| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libxslt-tools | Distribution: openSUSE:Leap:15.2:PowerPC / ports |
| Version: 1.1.32 | Vendor: openSUSE |
| Release: lp152.5.1 | Build date: Fri May 29 22:22:42 2020 |
| Group: Development/Tools/Other | Build host: obs-power9-06 |
| Size: 138008 | Source RPM: libxslt-1.1.32-lp152.5.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: http://xmlsoft.org/XSLT/ | |
| Summary: Extended Stylesheet Language (XSL) Transformation utilities | |
This package contains xsltproc, a command line interface to the XSLT engine. xtend the
MIT AND GPL-2.0+
* Mon Oct 21 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Security fix [bsc#1154609, CVE-2019-18197]
* Fix dangling pointer in xsltCopyText
* Add libxslt-CVE-2019-18197.patch
* Tue Jul 02 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Security fix: [bsc#1140101, CVE-2019-13118]
* Fix uninitialized read with UTF-8 grouping chars. Read of
uninitialized stack data due to too narrow xsl:number
instruction and an invalid character
* Added libxslt-CVE-2019-13118.patch
* Tue Jul 02 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Security fix: [bsc#1140095, CVE-2019-13117]
* Fix uninitialized read of xsl:number token. An xsl number with
certain format strings could lead to a uninitialized read in
xsltNumberFormatInsertNumbers
* Added libxslt-CVE-2019-13117.patch
* Thu Apr 11 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Security fix: [bsc#1132160, CVE-2019-11068]
* Bypass of a protection mechanism because callers of xsltCheckRead
and xsltCheckWrite permit access even upon receiving a -1 error
code. xsltCheckRead can return -1 for a crafted URL that is not
actually invalid and is subsequently loaded.
* Added libxslt-CVE-2019-11068.patch
* Wed Nov 08 2017 vcizek@suse.com
- Update to version 1.1.32
* fixes xml-config detection regression (boo#1066525)
* Thu Oct 19 2017 pmonrealgonzalez@suse.com
- Update to version 1.1.30 [bsc#1063934]
* Documentation:
- Misc doc fixes
* Portability:
- Look for libxml2 via pkg-config first
* Bug Fixes:
- Also fix memory hazards in exsltFuncResultElem
- Fix NULL deref in xsltDefaultSortFunction
- Fix memory hazards in exsltFuncFunctionFunction
- Fix memory leaks in EXSLT error paths
- Fix memory leak in str:concat with empty node-set
- Fix memory leaks in error paths
- Switch to xmlUTF8Strsize in numbers.c
- Fix NULL pointer deref in xsltFormatNumberFunction
- Fix UTF-8 check in str:padding
- Fix xmlStrPrintf argument
- Check for overflow in _exsltDateParseGYear
- Fix double to int conversion
- Check for overflow in exsltDateParseDuration
- Change version of xsltMaxVars back to 1.0.24
- Disable xsltCopyTextString optimization for extensions
- Create DOCTYPE for HTML version 5
- Make xsl:decimal-format work with namespaces
- Remove norm:localTime extension function
- Check for integer overflow in xsltAddTextString
- Detect infinite recursion when evaluating function arguments
- Fix memory leak in xsltElementAvailableFunction
- Fix for pattern predicates calling functions
- Fix cmd.exe invocations in Makefile.mingw
- Don't try to install index.sgml
- Fix symbols.xml
- Fix heap overread in xsltFormatNumberConversion
- Fix <xsl:number level="any"/> for non-element nodes
- Fix unreachable code in xsltAddChild
- Change version number in xsl:version warning
- Avoid infinite recursion after failed param evaluation
- Stop if potential recursion is detected
- Consider built-in templates in apply-imports
- Fix precedence with multiple attribute sets
- Rework attribute set resolution
* Improvements:
- Silence tests a little
- Set LIBXML_SRC to absolute path
- Add missing #include
- Adjust expected error messages in tests
- Make xsltDebug more quiet
- New-line terminate error message that missed this convention
- Use xmlBuffers in EXSLT string functions
- Switch to xmlUTF8Strsize in EXSLT string functions
- Check for return value of xmlUTF8Strlen
- Avoid double/long round trip in FORMAT_ITEM
- Separate date and duration structs
- Check for overflow in _exsltDateDifference
- Clamp seconds field of durations
- Change _exsltDateAddDurCalc parameter types
- Fix date:difference with time zones
- Rework division/remainder arithmetic in date.c
- Remove exsltDateCastDateToNumber
- Change internal representation of years
- Optimize IS_LEAP
- Link libraries with libm
- Rename xsltCopyTreeInternal to xsltCopyTree
- Update linker version script
- Add local wildcard to version script
- Make some symbols static
- Remove redundant NULL check in xsltNumberComp
- Fix forwards compatibility for imported stylesheets
- Reduce warnings in forwards-compatible mode
- Precompute XSLT elements after preprocessing
- Fix whitespace in xsltParseStylesheetTop
- Consolidate recursion checks
- Treat XSLT_STATE_STOPPED same as errors
- Make sure that XSLT_STATE_STOPPED isn't overwritten
- Add comment regarding built-in templates and params
- Rewrite memory management of local RVTs
- Validate QNames of attribute sets
- Add xsl:attribute-set regression tests
- Ignore imported stylesheets in xsltApplyAttributeSet
- Dropped patches fixed upstream
* libxslt-CVE-2016-4738.patch
* libxslt-1.1.28-CVE-2017-5029.patch
* Mon Sep 11 2017 jengelh@inai.de
- Fix RPM groups. Drop ineffective --with-pic.
Trim conjecture from description.
* Fri Jul 28 2017 mpluskal@suse.com
- Add gpg signature
- Cleanup spec file with spec-cleaner
* Tue Apr 25 2017 pmonrealgonzalez@suse.com
- Fixed CVE-2017-5029 bcs#1035905
* Limit buffer size in xsltAddTextString to INT_MAX
- Added patch libxslt-1.1.28-CVE-2017-5029.patch
* Wed Apr 05 2017 pgajdos@suse.com
- security update: initialize random generator, CVE-2015-9019
[bsc#934119]
+ libxslt-random-seed.patch
* Mon Mar 13 2017 pmonrealgonzalez@suse.com
- Added patch libxslt-CVE-2016-4738.patch
* Fix heap overread in xsltFormatNumberConversion: An empty
decimal-separator could cause a heap overread. This can be
exploited to leak a couple of bytes after the buffer that holds
the pattern string.
* bsc#1005591 CVE-2016-4738
* Sat Jun 11 2016 tchvatal@suse.com
- Update to 1.1.29:
* new release after 4 years with few bugfies all around
- Refresh patch 0009-Make-generate-id-deterministic.patch to apply
- Remove cve patch that was integrated upstream:
libxslt-1.1.28-type_confusion_preprocess_attr.patch
- Unpack the manpage as the compression is set by buildbot not always gz
* Fri May 20 2016 kstreitova@suse.com
- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
type confusion in preprocessing attributes [bnc#952474],
[CVE-2015-7995]
* Thu Apr 09 2015 suse@microstep-mis.com
- fix package with "soname" should obsolete libxslt package on suse < 12.2 (SLE11)
* Sun Feb 01 2015 coolo@suse.com
- add 0009-Make-generate-id-deterministic.patch from debian's
reproducible builds project to avoid randomness in generated IDs
/usr/bin/xsltproc /usr/share/doc/packages/libxslt-tools /usr/share/doc/packages/libxslt-tools/AUTHORS /usr/share/doc/packages/libxslt-tools/Copyright /usr/share/doc/packages/libxslt-tools/FEATURES /usr/share/doc/packages/libxslt-tools/NEWS /usr/share/doc/packages/libxslt-tools/README /usr/share/doc/packages/libxslt-tools/TODO /usr/share/licenses/libxslt-tools /usr/share/licenses/libxslt-tools/COPYING /usr/share/man/man1/xsltproc.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 12:13:28 2024