Group :: Sistema/Base
RPM: expat
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
29 outubro 2022 Vladimir D. Seleznev <vseleznv at altlinux.org> 2.5.0-alt1
- Updated to 2.5.0 (fixes: CVE-2022-43680 Fix heap use-after-free after
overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate
in out-of-memory situations, DoS or potentially ACE).
- Updated to 2.4.9 (fixes: CVE-2022-40674 Heap use-after-free vulnerability in
function doContent).
- Updated to 2.4.7 (relax fix to CVE-2022-25236).
- Updated to 2.4.6 (fixes: CVE-2022-25235, CVE-2022-25236, CVE-2022-25313,
CVE-2022-25314 and CVE-2022-25315).
- Updated to 2.4.4 (fixes: CVE-2022-23852 and CVE-2022-23990).
- Updated to 2.4.3 (with multiple security fixes).
- Fixes:
+ CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
can lead to realloc misbehavior;
+ CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
+ CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
+ CVE-2022-22823 Integer overflows near memory allocation in function build_model;
+ CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
+ CVE-2022-22825 Integer overflows near memory allocation in function lookup;
+ CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
+ CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
- Fixed cmake macros (closes #41571).
- Updated to 2.4.1.
- Updated to 2.2.10.
- 2.2.4 -> 2.2.9 (fixes CVE-2018-20843 and CVE-2019-15903)
- Fixed license field according with SPDX
- 2.1.0 -> 2.2.4
- Updated to 2.1.0.
- Stopped build and packaging of libexpat-devel-static.
- relocated shared library from /usr/lib to /lib
- backported more bugfixes from cvs
- enabled "make check"
- Fixed build with fresh libtool.
- backported from cvs:
- parser crash with specially formatted UTF-8 sequences (expat-Bugs-1990430)
- xmlwf should return a non-zero code for parsing errors (expat-Bugs-2517938)
- updated to 2.0.1 release
- removed ldconfig scriptlets
- updated to 20061213 cvs snapshot
- Fixed recently added Provides for x86_64.
- Added triggerpostun to correct libexpat.so.0 symlink after an upgrade
from a pre-2.0 version
- Provide libexpat.so.0 as a symlink for backward compatibility
- 2.0.0
- Consolidated documentation in one directory
- Improved summaries and descriptions
- Buildreq
- Formal rebuild to bring static library to Sisyphus [bug #6087]
- New upstream release
- Excluded *.la files
- New upstream release
- Patch0 is now obsolete
- Relocate an enum declaration for better buildability (Vitaly Lipatov)
[Patch0]
- 1.95.6
- 1.95.5
- new version
- rebuilt with gcc-3.2.1
- Fixed build.
- 1.95.2
- Libification.
- 1.95.1
- Included new summaries and descriptions
(from Alexander Bokovoy <ab@avilink.net>).
- RE adaptions.
- FHSification.
- Moved library and headers to devel subpackage.
- Fandra adaptions.
- Made spec file
- Built on redhat 6.0