| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libxerces-c-3_3 | Distribution: SUSE Linux Framework One |
| Version: 3.3.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: slfo.1.1.2 | Build date: Fri Nov 1 13:01:55 2024 |
| Group: Unspecified | Build host: reproducible |
| Size: 3697944 | Source RPM: xerces-c-3.3.0-slfo.1.1.2.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://xerces.apache.org/xerces-c/ | |
| Summary: Shared libraries for Xerces-c - a validating XML parser | |
Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0 recommendation and associated standards ( DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces). This package contains shared libraries.
Apache-2.0
* Fri Nov 01 2024 pgajdos@suse.com
- version update to 3.3.0
* no upstream changelog found, from git log:
* Add functions/properties for disallowing DOCTYPE (DTD) in SAX parsers
* XERCESC-2188 - Use-after-free on external DTD scan (CVE-2018-1311)
* Omit unnecessary getenv() call if DTD is disabled programmatically
* Fix NetAccessorTest to exit with non-zero status in case of error
- modified sources
% baselibs.conf
* Wed Sep 11 2024 martin.schreiner@suse.com
- Enable gnuiconv transcoder, permanent fix for bsc#1223088.
* Wed Dec 27 2023 dmueller@suse.com
- update to 3.2.5 (bsc#1159552, CVE-2018-1311):
* [XERCESC-2163] - XercesMessages_en_US.cat is installed to
wrong directory
* [XERCESC-2188] - Use-after-free on external DTD scan
* Wed Oct 26 2022 dmueller@suse.com
- update to 3.2.4:
* [XERCESC-2195] - Invalid attribute in .gitattributes file
* [XERCESC-2196] - cross-compiling issue
* [XERCESC-2214] - Wrong delete[] in MemBufInputSource dtor
* [XERCESC-2217] - ICUTranscoder::transcodeFrom buffer overflow
* [XERCESC-2218] - CurlURLInputStream constructor memory leak
* [XERCESC-2219] - XMLReader constructor: memory leak when refreshRawBuffer() throws
* [XERCESC-2221] - InMemMsgLoader::loadMsg(): fix memory leak when transcoding fails
* [XERCESC-2222] - DFAContentModel::checkUniqueParticleAttribution(): fix memory leak
* [XERCESC-2223] - SAX2XMLReaderImpl::error(): potential memory leak
* [XERCESC-2225] - Link to installed CMake targets of CURL
* [XERCESC-2227] - Memleak fixes in ContentSpecNode and ComplexTypeInfo classes
* [XERCESC-2228] - DFAContentModel: fix memory leaks when OutOfMemoryException occurs
* [XERCESC-2229] - IGXMLScanner::scanDocTypeDecl(): fix memory leak on exception
* [XERCESC-2230] - DFAContentModel::buildSyntaxTree(): fix memory leaks when OutOfMemoryException occurs
* [XERCESC-2235] - DFAContentModel::buildDFA(): correctly zero-initialize fFollowList
* [XERCESC-2236] - Dependencies aren't loaded when using provided CMake config package
* [XERCESC-2241] - Integer overflows in DFAContentModel class
* [XERCESC-2242] - Non-default curl location breaks autoconf link detection
* Sat Aug 15 2020 dmueller@suse.com
- update to 3.2.3:
* Custom HTTP headers missing with CURL NetAccessor
* Type Confusion from DTDGrammar to SchemaGrammar
* Patch to build with older GCC
* fix build without pthread
* XMLUTF8Transcoder: One multibyte UTF8 character is swallowed from the srcData when the resulting surrogate pair does not fit in toFill at the end
* Postpone freeing the memory being used by CURL
* Memory leak in ValueVectorOf
* There is an error in the parameters of the ThreadTtest8 script in Apache xerces-c++ XML's tests/script
* Incorrect symbolic links created for Linux static library and MacOS static and shared libraries
* invalid windows version check for `onXPOrLater`
* Handle surrogate pairs when reading a QName instead of ASSERTing
* Janitor.hpp fails to compile on Solaris with Solaris Studio 12.2 and 12.4
* undef symbols on HPUX for ArrayJanitor
* DOM tests crash on AIX
* XMLChar with NEED_TO_GEN_TABLE has 2 buffer out of bounds reads
* Including Xerces_autoconf_config.hpp on Windows fails due to undefined ssize_t
* Wed Feb 12 2020 tchvatal@suse.com
- Fixup rpmlint warning about installed Makefiles
* Tue Oct 02 2018 tchvatal@suse.com
- Fix the libname dependency in devel pkg, typo after libname
change
* Thu Sep 27 2018 tchvatal@suse.com
- Version update to 3.2.2:
* Fixes CVE-2017-12627 bsc#1083630
- Remove the switch to disable SSE2 on i586, we support pentium4 as
lowest and that has sse2
* Tue Jul 05 2016 tchvatal@suse.com
- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
* Mon Jun 27 2016 tchvatal@suse.com
- Use pkgconfig requires
- Disable "pretty" make to make it bit faster
- Fix the selfobsoleting provides/requires to silence rpmlint
- Use valid group for the docs
* Wed Jun 22 2016 jengelh@inai.de
- Resolve rpmlint warnings of type "version-control-internal-file"
* Tue Jun 21 2016 zawel1@gmail.com
- Update to 3.1.3
* bug fixes
+ memcpy used on overlapping memory regions causes sanity test failure
+ Typo in XMLUni::fgUnknownURIName constant
+ Buffer overruns in prolog parsing and error handling
- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
* Thu Jun 16 2016 pjanouch@suse.de
- added xerces-c-CVE-2016-2099.patch
Exception handling mistake causing use after free
(bsc#979208, CVE-2016-2099)
- xerces-c-CVE-2016-0729.patch
Fix for mishandling certain kinds of malformed input documents,
resulting in buffer overlows during processing and error reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. (bsc#966822, CVE-2016-0729)
* Mon Sep 28 2015 mpluskal@suse.com
- Update to 3.1.2
* bug fixes
+ Wrong temporary token type causes regex construction to fail
+ IGXMLScanner can fail to properly set its XSModel.
+ ICUTransService and IconvGNUransService CAN NOT deal with
huge file.
+ xsi:type is not applied to root element
+ Problem in prefix parsing while creating Documnet, Element,
Attributes on all platforms : Issue is in poolString creation
+ Whitespace in xsi:type
+ XMLUTF8Transcoder::transcodeTo fails with an exception when
transcoding single characters that require 3 or more bytes as
UTF8.
+ getWholeText leaks memory
+ Missing Libs.private in the xerces-c pkg-config file
+ XMLUni::fgXercesLoadSchema[] is not null-terminated in
XMLUni.cpp
+ XMLURL.cpp: isHexDigit() and xlatHexDigit() accept whole
alphabet
+ Xerces livelocks while reading external DTD if socket closes
prematurely
+ Memory leak occurs if an exception is thrown in
TranscodeToStr or TranscodeFromStr constructors
+ DOMDocumentImpl:: getPooledNString(const XMLCh *in,
XMLSize_t n) returns incorrect string
+ OutOfMemoryException being thrown on creation of an LS
Serializer
+ TranscodeToStr::transcode throws an exception when
transcoding to UTF-8
+ ContentSpecNode::getMaxTotalRange: Operator precedence
flaw
+ Add support for GNU/Hurd by using POSIX.1-2001 and
POSIX.1-2008 functions
+ enumeration value ‘Loop’ not handled in switch
src/SEnumVal/SEnumVal.cpp:
+ bit operation error in DOMNodeImpl::reverseTreeOrderBitPattern
+ build xerces-c with icu on mingw gcc 4.7.2
+ Xerces 3.1.1 Xerces.Lib fails to build with new Visual
Studio 2012 Update 1 when v110_xp platform is chosen
+ Off-by-one error in TranscodeFromStr (with ICU)
+ Use icu, which is built with features
+ LocalFileFormatTarget leaks file handle
+ Curl Checking
+ Janitor<BinInputStream>::~Janitor() throws in unwind
+ String pooling in DOMDocumentImpl is unsafe, particularly on
64-bit platforms
+ Code analysis revealed multiple potential NULL derefence
conditions (currently unconfirmed)
+ XMLString sizeToText/binToText produce mixed case
+ Crash while parsing malformed documents
* improvements
+ MacOSUnicodeConverter.cpp: ISO C++ forbids comparison
between pointer of type 'void *' and pointer-to-function
+ Allow compiling Xerces-C using C++11 (especially Clang)
+ VS2012 Project
* Thu Feb 19 2015 mpluskal@suse.com
- Use url for source
- Add gpg signature
- Use fdupes to remove duplicities in documentation
- Split documentation into separate package
- Use curl as netaccessor, necessary for proxy support
* Thu Dec 12 2013 zaitor@opensuse.org
- Add baselib.conf in order to build -32Bit.
* Sun Oct 20 2013 hrvoje.senjan@gmail.com
- Disable sse2 instructions on non x86_64 arches, bnc#846539
* Fri Apr 13 2012 behrisch@users.sourceforge.net
- updated to 3.1.1
* Check that we have non-NULL host before trying to connect (XERCESC-1920).
* Recover from the mismatching start/end even count which may happen when we continue parsing an invalid document (XERCESC-1919).
* If the transcoder doesn't process any input, throw an exception (XERCESC-1916).
* Delay the recursive expansion of includes until the document fragment has been placed in the final location (XERCESC-1918).
* The code formatting a content model was skipping the cardinality indicators (*, +, ?) (XERCESC-1914).
* Fix a few bugs and memory leaks in XInclude code.
* Give proper name to 64-bit PDB file in static build (XERCESC-1907).
* Spelling fixes (XERCESC-1911).
* Don't include cpuid.h if we are using intrin.h (XERCESC-1912).
* Fix socket leak.
* Set scanner object on validation context. Needed during QName validation. Don't re-validate default/fixed values in preContentValidation when called from loadGrammar. This values are already validated in TraverseSchema.
* Remove explicit setting of prefix for cloned elements and attributes since it is done properly by the create*() functions (XERCESC-1913).
* Initializing unitialized variables in TranscodeToStr and TranscodeFromStr (#XERCESC-1858).
* Fixed a bug when transcoding small strings using TranscodeToStr (XERCESC-1858).
* Sat Jan 28 2012 jengelh@medozas.de
- Remove redundant tags/sections per specfile guideline suggestions
- Parallel building using %_smp_mflags
- Restore missing pkgconfig provides
* Wed Oct 07 2009 prusnak@suse.cz
- fix provides and obsoletes [bnc#544957]
* Thu Aug 13 2009 prusnak@suse.cz
- fix CVE-2009-1885 (CVE-2009-1885.patch) [bnc#530708]
* Tue Mar 10 2009 prusnak@suse.cz
- updated to 3.0.1
* More robust handling of leading/trailing whitespaces (XERCESC-1838).
* Minor documentation updates, including a fix for XERCESC-1848.
* Add --disable-rpath configure option.
* Remove class name from method declaration (XERCESC-1850).
* Fix a bug in the socket and winsock net accessors when a redirection
response does not contain a "Location" header.
* Make XMLMutex use the correct MemoryManager when it closes it's mutex.
* Documentation fixes (XERCESC-1841).
* Backport fixes for memory leaks.
* Alberto Massari Force Borland projects to use CRLF EOL.
* The wrong constructor was called, causing a memory leak (XERCESC-1840).
* Fix memory leak (XERCESC-1834).
* Update URLs in source code to point to the new pages.
* Tue Mar 10 2009 prusnak@suse.cz
- updated to 3.0.0
* changes too numerous to list
- removed obsoleted patch:
* lib64.patch
* optflags.patch
* Mon Aug 18 2008 prusnak@suse.cz
- add -DNDEBUG to opt_flags
* Sun Aug 17 2008 ro@suse.de
- disable parallel build for now, breaks
* Thu Aug 14 2008 prusnak@suse.cz
- cleaned spec file (and renamed libXerces-c-28 to libXerces-c28)
* Mon Apr 07 2008 zpetrova@suse.CZ
- update to version 2.8.0
- this version should fix large number of bugs.
- Exponential growth of memory block (from 16KB to 128KB)
that are allocated by the DOM heap.
- The NODE_CLONED notification is now sent to each node's user data
handler when cloning the entire DOMDocument.
- Allow whitespace-only nodes to be added as children of a DOMDocument.
- When a node is cloned or imported the type information (PSVI)
is also copied.
* Tue Dec 18 2007 zpetrova@suse.cz
- fixed Required field for libXerces-c-27
* Mon Aug 06 2007 mrueckert@suse.de
- fixed file section for the devel package
- %post* scriptlets for ldconfig
* Mon Aug 06 2007 mrueckert@suse.de
- added provides/obsoletes for the package rename
* Mon Aug 06 2007 zpetrova@suse.cz
- branch/rename package according to Share library guidelines.
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Mon Jan 16 2006 zpetrova@suse.cz
- added -fno-strict-aliasing.
* Wed Jan 11 2006 zpetrova@suse.cz
- update to 2.7.0
* Fri Sep 09 2005 zpetrova@suse.cz
- endelementfix.patch - namespace bug (#114685)
* Tue Jan 11 2005 didge@suse.de
- update to 2.6.0
- build with icu libraries
- did some cleanup
* Thu Mar 18 2004 didge@suse.de
- fixed bug #36229 with patch, provided there
* Mon Feb 23 2004 didge@suse.de
- update to 2.5.0
* Sat Jan 17 2004 meissner@suse.de
- added missing include to fix gcc3.4 build.
* Sun Jan 04 2004 nashif@suse.de
- update to 2.4.0
* Tue Aug 26 2003 nashif@suse.de
- Reduced docs
* Sun Jul 27 2003 nashif@suse.de
- update to version 2.3.0
* Tue May 27 2003 nashif@suse.de
- Removed CVS files
* Fri May 16 2003 nashif@suse.de
- update to version 2.2.0
* Mon Jan 20 2003 nashif@suse.de
- update to version 2.1.0
* Fri May 17 2002 nashif@suse.de
- lib64 problems fixed: Now build on all architectures
* Wed May 15 2002 nashif@suse.de
- Java not needed for build
* Fri Apr 05 2002 nashif@suse.de
- Update to 1.70
* Tue Dec 11 2001 nashif@suse.de
- Update to version 1.60
* Mon Oct 29 2001 nashif@suse.de
- Update to latest version: 1.5.2
- Among others, this release contains the following fixes and
new features:
- Schema support
- DatatypeValidator support
- XMLDeleterFor related functions and data are removed.
Replace with XMLRegisterCleanup.
- Various bug fixes related to runConfigure
- Comment outside root element should also be reported.
- Added U+0110 to XMLEBCDICTranscoder.cpp's "Unicode to IBM037"
translation table.
- Add "Base64::encode" for encoding binary data.
- Performance: Use XMLBufBid instead of XMLBuffer directly for
better performance.
* Mon Oct 01 2001 nashif@suse.de
- Created sub-package doc
* Fri Aug 31 2001 nashif@suse.de
- Update to version 1.5.1
- This release includes various bug fixes and Schema support
* Mon May 07 2001 mfabian@suse.de
- bzip2 sources
* Tue Feb 27 2001 rolf@suse.de
- initial package 1.4.0 with devel subpackage
/usr/lib64/libxerces-c-3.3.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jan 30 23:52:29 2025