XInclude parser flags, xmlTextWriterStartAttributeNS fix, xmlWriter bugs, xmlSearchNsByHref fix, Python binding leak, aliasing bug exposed by gcc4 on s390, xmlTextReaderNext bug, Schemas decimal type fixes, xmlByteConsumed static buffer, schemas type decimal fixups, xmmlint return code, workaround "DAV:" namespace brokeness in c14n segfault in Schemas, Schemas attribute validation, Prop related functions and xmlNewNodeEatName, HTML serialization of name attribute on a elements, Python error handlers leaks and improvement, Relax-NG validation bug, xmlSAXParseDoc and xmlParseDoc signatures, switched back to assuming UTF-8 in case no encoding is given at serialization time. * improvement: speedup parsing comments and DTDs, dictionnary support for hash tables, Schemas Identity constraints, streaming XPath subset, xmlTextReaderReadString added, Schemas canonical values handling, add xmlTextReaderByteConsumed, add a --nodict mode to xsltproc to check problems for documents without dictionnaries. ------------------------------------------------------------------- Fri Apr 1 15:57:07 CEST 2005 - meissner@suse.de - disable visibility hacks for gcc >= 4 ------------------------------------------------------------------- Mon Jan 24 11:11:19 CET 2005 - meissner@suse.de - specify printf format attributes to check for bad format string use. ------------------------------------------------------------------- Mon Jan 17 14:33:36 CET 2005 - ke@suse.de - Update to version 2.6.17; NEWS (extract) from http://xmlsoft.org/: * Bug fixes: xmlTextReaderHasAttributes, xmlCtxtReadFile() to use the catalog(s), loop on output, XPath memory leak, ID deallocation problem, xmlStopParser bug, UTF-16 with BOM on DTDs, namespace bug on empty elements in push mode, line and col computations fixups, xmlURIEscape fix, xmlXPathErr on bad range, patterns with too many steps, and more. * Improvements: XSD Schemas, python generator, xmlUTF8Strpos speedup, Python __str__ call serialize(), and more. * New APIs: Add xmlDictExists(), GetLineNumber and GetColumnNumber for the xmlReader, Dynamic Shared Libraries APIs, error extraction API from regexps, and new XMLSave option for format. * Documentation improvements. ------------------------------------------------------------------- Wed Nov 24 15:16:19 CET 2004 - mcihar@suse.cz - use rpm macros to build correcly with current python ------------------------------------------------------------------- Thu Nov 11 08:30:13 CET 2004 - ke@suse.de - Update to version 2.6.16; NEWS (extract) from http://xmlsoft.org/: * Important bug fix release, it also fixes main bugs raised against 2.6.15 and memory leaks found by automated testing of the API. * Documentation update. * Provide DTD validation APIs at the Python level. ------------------------------------------------------------------- Thu Oct 28 08:40:59 CEST 2004 - ke@suse.de - Update to version 2.6.15; NEWS (extract) from http://xmlsoft.org/: * Security fixes on the nanoftp and nanohttp modules: http://www.securityfocus.com/archive/1/379383/2004-10-24/2004-10-30/0 * Bug fixes: HTML parser on broken ASCII chars in names, Python paths, xmlHasNsProp and default namespace, DTD lookup fix, save back in catalogs, tree build fixes, Schemas memory bug and another memory leak, xmlValidateDtd in the presence of an internal subset, entities and _private problem, xmlBuildRelativeURI error, and more. * Improvements: Better XInclude error reports, tree debugging module and tests, convenience functions at the Reader API, add support for PI in the HTML parser. ------------------------------------------------------------------- Thu Oct 7 16:13:38 CEST 2004 - ke@suse.de - Update to version 2.6.14; NEWS since version 2.6.13: * Fix and cleanup XML schemas, UTF-8 issues, fix default namespace problem, encoding error could genrate a serialization loop, XInclude testing, Notation serialization, and other bugs. * Improveme schemas validity, added --path and --load-trace options to xmllint. * Enhance Python support. * Documentation: tutorial update. - Drop obsolete NS patch. ------------------------------------------------------------------- Tue Sep 7 11:50:52 CEST 2004 - ke@suse.de - libxml2-default-ns.patch: Fix problem with namespaces; provided by William M. Brack [# 44214]. ------------------------------------------------------------------- Mon Aug 23 07:30:54 CEST 2004 - ke@suse.de - Update to version 2.6.12; NEWS (extract) from http://xmlsoft.org/: * Better XSD Schemas support. * Python binding improvements * Enhancement of command line tools. * Documentation fixes. * Various bug fixes (RVT, XPath context resets bug, catalog white space handling, xmlReader state after attribute reading, out of Memory conditions handling, htmlNewDoc() charset, notation serialization, etc.). ------------------------------------------------------------------- Wed Jul 21 09:06:53 CEST 2004 - bg@suse.de - disable elfgcchack for hppa to produce working binaries. ------------------------------------------------------------------- Wed Jul 14 13:46:41 CEST 2004 - ke@suse.de - Update to version 2.6.11; NEWS (extract) from http://xmlsoft.org/: * Bugfixes and improvements to XML Schemas support. * Update to the documentation tutorial and man pages. * Bugfixes: C14N bug serializing namespaces, empty node set in XPath, XInclude xml:base generation, XInclude fallback problem, XPointer and xml:base problem, Reader and entities, xmllint related fixes, DTD serialization problem xmlReader fixes, Python bindings improvement, fix the push parser, URI escaping and filemanes, XHTML1 formatting, reverse xmlEncodeSpecialChars() behaviour back to escaping '"', etc. * improvements: custom per-thread I/O enhancement, dynamically increase the number of XPath extension functions in Python and fix a memory leak, make xmlTextReaderMode public, * Increase performance. ------------------------------------------------------------------- Mon Apr 19 17:18:11 CEST 2004 - ke@suse.de - Update to version 2.6.9; NEWS (extract) from http://xmlsoft.org/: * implement xml:id Working Draft, relaxed XPath id() checking. * bugfixes: xmlCtxtReset, line number and CDATA, Regexp patches, xmlUriEscape, Relax-NG bugs, XInclude duplicate fallback, external DTD encoding detection, a DTD validation bug, xmlReader Close() fix, recusive extention schemas. * various improvements an performance patches. * documentation fixes. - Remove obsolete patches (libxml2-parser.patch, libxml2-xpath-memleak.patch, libxml2-nanohttp-fd-close.patch). ------------------------------------------------------------------- Wed Mar 24 11:49:19 CET 2004 - ke@suse.de - libxml2-nanohttp-fd-close.patch: add a close for the local file descriptor by William Brack (from libxml2 CVS). - libxml2-xpath-memleak.patch: fix a memory leak (xmlXPathLangFunction) by William Brack (from libxml2 CVS); reported by Mike Hommey. ------------------------------------------------------------------- Thu Mar 18 10:45:38 CET 2004 - ke@suse.de - Do not install pre-compiled examples; reported by Dirk Mueller [# 36382]. ------------------------------------------------------------------- Thu Mar 11 11:47:27 CET 2004 - ke@suse.de - Fix memory leak in parser.c. Patch by Daniel Veillard (from libxml2 CVS), reported by Holger Rauch. ------------------------------------------------------------------- Tue Feb 24 10:32:41 CET 2004 - ke@suse.de - Update to version 2.6.7; NEWS (extract) from http://xmlsoft.org/: Mostly small bugfixes and performances improvements: * Documentation: tutorial updates. * xmlWriter: updates and fixes. * XPath optimization. * DTD ID handling optimization. * Python: 2.3 compatibility, whitespace fixes. * Add relaxng option to xmllint --shell . - Add -fno-strict-aliasing to CFLAGS. ------------------------------------------------------------------- Mon Feb 23 13:48:22 CET 2004 - ke@suse.de - Support C++ exceptions; reported by Ulrich Heinen [# 34865]. ------------------------------------------------------------------- Thu Feb 19 15:06:33 CET 2004 - ke@suse.de - libxml2-id-idref-validation.patch: Remove a non-linear behaviour from ID/IDREF by Daniel Veillard (from libxml2 CVS). ------------------------------------------------------------------- Fri Feb 13 10:03:21 CET 2004 - ke@suse.de - Update to version 2.6.6; NEWS (extract) from http://xmlsoft.org/: Mostly a bug fixes including potentially dangerous buffer overflows discovered in the FTP and HTTP URL parsing code (historical it was written before the module uri.c, ideally that code should now be dropped); also a couple of minor API enhancements: * nanohttp and nanoftp: buffer overflow error on URI parsing. * bugfixes: make test and path issues, xmlWriter attribute serialization, xmlWriter indentation , schemas validation, XInclude dictionnaries issues, XInclude empty fallback, HTML warnings, XPointer in XInclude, Python namespace serialization, isolat1ToUTF8 bound error, output of parameter entities in internal subset, internal subset bug in push mode, fix. * XInclude: allow the 2001 namespace without warning. * reader API: structured error reporting * Parsers: added xmlByteConsumed(ctxt) API to get the byte offest in input. ------------------------------------------------------------------- Mon Jan 26 13:46:38 CET 2004 - ke@suse.de - Update to version 2.6.5; NEWS (extract) from http://xmlsoft.org/: * Bugfixes: dictionnaries for schemas, regexp segfault, xs:all problem, a number of XPointer bugfixes, xmllint error go to stderr, DTD validation problem with namespace, memory leak, SAX1 cleanup and minimal options fixes, parser context reset on error, XPath union evaluation problem, xmlReallocLoc with NULL, XML Schemas double free, XInclude with no href, argument callbacks order for XPath callbacks. * Documentation enhancements. * Python bindings: fixes, enum support, structured error reporting, problem related to dictionnary references, recursion. * xmlWriter: indentation, memory leaks. * xmlSchemas: normalizedString datatype. * Parser optimizations, a few new XPath and dictionnary APIs for future XSLT optimizations. ------------------------------------------------------------------- Sat Jan 10 14:00:30 CET 2004 - adrian@suse.de - build as user ------------------------------------------------------------------- Fri Jan 9 17:29:03 CET 2004 - adrian@suse.de - add %run_ldconfig to %postun ------------------------------------------------------------------- Wed Jan 7 15:59:53 CET 2004 - ke@suse.de - Update to version 2.6.4; NEWS (extract) from http://xmlsoft.org/: * Fix serious XInclude problems. * Documentation improvements. * example fix (Lucas Brasilino) * Various bugfixes: xmlTextReaderExpand() with xmlReaderWalker, XPath handling of NULL strings, API building reader or parser from filedescriptor should not close it, changed XPath sorting to be stable again, xmlGetNodePath() generating '(null)', DTD validation and namespace bug, XML Schemas double inclusion behaviour. ------------------------------------------------------------------- Thu Dec 11 12:17:51 CET 2003 - ke@suse.de - Update to version 2.6.3; NEWS (extract) from http://xmlsoft.org/: Cleanup release (documentation, small bug fixes and enhancements). Upgrade XInclude support to the latest draft; this includes namespace changes (in case of XInclude warnings, you must fix your documents). * Add a repository of examples. * Unicode range checking. * UTF-16 cleanup and BOM issues. * Bug fixes: ID and xmlReader validation, XPath, xmlWriter, hash.h inclusion problem, HTML parser, attribute defaulting and validation, some serialization cleanups, XML_GET_LINE macro, memory debug when using threads, serialization of attributes and entities content, xmlWriter. * XInclude bugfix, new APIs and update to the last version including the namespace change. * XML Schemas improvements. * Preliminary pattern support for streaming. - Drop obsolete patch (libxml2-2.6.2-include.patch). ------------------------------------------------------------------- Wed Nov 12 12:38:09 CET 2003 - ke@suse.de - For libxml2-devel require zlib-devel and readline-devel; reported by Tobias Reif. ------------------------------------------------------------------- Fri Nov 7 01:10:47 CET 2003 - ro@suse.de - change include file hash.h define types used in parser.h before including ------------------------------------------------------------------- Wed Nov 5 12:09:56 CET 2003 - ke@suse.de - Update to version 2.6.2; NEWS (extract) from http://xmlsoft.org/: * API additions (should still be API and ABI compatible) and performance gains. * API to screate a W3C Schemas from an existing document. * Deactivate the broken docBook SGML parser code and plug the XML parser instead. * Enable IPv6 support. * Switch to a SAX2 like parser rewrote most of the XML parser core, provides namespace resolution and defaulted attributes, minimize memory allocations and copies, namespace checking and specific error handling, immutable buffers, make predefined entities static structures, etc... * Schemas: base64 support. * Parser<->HTTP integration fix, proper processing of the Mime-Type and charset informations if available. * Relax-NG: bug fixes. * Documentation fixes. * Bug fixes: xmlCleanupParser, threading uninitialized mutexes, HTML doctype lowercase, SAX/IO, compression detection and restore, attribute declaration in DTDs, namespace on attribute in HTML output, input filename, namespace DTD validation, xmlReplaceNode, I/O callbacks, CDATA serialization, xmlReader, high codepoint charref like 􏿿, buffer access in push mode, XPath bug, xmlCleanupParser, CDATA output, HTTP error handling. Mandatory encoding in text decl, serializing Document Fragment nodes, XPath context unregistration fixes, text node coalescing fixes, stdin parsing fix, a posteriori DTD validation fixes and other fixes. * xmllint options: --dtdvalidfpi, --sax1 for compat testing, --nodict for building without tree dictionnary, --nocdata to replace CDATA by text, --nsclean to remove surperfluous namespace declarations. * Always generate line numbers when using the new xmlReadxxx functions * Add XInclude support to the xmlReader interface. * Implement XML_PARSE_NONET parser option. * DocBook XSLT processing bug fixed. * HTML serialization for

elements. * XPointer failure in XInclude are now handled as resource errors. * Fix xmllint --html to use the HTML serializer on output (add --xmlout to implement the previous behaviour of saving it using the XML serializer). ------------------------------------------------------------------- Tue Oct 7 13:31:57 CEST 2003 - ke@suse.de - Update to version 2.5.11: * Fix bug in Relax-NG. * Fix crash when using multithreaded programs. ------------------------------------------------------------------- Fri Aug 29 17:45:40 CEST 2003 - mcihar@suse.cz - require same python version as it was built with ------------------------------------------------------------------- Fri Aug 29 14:03:42 CEST 2003 - kukuk@suse.de - Add %verify tag to /var/adm/SuSEconfig/run-libxml2 ------------------------------------------------------------------- Wed Aug 27 16:48:11 CEST 2003 - ke@suse.de - Add readline-devel to neededforbuild and enable history/readline support for xmllint; proposed by Thomas Schreitle. ------------------------------------------------------------------- Fri Aug 15 16:44:47 CEST 2003 - ke@suse.de - Update to version 2.5.10; NEWS from http://xmlsoft.org/: * Bugfixes: UTF-16 support, HTML parser, xmlSAXParseDTD(). * Improve XInclude performance problem * Improve XML parser performance. ------------------------------------------------------------------- Thu Aug 14 14:52:37 CEST 2003 - ke@suse.de - Update to version 2.5.9; NEWS from http://xmlsoft.org/: * Bugfixes: IPv6 portability, xmlHasNsProp, Schemas, threading, hexBinary type, UTF-16 BOM, xmlReader, namespace handling, EXSLT, HTML parsing problem, DTD validation for mixed content + namespaces, HTML serialization, library initialization, progressive HTML parser. * Better interfaces for Relax-NG error handling. * Add xmlXIncludeProcessTree() for XInclud'ing in a subtree. * Doc fixes and improvements. * New UTF-8 helper functions. * General encoding cleanup + ISO-8859-x without iconv. * xmlTextReader cleanup + enum for node types. ------------------------------------------------------------------- Tue Jul 8 18:15:31 CEST 2003 - ke@suse.de - Update to version 2.5.8; NEWS from http://xmlsoft.org/: * Bugfixes: XPath, XInclude, file/URI mapping, UTF-16 save, UTF-8 checking, URI saving, error printing, PI related memleak, compilation without schemas or without xpath, xmlUnlinkNode problem with DTDs, xmlIOParseDTD, and xmlSAXParseDTD. * Fix multithreading lock problems. * IPv6 patch for FTP and HTTP accesses. * A few W3C Schemas Structure improvements. * W3C Schemas Datatype improvements. * Python bindings for thread globals, and method/class generator. * Add --nonet option to xmllint. * Documentation improvements. - libxml2-2.5.8-mutex.patch provided by Daniel Veillard. ------------------------------------------------------------------- Thu Jun 12 13:29:04 CEST 2003 - kukuk@suse.de - Add gnome directories to filelist ------------------------------------------------------------------- Mon May 26 12:07:39 CEST 2003 - ke@suse.de - Remove unwanted files from $RPM_BUILD_ROOT. ------------------------------------------------------------------- Mon Apr 28 12:58:31 CEST 2003 - ke@suse.de - Update to version 2.5.7; NEWS from http://xmlsoft.org/: * Relax-NG: Compiling to regexp and streaming validation on top of the xmlReader interface, add --stream to xmllint. * xmlReader: Expand(), Next() and DOM access glue, bug fixes. * Support for large files: RGN validated a 4.5GB instance. * Thread support is now configured in by default. * Fixes: update of the Trio code, WXS Date and Duration fixes, DTD and namespaces, HTML push parser and zero bytes handling, behaviour of the parser and validator in the presence of "out of memory" error conditions. * Extend the API to be able to plug a garbage collecting memory allocator, add xmlMallocAtomic() and modified the allocations accordingly. * Performances: remove excessive malloc() calls, speedup of the push and xmlReader interfaces, remove excessive thread locking. * Documentation: man page, xmlReader documentation * Python: add binding for xmlCatalogAddLocal. ------------------------------------------------------------------- Wed Apr 2 13:12:30 CEST 2003 - ke@suse.de - Update to version 2.5.6; NEWS from http://xmlsoft.org/: * Fix W3C XML Schemas datatype, should be compliant now except for binHex and base64 which are not supported yet. * Bug fix: non-ASCII IDs, HTML output, XInclude on large docs and XInclude entities handling, encoding detection on external subsets, XML Schemas bugs and memory leaks, HTML parser. * improved error reporting: xml:space, start/end tag mismatches, Relax NG errors. - Frop obsolete trio patch. ------------------------------------------------------------------- Wed Mar 26 12:11:02 CET 2003 - ke@suse.de - Update to version 2.5.5; NEWS from http://xmlsoft.org/: * Fixes on the Relax NG implementation. * Increase support for W3C XML Schemas datatype. * Bug fixes in the URI handling layer. * Bug fixes: HTML parser, xmlReader, DTD validation, XPath, encoding conversion, line counting in the parser. * Add support for $XMLLINT_INDENT environment variable, FTP delete. - Apply patch by Albert Chin to enable use of trio libraries in Python. ------------------------------------------------------------------- Thu Feb 20 09:27:57 CET 2003 - ke@suse.de - Add /usr/bin/install to PreReq; reported by Thorsten Kukuk [# 23891]. ------------------------------------------------------------------- Tue Feb 11 13:44:51 CET 2003 - ke@suse.de - Update to version 2.5.3; NEWS from http://xmlsoft.org/: A bugfix release. Relax-NG and XML Schemas datatypes stabilization: * RelaxNG and XML Schemas datatypes improvements; first version of RelaxNG Python bindings. * Fixes: XLink, XInclude, API fix for serializing namespace nodes, encoding conversion bug, XHTML1 serialization. ------------------------------------------------------------------- Thu Feb 6 16:49:17 CET 2003 - ro@suse.de - fix specfile ------------------------------------------------------------------- Thu Feb 6 10:23:12 CET 2003 - ke@suse.de - Update to version 2.5.2; NEWS from http://xmlsoft.org/: First release with the RelaxNG validation code. Schemas support is also configured in by default now. All this code is still of alpha quality. This release also includes a number of fixes and some API improvements: * First implementation of RelaxNG, added --relaxng flag to xmllint. * Schemas support now compiled in by default. * Bug fixes: DTD validation, namespace checking, XInclude and entities, delegateURI in XML Catalogs, HTML parser, XML reader, XPath parser and evaluation, UTF8ToUTF8 serialization, XML reader memory consumption, HTML parser, HTML serialization in the presence of namespaces. * Add an HTML API to check elements and attributes. * Documentation improvement. * Add python bindings for XPointer, contextual error reporting. * Fix URI/file escaping problems. - Remove obsolete README.SuSE. ------------------------------------------------------------------- Thu Jan 9 12:57:25 CET 2003 - ke@suse.de - Update to version 2.5.1; NEWS from http://xmlsoft.org/: * New XmltextReader interface based on C# API; cf. http://xmlsoft.org/xmlreader.html . * XInclude fallback fix. * Python: bindings for the new API, packaging, drv_libxml2.py Python xml.sax driver, fixes, speedup and iterators for Python-2.2. * Tutorial fixes, xmllint man update. * Fix an XML parser bug. * Entities handling fixes * new API to optionally track node creation and deletion. * Added documentation for the XmltextReader interface and some XML guidelines ------------------------------------------------------------------- Thu Dec 12 14:43:02 CET 2002 - ke@suse.de - Update to version 2.4.30; NEWS from http://xmlsoft.org/: * Main changes are the addition of a new API set closely based on the C#/ECMA-334 XmlTextReader interface, allowing to scan an XML document in a forward only way but in (near) constant memory size. * Fix for prev in python bindings. * Fix for entities handling (Marcus Clarke), replacing patch from 2002-12-02. * Refactor the XML and HTML dumps to a single code path, fix XHTML1 dump. * Fix for URI parsing when handling URNs with fragment identifiers * Fix for HTTP URL escaping problem. * Adde an TextXmlReader (C#) like API (work in progress). * Rewrote the API in XML generation script, includes a C parser and saves more informations needed for C# bindings. ------------------------------------------------------------------- Mon Dec 2 16:33:51 CET 2002 - ke@suse.de - Fix "Entity in Entity processing"; patch provided by DV. Cf. [# 22208]. ------------------------------------------------------------------- Tue Nov 26 16:12:56 CET 2002 - ro@suse.de - split libxml2-python to own specfile (libxml2 is turning more and more into a base package and python requires a lot of other things to build) ------------------------------------------------------------------- Mon Nov 25 14:04:55 CET 2002 - ke@suse.de - Update to version 2.4.28; NEWS from http://xmlsoft.org/: * Fix a couple of python binding bugs. * Fix 2 bugs in the XML push parser. * Remove potential memory leak. * Add encoding support for XInclude parse="text". * Autodetect XHTML1 and add specific serialization rules. * Fix threading bug. ------------------------------------------------------------------- Mon Nov 18 10:48:18 CET 2002 - ke@suse.de - Update to version 2.4.27; NEWS from http://xmlsoft.org/: * Fix Python bindings. * A number of bug fixes: SGML catalogs, xmlParseBalancedChunkMemory(), HTML parser, Schemas, document fragment support, xmlReconciliateNs, XPointer, xmlFreeNode(), xmlSAXParseMemory, xmlGetNodePath, entities processing. * Add grep to xmllint --shell. * Improvement documentation. - Don't apply obsolete revert-.25-.26.dif patch. ------------------------------------------------------------------- Mon Nov 4 14:48:08 CET 2002 - adrian@suse.de - revert catalog separator change, accepting ":" again. libxml2 is using anyway ":" internal, even when a " " separator is given ------------------------------------------------------------------- Wed Oct 30 23:51:46 CET 2002 - ro@suse.de - removed patch call for removed patch ------------------------------------------------------------------- Wed Oct 30 13:32:32 CET 2002 - ke@suse.de - Drop libxml2-2.4.19-xml2-config.dif to avoid header file conflicts with C++; reported by Andreas Mueller [# 21427]. ------------------------------------------------------------------- Tue Oct 29 15:20:31 CET 2002 - ke@suse.de - Update to version 2.4.26; NEWS from http://xmlsoft.org/: * Fix the validation code (DTD and Schemas), xmlNodeGetPath() , HTML serialization, Namespace compliance, and a number of small problems. - "valid" patches are obsolete with his update. ------------------------------------------------------------------- Fri Oct 11 12:03:30 CEST 2002 - ke@suse.de - valid.c: Fix uninitialized memory block (patch by Daniel Veillard). ------------------------------------------------------------------- Tue Oct 8 15:08:04 CEST 2002 - ke@suse.de - Update to version 2.4.25; NEWS from http://xmlsoft.org/: * A number of bug fixes: XPath, validation, DOM and tree, XML I/O, HTML. * Fix and improve Python bindings. * Fix HTML