Changes between Version 1 and Version 3 of Ticket #16161


Ignore:
Timestamp:
02/23/2022 07:35:50 PM (2 years ago)
Author:
Bruce Dubbs
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #16161 – Description

    v1 v3  
    1 {{{
    21Version 2.9.13 of libxml2 is available at:
    32
     
    65Note that starting with this release, libxml2 tarballs are published on download.gnome.org instead of ftp.xmlsoft.org.
    76
    8 ### Security
     7# Security
    98
    109- [CVE-2022-23308] Use-after-free of ID and IDREF attributes
    11   (Thanks to Shinji Sato for the report)
    12 - Use-after-free in xmlXIncludeCopyRange (David Kilzer)
    13 - Fix null deref in xmlSchemaGetComponentTargetNs (huangduirong)
     10- Use-after-free in xmlXIncludeCopyRange
     11- Fix null deref in xmlSchemaGetComponentTargetNs
    1412- Fix memory leak in xmlXPathCompNodeTest
    1513- Fix null pointer deref in xmlStringGetNodeList
    16 - Fix several memory leaks found by Coverity (David King)
     14- Fix several memory leaks found by Coverity
    1715
    18 ### Fixed regressions
     16# Fixed regressions
    1917
    2018- Fix regression in RelaxNG pattern matching
    2119- Properly handle nested documents in xmlFreeNode
    2220- Fix regression with PEs in external DTD
    23 - Fix random dropping of characters on dumping ASCII encoded XML (Mohammad
    24   Razavi)
     21- Fix random dropping of characters on dumping ASCII encoded XML
    2522- Revert "Make schema validation fail with multiple top-level elements"
    2623- Fix regression when parsing invalid HTML tags in push mode
     
    3229- Work around lxml API abuse
    3330
    34 ### Bug fixes
     31# Bug fixes
    3532
    3633- Fix xmlSetTreeDoc with entity references
     
    4542- Fix xmllint --maxmem
    4643- Fix htmlReadFd, which was using a mix of xml and html context functions
    47   (Finn Barber)
    4844- Move current position before possible calling of ctxt->sax->characters
    49   (Yulin Li)
    5045- Fix parse failure when 4-byte character in UTF-16 BE is split across a chunk
    51   (David Kilzer)
    52 - Patch to forbid epsilon-reduction of final states (Arne Becker)
    53 - Avoid segfault at exit when using custom memory functions (Mike Dalessio)
     46- Patch to forbid epsilon-reduction of final states
     47- Avoid segfault at exit when using custom memory functions
    5448
    55 ### Tests, code quality, fuzzing
     49# Tests, code quality, fuzzing
    5650
    5751- Remove .travis.yml
     
    7064- Fix integer conversion warnings in xmlstring.c
    7165- Add explicit cast in xmlURIUnescapeString
    72 - Remove unused variable in xmlCharEncOutFunc (David King)
     66- Remove unused variable in xmlCharEncOutFunc
    7367
    74 ### Build system, portability
     68# Build system, portability
    7569
    7670- Remove xmlwin32version.h
     
    7973- Remove Makefile.win
    8074- Remove CVS and SVN-related code
    81 - Port python 3.x module to Windows and improve distutils (Chun-wei Fan)
    82 - Correctly install the HTML examples into their subdirectory (Mattia Rizzolo)
    83 - Refactor the settings of $docdir (Mattia Rizzolo)
    84 - Remove unused configure checks (Ben Boeckel)
    85 - python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS (Sam James)
     75- Port python 3.x module to Windows and improve distutils
     76- Correctly install the HTML examples into their subdirectory
     77- Refactor the settings of $docdir
     78- Remove unused configure checks
     79- python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS
    8680- Fix check for libtool in autogen.sh
    87 - Use version in configure.ac for CMake (Timothy Lyanguzov)
    88 - Add CMake alias targets for embedded projects (Markus Rickert)
     81- Use version in configure.ac for CMake
     82- Add CMake alias targets for embedded projects
    8983
    90 ### Documentation
     84# Documentation
    9185
    9286- Remove SVN keyword anchors
     
    10195- Document how to escape XML_CATALOG_FILES
    10296- Fix libxml2.doap
    103 - Update URL for libxml++ C++ binding (Kjell Ahlstedt)
    104 - Generate devhelp2 index file (Emmanuele Bassi)
    105 - Mention XML_CATALOG_FILES is space-separated (Jan Tojnar)
    106 - Add documentaiton for xmllint exit code 10 (Rainer Canavan)
    107 - Fix some validation errors in the FAQ (David King)
    108 - Add instructions on how to use CMake to compile libxml (Markus Rickert)
    109 }}}
     97- Update URL for libxml++ C++ binding
     98- Generate devhelp2 index file
     99- Mention XML_CATALOG_FILES is space-separated
     100- Add documentaiton for xmllint exit code 10
     101- Fix some validation errors in the FAQ
     102- Add instructions on how to use CMake to compile libxml
     103
    110104
    111105As now both the two main XML parsers in LFS/BLFS (expat and libxml) contain security fixes, I think the only rational way is make rc2.