|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: libxerces-c-3_1||Distribution: openSUSE Leap 15.2|
|Version: 3.1.4||Vendor: openSUSE|
|Release: lp184.108.40.206||Build date: Thu Sep 2 12:14:26 2021|
|Group: Productivity/Publishing/XML||Build host: obs-power8-01|
|Size: 4682408||Source RPM: xerces-c-3.1.4-lp220.127.116.11.src.rpm|
|Summary: Shared libraries for Xerces-c - a validating XML parser|
Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0 recommendation and associated standards ( DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces). This package contains shared libraries.
* Mon Aug 23 2021 Danilo Spinella <firstname.lastname@example.org> - Fix CVE-2018-1311 the XML parser contains a use-after-free triggered during the scanning of external DTDs potentially leading to DOS (bsc#1159552, CVE-2018-1311) * xerces-c-CVE-2018-1311.patch * Thu Sep 27 2018 Tomáš Chvátal <email@example.com> - Add patch to fix CVE-2017-12627 bsc#1083630 * xerces-c-CVE-2017-12627.patch * Tue Jul 05 2016 firstname.lastname@example.org - Version update to 3.1.4: * Fixes bnc#985860 CVE-2016-4463 * xerces-c-CVE-2016-2099.patch removed as it was included upstream * Mon Jun 27 2016 email@example.com - Use pkgconfig requires - Disable "pretty" make to make it bit faster - Fix the selfobsoleting provides/requires to silence rpmlint - Use valid group for the docs * Wed Jun 22 2016 firstname.lastname@example.org - Resolve rpmlint warnings of type "version-control-internal-file" * Tue Jun 21 2016 email@example.com - Update to 3.1.3 * bug fixes + memcpy used on overlapping memory regions causes sanity test failure + Typo in XMLUni::fgUnknownURIName constant + Buffer overruns in prolog parsing and error handling - Dropped xerces-c-CVE-2016-0729.patch, fixed upstream. * Thu Jun 16 2016 firstname.lastname@example.org - added xerces-c-CVE-2016-2099.patch Exception handling mistake causing use after free (bsc#979208, CVE-2016-2099) - xerces-c-CVE-2016-0729.patch Fix for mishandling certain kinds of malformed input documents, resulting in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. (bsc#966822, CVE-2016-0729) * Mon Sep 28 2015 email@example.com - Update to 3.1.2 * bug fixes + Wrong temporary token type causes regex construction to fail + IGXMLScanner can fail to properly set its XSModel. + ICUTransService and IconvGNUransService CAN NOT deal with huge file. + xsi:type is not applied to root element + Problem in prefix parsing while creating Documnet, Element, Attributes on all platforms : Issue is in poolString creation + Whitespace in xsi:type + XMLUTF8Transcoder::transcodeTo fails with an exception when transcoding single characters that require 3 or more bytes as UTF8. + getWholeText leaks memory + Missing Libs.private in the xerces-c pkg-config file + XMLUni::fgXercesLoadSchema is not null-terminated in XMLUni.cpp + XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole alphabet + Xerces livelocks while reading external DTD if socket closes prematurely + Memory leak occurs if an exception is thrown in TranscodeToStr or TranscodeFromStr constructors + DOMDocumentImpl:: getPooledNString(const XMLCh *in, XMLSize_t n) returns incorrect string + OutOfMemoryException being thrown on creation of an LS Serializer + TranscodeToStr::transcode throws an exception when transcoding to UTF-8 + ContentSpecNode::getMaxTotalRange: Operator precedence flaw + Add support for GNU/Hurd by using POSIX.1-2001 and POSIX.1-2008 functions + enumeration value ‘Loop’ not handled in switch src/SEnumVal/SEnumVal.cpp: + bit operation error in DOMNodeImpl::reverseTreeOrderBitPattern + build xerces-c with icu on mingw gcc 4.7.2 + Xerces 3.1.1 Xerces.Lib fails to build with new Visual Studio 2012 Update 1 when v110_xp platform is chosen + Off-by-one error in TranscodeFromStr (with ICU) + Use icu, which is built with features + LocalFileFormatTarget leaks file handle + Curl Checking + Janitor<BinInputStream>::~Janitor() throws in unwind + String pooling in DOMDocumentImpl is unsafe, particularly on 64-bit platforms + Code analysis revealed multiple potential NULL derefence conditions (currently unconfirmed) + XMLString sizeToText/binToText produce mixed case + Crash while parsing malformed documents * improvements + MacOSUnicodeConverter.cpp: ISO C++ forbids comparison between pointer of type 'void *' and pointer-to-function + Allow compiling Xerces-C using C++11 (especially Clang) + VS2012 Project * Thu Feb 19 2015 firstname.lastname@example.org - Use url for source - Add gpg signature - Use fdupes to remove duplicities in documentation - Split documentation into separate package - Use curl as netaccessor, necessary for proxy support * Thu Dec 12 2013 email@example.com - Add baselib.conf in order to build -32Bit.
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue May 9 14:01:34 2023