Custom Query (19676 matches)
Results (76 - 78 of 19676)
Ticket
|
Resolution
|
Summary
|
Owner
|
Reporter
|
#16161 |
fixed
|
libxml-2.9.13 (CVE-2022-23308)
|
blfs-book
|
Xi Ruoyao
|
Description |
Version 2.9.13 of libxml2 is available at:
https://download.gnome.org/sources/libxml2/2.9/
Note that starting with this release, libxml2 tarballs are published on download.gnome.org instead of ftp.xmlsoft.org.
# Security
- [CVE-2022-23308] Use-after-free of ID and IDREF attributes
- Use-after-free in xmlXIncludeCopyRange
- Fix null deref in xmlSchemaGetComponentTargetNs
- Fix memory leak in xmlXPathCompNodeTest
- Fix null pointer deref in xmlStringGetNodeList
- Fix several memory leaks found by Coverity
# Fixed regressions
- Fix regression in RelaxNG pattern matching
- Properly handle nested documents in xmlFreeNode
- Fix regression with PEs in external DTD
- Fix random dropping of characters on dumping ASCII encoded XML
- Revert "Make schema validation fail with multiple top-level elements"
- Fix regression when parsing invalid HTML tags in push mode
- Fix regression parsing public IDs literals in HTML
- Fix buffering in xmlOutputBufferWrite
- Fix whitespace when serializing empty HTML documents
- Fix XPath recursion limit
- Fix regression in xmlNodeDumpOutputInternal
- Work around lxml API abuse
# Bug fixes
- Fix xmlSetTreeDoc with entity references
- Fix double counting of CRLF in comments
- Make sure to grow input buffer in xmlParseMisc
- Don't ignore xmllint options after "-"
- Don't normalize namespace URIs in XPointer xmlns() scheme
- Fix handling of XSD with empty namespace
- Also register HTML document nodes
- Make xmllint return an error if arguments are missing
- Fix handling of ctxt->base in xmlXPtrEvalXPtrPart
- Fix xmllint --maxmem
- Fix htmlReadFd, which was using a mix of xml and html context functions
- Move current position before possible calling of ctxt->sax->characters
- Fix parse failure when 4-byte character in UTF-16 BE is split across a chunk
- Patch to forbid epsilon-reduction of final states
- Avoid segfault at exit when using custom memory functions
# Tests, code quality, fuzzing
- Remove .travis.yml
- Make xmlFuzzReadString return a zero size in error case
- Fix unused function warning in testapi.c
- Update NewsML DTD in test suite
- Add more checks for malloc failures in xmllint.c
- Avoid potential integer overflow in xmlstring.c
- Run CI tests with UBSan implicit-conversion checks
- Fix casting of line numbers in SAX2.c
- Fix integer conversion warnings in hash.c
- Add explicit casts in runtest.c
- Fix integer conversion warning in xmlIconvWrapper
- Add suffix to unsigned constant in xmlmemory.c
- Add explicit casts in testchar.c
- Fix integer conversion warnings in xmlstring.c
- Add explicit cast in xmlURIUnescapeString
- Remove unused variable in xmlCharEncOutFunc
# Build system, portability
- Remove xmlwin32version.h
- Fix fuzzer test with VPATH build
- Support custom prefix when installing Python module
- Remove Makefile.win
- Remove CVS and SVN-related code
- Port python 3.x module to Windows and improve distutils
- Correctly install the HTML examples into their subdirectory
- Refactor the settings of $docdir
- Remove unused configure checks
- python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS
- Fix check for libtool in autogen.sh
- Use version in configure.ac for CMake
- Add CMake alias targets for embedded projects
# Documentation
- Remove SVN keyword anchors
- Rework README
- Remove README.cvs-commits
- Remove old ChangeLog
- Update hyperlinks
- Remove README.docs
- Remove MAINTAINERS
- Remove xmltutorial.pdf
- Upload documentation to GitLab pages
- Document how to escape XML_CATALOG_FILES
- Fix libxml2.doap
- Update URL for libxml++ C++ binding
- Generate devhelp2 index file
- Mention XML_CATALOG_FILES is space-separated
- Add documentaiton for xmllint exit code 10
- Fix some validation errors in the FAQ
- Add instructions on how to use CMake to compile libxml
As now both the two main XML parsers in LFS/BLFS (expat and libxml) contain security fixes, I think the only rational way is make rc2.
|
#16266 |
fixed
|
libhandy-1.6.1
|
Bruce Dubbs
|
Xi Ruoyao
|
Description |
New minor version 1.6.
It's needed by #16249. (epiphany)
|
#16267 |
fixed
|
glib-2.72.0
|
Bruce Dubbs
|
Xi Ruoyao
|
Description |
New minor version.
|
Note:
See
TracQuery
for help on using queries.