1Summary: Library providing XML and HTML support 2Name: libxml2 3Version: 2.9.14 4Release: 9 5License: MIT 6Group: Development/Libraries 7Source: https://download.gnome.org/sources/%{name}/2.9/%{name}-%{version}.tar.xz 8 9Patch0: libxml2-multilib.patch 10Patch1: Fix-memleaks-in-xmlXIncludeProcessFlags.patch 11Patch2: Fix-memory-leaks-for-xmlACatalogAdd.patch 12Patch3: Fix-memory-leaks-in-xmlACatalogAdd-when-xmlHashAddEntry-failed.patch 13Patch4: backport-CVE-2022-40303-Fix-integer-overflows-with-XML_PARSE_.patch 14Patch5: backport-CVE-2022-40304-Fix-dict-corruption-caused-by-entity-.patch 15Patch6: backport-schemas-Fix-null-pointer-deref-in-xmlSchemaCheckCOSS.patch 16Patch7: backport-parser-Fix-potential-memory-leak-in-xmlParseAttValue.patch 17 18Patch6000: backport-Add-whitespace-folding-for-some-atomic-data-types-th.patch 19Patch6001: backport-Properly-fold-whitespace-around-the-QName-value-when.patch 20Patch6002: backport-Avoid-arithmetic-on-freed-pointers.patch 21Patch6003: backport-fix-xmlXPathParserContext-could-be-double-delete-in-.patch 22Patch6004: backport-Use-UPDATE_COMPAT-consistently-in-buf.c.patch 23Patch6005: backport-Restore-behavior-of-htmlDocContentDumpFormatOutput.patch 24Patch6006: backport-Fix-use-after-free-bugs-when-calling-xmlTextReaderCl.patch 25Patch6007: backport-Use-xmlNewDocText-in-xmlXIncludeCopyRange.patch 26Patch6008: backport-xmlBufAvail-should-return-length-without-including-a.patch 27Patch6009: backport-Fix-integer-overflow-in-xmlBufferDump.patch 28Patch6010: backport-Fix-missing-NUL-terminators-in-xmlBuf-and-xmlBuffer-.patch 29Patch6011: backport-Reserve-byte-for-NUL-terminator-and-report-errors-co.patch 30Patch6012: backport-Fix-unintended-fall-through-in-xmlNodeAddContentLen.patch 31Patch6013: backport-Don-t-reset-nsDef-when-changing-node-content.patch 32Patch6014: backport-Avoid-double-free-if-malloc-fails-in-inputPush.patch 33Patch6015: backport-Fix-memory-leak-in-xmlLoadEntityContent-error-path.patch 34Patch6016: backport-Reset-nsNr-in-xmlCtxtReset.patch 35Patch6017: backport-Fix-htmlReadMemory-mixing-up-XML-and-HTML-functions.patch 36Patch6018: backport-Don-t-initialize-SAX-handler-in-htmlReadMemory.patch 37Patch6019: backport-Fix-HTML-parser-with-threads-and-without-legacy.patch 38Patch6020: backport-Fix-xmlCtxtReadDoc-with-encoding.patch 39Patch6021: backport-Use-xmlStrlen-in-CtxtReadDoc.patch 40Patch6022: backport-Create-stream-with-buffer-in-xmlNewStringInputStream.patch 41Patch6023: backport-Use-xmlStrlen-in-xmlNewStringInputStream.patch 42Patch6024: backport-Fix-memory-leak-with-invalid-XSD.patch 43Patch6025: backport-Make-XPath-depth-check-work-with-recursive-invocatio.patch 44Patch6026: backport-Fix-overflow-check-in-SAX2.c.patch 45Patch6027: backport-xinclude-Fix-memory-leak-when-fuzzing.patch 46Patch6028: backport-xinclude-Fix-more-memory-leaks-in-xmlXIncludeLoadDoc.patch 47Patch6029: backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch 48Patch6030: backport-malloc-fail-Fix-memory-leak-in-xmlCreatePushParserCt.patch 49Patch6031: backport-malloc-fail-Fix-memory-leak-in-xmlStaticCopyNodeList.patch 50Patch6032: backport-malloc-fail-Fix-memory-leak-in-xmlNewPropInternal.patch 51Patch6033: backport-malloc-fail-Fix-memory-leak-in-xmlNewDocNodeEatName.patch 52Patch6034: backport-malloc-fail-Fix-infinite-loop-in-xmlSkipBlankChars.patch 53Patch6035: backport-malloc-fail-Fix-memory-leak-in-xmlSAX2ExternalSubset.patch 54Patch6036: backport-malloc-fail-Fix-memory-leak-in-xmlParseReference.patch 55Patch6037: backport-malloc-fail-Fix-use-after-free-in-xmlXIncludeAddNode.patch 56Patch6038: backport-malloc-fail-Fix-memory-leak-in-xmlStringGetNodeList.patch 57Patch6039: backport-parser-Fix-error-message-in-xmlParseCommentComplex.patch 58Patch6040: backport-io-Fix-buffer-full-error-with-certain-buffer-sizes.patch 59Patch6041: backport-reader-Switch-to-xmlParserInputBufferCreateMem.patch 60Patch6042: backport-uri-Allow-port-without-host.patch 61Patch6043: backport-parser-Fix-consumed-accounting-when-switching-encodi.patch 62Patch6044: backport-html-Fix-check-for-end-of-comment-in-push-parser.patch 63Patch6045: backport-parser-Fix-push-parser-with-1-3-byte-initial-chunk.patch 64 65Patch6047: backport-parser-Restore-parser-state-in-xmlParseCDSect.patch 66Patch6048: backport-parser-Remove-dangerous-check-in-xmlParseCharData.patch 67Patch6049: backport-parser-Don-t-call-DefaultSAXHandlerInit-from-xmlInit.patch 68Patch6050: backport-Correctly-relocate-internal-pointers-after-realloc.patch 69Patch6051: backport-Avoid-creating-an-out-of-bounds-pointer-by-rewriting.patch 70Patch6052: backport-error-Make-sure-that-error-messages-are-valid-UTF-8.patch 71Patch6053: backport-io-Check-for-memory-buffer-early-in-xmlParserInputGrow.patch 72Patch6054: backport-io-Remove-xmlInputReadCallbackNop.patch 73Patch6055: backport-Revert-uri-Allow-port-without-host.patch 74Patch6056: backport-xmlParseStartTag2-contains-typo-when-checking-for-default.patch 75Patch6057: backport-parser-Fix-integer-overflow-of-input-ID.patch 76Patch6058: backport-parser-Don-t-increase-depth-twice-when-parsing-internal.patch 77Patch6059: backport-xpath-number-should-return-NaN.patch 78Patch6060: backport-error-Don-t-move-past-current-position.patch 79Patch6061: backport-malloc-fail-Handle-memory-errors-in-xmlTextReaderEntPush.patch 80Patch6062: backport-malloc-fail-Fix-infinite-loop-in-xmlParseTextDecl.patch 81Patch6063: backport-malloc-fail-Fix-null-deref-in-xmlAddDefAttrs.patch 82Patch6064: backport-malloc-fail-Fix-null-deref-if-growing-input-buffer-fails.patch 83Patch6065: backport-malloc-fail-Fix-null-deref-in-xmlSAX2AttributeInternal.patch 84Patch6066: backport-malloc-fail-Fix-null-deref-in-xmlBufResize.patch 85Patch6067: backport-buf-Fix-return-value-of-xmlBufGetInputBase.patch 86Patch6068: backport-malloc-fail-Don-t-call-xmlErrMemory-in-xmlstring.c.patch 87Patch6069: backport-malloc-fail-Fix-reallocation-in-inputPush.patch 88Patch6070: backport-malloc-fail-Fix-use-after-free-in-xmlParseStartTag2.patch 89Patch6071: backport-malloc-fail-Add-error-checks-in-xmlXPathEqualValuesCommon.patch 90Patch6072: backport-malloc-fail-Add-error-check-in-xmlXPathEqualNodeSetFloat.patch 91Patch6073: backport-malloc-fail-Fix-error-check-in-xmlXPathCompareValues.patch 92Patch6074: backport-malloc-fail-Record-malloc-failure-in-xmlXPathCompLiteral.patch 93Patch6075: backport-malloc-fail-Check-return-value-of-xmlXPathNodeSetDupNs.patch 94Patch6076: backport-malloc-fail-Fix-null-deref-in-xmlXIncludeLoadTxt.patch 95Patch6077: backport-malloc-fail-Fix-reallocation-in-xmlXIncludeNewRef.patch 96Patch6078: backport-xinclude-Fix-quadratic-behavior-in-xmlXIncludeLoadTx.patch 97Patch6079: backport-malloc-fail-Fix-memory-leak-in-xmlParserInputBufferCreateMem.patch 98Patch6080: backport-malloc-fail-Check-for-malloc-failure-in-xmlFindCharEncodingHandler.patch 99Patch6081: backport-malloc-fail-Fix-leak-of-xmlCharEncodingHandler.patch 100Patch6082: backport-malloc-fail-Fix-memory-leak-in-xmlParseEntityDecl.patch 101Patch6083: backport-encoding-Cast-toupper-argument-to-unsigned-char.patch 102Patch6084: backport-malloc-fail-Fix-memory-leak-in-xmlXPathCompareValues.patch 103Patch6085: backport-malloc-fail-Fix-memory-leak-in-xmlXPathTryStreamCompile.patch 104Patch6086: backport-malloc-fail-Fix-memory-leak-after-calling-valuePush.patch 105Patch6087: backport-malloc-fail-Fix-memory-leak-after-calling-xmlXPathWrapNodeSet.patch 106Patch6088: backport-malloc-fail-Fix-memory-leak-in-xmlXIncludeAddNode.patch 107Patch6089: backport-malloc-fail-Fix-memory-leak-after-xmlRegNewState.patch 108Patch6090: backport-malloc-fail-Fix-memory-leak-in-xmlSAX2StartElementNs.patch 109Patch6091: backport-malloc-fail-Fix-memory-leak-in-xmlGetDtdElementDesc2.patch 110Patch6092: backport-malloc-fail-Fix-memory-leak-in-xmlDocDumpFormatMemoryEnc.patch 111Patch6093: backport-malloc-fail-Fix-infinite-loop-in-htmlParseStartTag1.patch 112Patch6094: backport-malloc-fail-Fix-memory-leak-in-xmlXIncludeLoadTxt.patch 113Patch6095: backport-malloc-fail-Fix-memory-leak-in-xmlCopyPropList.patch 114Patch6096: backport-malloc-fail-Fix-memory-leak-after-calling-xmlXPathNodeSetMerge.patch 115Patch6097: backport-malloc-fail-Fix-memory-leak-after-calling-xmlXPathWrapString.patch 116Patch6098: backport-malloc-fail-Fix-memory-leak-in-xmlXPathEqualValuesCommon.patch 117Patch6099: backport-malloc-fail-Fix-memory-leak-in-htmlCreateMemoryParserCtxt.patch 118Patch6100: backport-malloc-fail-Fix-memory-leak-in-htmlCreatePushParserCtxt.patch 119Patch6101: backport-malloc-fail-Fix-infinite-loop-in-htmlParseContentInternal.patch 120Patch6102: backport-malloc-fail-Fix-infinite-loop-in-htmlParseStartTag2.patch 121Patch6103: backport-malloc-fail-Fix-null-deref-in-htmlnamePush.patch 122Patch6104: backport-malloc-fail-Fix-infinite-loop-in-htmlParseDocTypeDecl.patch 123Patch6105: backport-malloc-fail-Fix-error-code-in-htmlParseChunk.patch 124Patch6106: backport-malloc-fail-Fix-memory-leak-in-xmlFAParseCharProp.patch 125Patch6107: backport-malloc-fail-Fix-leak-of-xmlRegAtom.patch 126Patch6108: backport-malloc-fail-Fix-memory-leak-in-xmlRegexpCompile.patch 127Patch6109: backport-malloc-fail-Fix-OOB-read-after-xmlRegGetCounter.patch 128Patch6110: backport-parser-Fix-OOB-read-when-formatting-error-message.patch 129Patch6111: backport-malloc-fail-Fix-memory-leak-in-xmlXPathEqualNodeSetF.patch 130Patch6112: backport-malloc-fail-Fix-use-after-free-related-to-xmlXPathNo.patch 131Patch6113: backport-regexp-Add-sanity-check-in-xmlRegCalloc2.patch 132Patch6114: backport-malloc-fail-Fix-null-deref-in-xmlXPathCompiledEvalIn.patch 133Patch6115: backport-malloc-fail-Fix-null-deref-after-xmlPointerListAddSi.patch 134Patch6116: backport-malloc-fail-Fix-memory-leak-in-xmlGetNsList.patch 135Patch6117: backport-malloc-fail-Check-for-malloc-failure-in-xmlHashAddEn.patch 136Patch6118: backport-malloc-fail-Fix-memory-leak-in-xmlXPathCacheNewNodeS.patch 137Patch6119: backport-malloc-fail-Fix-memory-leak-in-xmlXPathDistinctSorte.patch 138Patch6120: backport-xpath-Fix-harmless-integer-overflow-in-xmlXPathTrans.patch 139Patch6121: backport-malloc-fail-Fix-memory-leak-in-xmlXPathNameFunction.patch 140Patch6122: backport-malloc-fail-Fix-memory-leak-in-xmlSchemaItemListAddS.patch 141Patch6123: backport-malloc-fail-Fix-null-deref-in-xmlGet-Min-Max-Occurs.patch 142Patch6124: backport-malloc-fail-Fix-null-deref-in-xmlSchemaValAtomicType.patch 143Patch6125: backport-malloc-fail-Fix-null-deref-in-xmlSchemaInitTypes.patch 144Patch6126: backport-malloc-fail-Fix-memory-leak-in-xmlSchemaParse.patch 145Patch6127: backport-malloc-fail-Fix-memory-leak-in-xmlCopyNamespaceList.patch 146Patch6128: backport-malloc-fail-Fix-another-memory-leak-in-xmlSchemaBuck.patch 147Patch6129: backport-malloc-fail-Fix-null-deref-in-xmlSchemaParseUnion.patch 148Patch6130: backport-malloc-fail-Fix-memory-leak-in-WXS_ADD_-LOCAL-GLOBAL.patch 149Patch6131: backport-malloc-fail-Fix-memory-leak-in-xmlSchemaBucketCreate.patch 150Patch6132: backport-malloc-fail-Fix-null-deref-in-xmlSchemaParseWildcard.patch 151Patch6133: backport-malloc-fail-Fix-type-confusion-after-xmlSchemaFixupT.patch 152Patch6134: backport-malloc-fail-Fix-null-deref-after-xmlSchemaItemList-A.patch 153Patch6135: backport-malloc-fail-Fix-null-deref-after-xmlSchemaCompareDat.patch 154Patch6136: backport-malloc-fail-Fix-memory-leak-in-xmlSchemaParseUnion.patch 155Patch6137: backport-malloc-fail-Fix-memory-leak-in-xmlXPathRegisterNs.patch 156Patch6138: backport-catalog-Fix-memory-leaks.patch 157 158Patch6139: backport-CVE-2023-29469.patch 159Patch6140: backport-CVE-2023-28484.patch 160 161Patch6141: backport-valid-Allow-xmlFreeValidCtxt-NULL.patch 162Patch6142: backport-parser-Use-size_t-when-subtracting-input-buffer-poin.patch 163Patch6143: backport-malloc-fail-Fix-null-deref-in-xmlParserInputShrink.patch 164Patch6144: backport-xmllint-Fix-memory-leak-with-pattern-stream.patch 165Patch6145: backport-xzlib-Fix-implicit-sign-change-in-xz_open.patch 166Patch6146: backport-html-Fix-quadratic-behavior-in-htmlParseTryOrFinish.patch 167Patch6147: backport-valid-Make-xmlValidateElement-non-recursive.patch 168Patch6148: backport-malloc-fail-Fix-buffer-overread-in-htmlParseScript.patch 169Patch6149: backport-malloc-fail-Add-more-error-checks-when-parsing-names.patch 170Patch6150: backport-malloc-fail-Add-error-check-in-htmlParseHTMLAttribut.patch 171Patch6151: backport-parser-Limit-name-length-in-xmlParseEncName.patch 172Patch6152: backport-encoding-Fix-error-code-in-asciiToUTF8.patch 173Patch6153: backport-malloc-fail-Fix-buffer-overread-with-HTML-doctype-de.patch 174Patch6154: backport-parser-Fix-regression-in-xmlParserNodeInfo-accountin.patch 175Patch6155: backport-regexp-Fix-cycle-check-in-xmlFAReduceEpsilonTransiti.patch 176Patch6156: backport-regexp-Fix-checks-for-eliminated-transitions.patch 177Patch6157: backport-regexp-Fix-determinism-checks.patch 178Patch6158: backport-regexp-Fix-mistake-in-previous-commit.patch 179Patch6159: backport-regexp-Fix-null-deref-in-xmlFAFinishReduceEpsilonTra.patch 180Patch6160: backport-hash-Fix-possible-startup-crash-with-old-libxslt-ver.patch 181Patch6161: backport-parser-Fix-old-SAX1-parser-with-custom-callbacks.patch 182Patch6162: backport-xmllint-Fix-use-after-free-with-maxmem.patch 183Patch6163: backport-malloc-fail-Check-for-malloc-failures-when-creating.patch 184Patch6164: backport-malloc-fail-Fix-buffer-overread-after-htmlParseScrip.patch 185Patch6165: backport-xmlValidatePopElement-can-return-invalid-value-1.patch 186Patch6166: backport-Fix-use-after-free-in-xmlParseContentInternal.patch 187Patch6167: backport-malloc-fail-Fix-null-deref-after-xmlXIncludeNewRef.patch 188 189Patch6168: backport-xpath-Ignore-entity-ref-nodes-when-computing-node-ha.patch 190Patch6169: backport-SAX-Always-initialize-SAX1-element-handlers.patch 191Patch6170: backport-CVE-2023-45322.patch 192 193BuildRoot: %{_tmppath}/%{name}-%{version}-root 194BuildRequires: python3-devel 195BuildRequires: zlib-devel 196BuildRequires: pkgconfig 197BuildRequires: xz-devel 198BuildRequires: libtool 199URL: http://xmlsoft.org/ 200 201%description 202This library allows to manipulate XML files. It includes support 203to read, modify and write XML and HTML files. There is DTDs support 204this includes parsing and validation even with complex DtDs, either 205at parse time or later once the document has been modified. The output 206can be a simple SAX stream or and in-memory DOM like representations. 207In this case one can use the built-in XPath and XPointer implementation 208to select sub nodes or ranges. A flexible Input/Output mechanism is 209available, with existing HTTP and FTP modules and combined to an 210URI library. 211 212%package devel 213Summary: Libraries, includes, etc. to develop XML and HTML applications 214Group: Development/Libraries 215Requires: libxml2 = %{version}-%{release} 216Requires: zlib-devel 217Requires: xz-devel 218Requires: pkgconfig 219Obsoletes: %{name}-static < %{version}-%{release} 220Provides: %{name}-static 221 222%description devel 223Libraries, include files, etc you can use to develop XML applications. 224This library allows to manipulate XML files. It includes support 225to read, modify and write XML and HTML files. There is DTDs support 226this includes parsing and validation even with complex DtDs, either 227at parse time or later once the document has been modified. The output 228can be a simple SAX stream or and in-memory DOM like representations. 229In this case one can use the built-in XPath and XPointer implementation 230to select sub nodes or ranges. A flexible Input/Output mechanism is 231available, with existing HTTP and FTP modules and combined to an 232URI library. 233 234%package -n python3-%{name} 235Summary: Python 3 bindings for the libxml2 library 236Group: Development/Libraries 237Requires: libxml2 = %{version}-%{release} 238Obsoletes: %{name}-python3 < %{version}-%{release} 239Provides: %{name}-python3 = %{version}-%{release} 240 241%description -n python3-%{name} 242The libxml2-python3 package contains a Python 3 module that permits 243applications written in the Python programming language, version 3, to use the 244interface supplied by the libxml2 library to manipulate XML files. 245 246This library allows to manipulate XML files. It includes support 247to read, modify and write XML and HTML files. There is DTDs support 248this includes parsing and validation even with complex DTDs, either 249at parse time or later once the document has been modified. 250 251%package help 252Summary: Man page for libxml2 253BuildArch: noarch 254 255%description help 256%{summary}. 257 258 259%prep 260%autosetup -n %{name}-%{version} -p1 261 262mkdir py3doc 263cp doc/*.py py3doc 264sed -i 's|#!/usr/bin/python |#!%{__python3} |' py3doc/*.py 265 266%build 267./autogen.sh 268%configure 269%make_build 270 271find doc -type f -exec chmod 0644 \{\} \; 272 273%install 274%configure --with-python=%{__python3} 275%make_install 276 277rm -f $RPM_BUILD_ROOT%{_libdir}/*.la 278rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.a 279rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.la 280rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libxml2-%{version}/* 281rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libxml2-python-%{version}/* 282(cd doc/examples ; make clean ; rm -rf .deps Makefile) 283gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz 284 285%check 286make runtests 287 288%clean 289rm -fr %{buildroot} 290 291%post -p /sbin/ldconfig 292 293%postun -p /sbin/ldconfig 294 295%files 296%defattr(-, root, root) 297 298%doc %{_datadir}/doc/libxml2 299 300%{_libdir}/lib*.so.* 301%{_bindir}/xmllint 302%{_bindir}/xmlcatalog 303 304%files devel 305%defattr(-, root, root) 306 307%doc NEWS README.md Copyright 308%doc doc/*.html doc/html doc/*.gif doc/*.png 309%doc doc/tutorial doc/libxml2-api.xml.gz 310%doc doc/examples 311%doc %dir %{_datadir}/gtk-doc/html/libxml2 312%doc %{_datadir}/gtk-doc/html/libxml2/*.devhelp2 313%doc %{_datadir}/gtk-doc/html/libxml2/*.html 314%doc %{_datadir}/gtk-doc/html/libxml2/*.png 315%doc %{_datadir}/gtk-doc/html/libxml2/*.css 316 317%{_libdir}/lib*.so 318%{_libdir}/*.sh 319%{_includedir}/* 320%{_bindir}/xml2-config 321%{_datadir}/aclocal/libxml.m4 322%{_libdir}/pkgconfig/libxml-2.0.pc 323%{_libdir}/cmake/libxml2/libxml2-config.cmake 324 325%{_libdir}/*a 326 327%files -n python3-%{name} 328%defattr(-, root, root) 329 330%{_libdir}/python3*/site-packages/libxml2.py* 331%{_libdir}/python3*/site-packages/drv_libxml2.py* 332%{_libdir}/python3*/site-packages/__pycache__/*py* 333%{_libdir}/python3*/site-packages/libxml2mod* 334%doc python/TODO 335%doc python/libxml2class.txt 336%doc py3doc/*.py 337%doc doc/python.html 338 339%files help 340%doc %{_mandir}/man1/xml2-config.1* 341%doc %{_mandir}/man1/xmllint.1* 342%doc %{_mandir}/man1/xmlcatalog.1* 343%doc %{_mandir}/man3/libxml.3* 344 345 346%changelog 347* Mon Oct 16 2023 BruceGW <gyl93216@163.com> - 2.9.14-9 348- Type:CVE 349- CVE:CVE-2023-45322 350- SUG:NA 351- DESC:fix CVE-2023-45322 352 353* Fri Sep 01 2023 liningjie <liningjie@xfusion.com> - 2.9.14-8 354- SAX: Always initialize SAX1 element handlers 355 356* Mon Jun 19 2023 zhuofeng <zhuofeng2@huawei.com> - 2.9.14-7 357- Type:bugfix 358- CVE:NA 359- SUG:NA 360- DESC:revert parser-Fix-progress-check 361 362* Thu Jun 08 2023 zhuofeng <zhuofeng2@huawei.com> - 2.9.14-6 363- Type:bugfix 364- CVE:NA 365- SUG:NA 366- DESC:backport upstream patches 367 368* Thu Apr 20 2023 BruceGW <gyl93216@163.com> - 2.9.14-5 369- Type:CVE 370- CVE:CVE-2023-28484 CVE-2023-29469 371- SUG:NA 372- DESC:fix CVE-2023-28484CVE-2023-29469 373 374* Mon Nov 21 2022 fuanan <fuanan3@h-partners.com> - 2.9.14-4 375- Type:bugfix 376- CVE:NA 377- SUG:NA 378- DESC:backport upstream patches 379 380* Tue Nov 08 2022 fuanan <fuanan3@h-partners.com> - 2.9.14-3 381- fix CVE-2022-40303 CVE-2022-40304 382 383* Tue Sep 13 2022 fuanan <fuanan3@h-partners.com> - 2.9.14-2 384- Fix Obsoletes in spec 385 386* Wed Jul 13 2022 fuanan <fuanan3@h-partners.com> - 2.9.14-1 387- Type:enhancement 388- ID:NA 389- SUG:NA 390- DESC:Upgrade to upstream v2.9.14 and Cleanup duplicate installation 391 392* Fri Jun 24 2022 fuanan <fuanan3@h-partners.com> - 2.9.12-8 393- Type:bugfix 394- ID:NA 395- SUG:NA 396- DESC:Fix memory leaks in xmlACatalogAdd when xmlHashAddEntry failed 397 398* Thu Jun 16 2022 fuanan <fuanan3@h-partners.com> - 2.9.12-7 399- Type:bugfix 400- ID:NA 401- SUG:NA 402- DESC:Fix memory leaks for xmlACatalogAdd 403 404* Mon May 09 2022 fuanan <fuanan3@h-partners.com> - 2.9.12-6 405- Type:CVE 406- ID:CVE-2022-29824 407- SUG:NA 408- DESC:fix CVE-2022-29824 409 410* Wed Mar 09 2022 fuanan <fuanan3@h-partners.com> - 2.9.12-5 411- Type:CVE 412- ID:CVE-2022-23308 413- SUG:NA 414- DESC:fix CVE-2022-23308 415 416* Sat Feb 12 2022 fuanan <fuanan3@h-partners.com> - 2.9.12-4 417- Type:bugfix 418- ID:NA 419- SUG:NA 420- DESC:use upstream patch refix heap-use-after-free in xmlAddNextSibling and xmlAddChild 421 422* Fri Nov 12 2021 panxiaohe <panxiaohe@huawei.com> - 2.9.12-3 423- Type:bugfix 424- ID:NA 425- SUG:NA 426- DESC:add backport bug fixes. 427 work around lxml API abuse 428 fix regression in xmlNodeDumpOutputInternal 429 fix whitespace when serializing empty HTML documents 430 forbid epsilon-reduction of final states 431 fix buffering in xmlOutputBufferWrite 432 433* Thu Nov 11 2021 panxiaohe <panxiaohe@huawei.com> - 2.9.12-2 434- Type:bugfix 435- ID:NA 436- SUG:NA 437- DESC:fix heap-use-after-free in xmlAddNextSibling and xmlAddChild 438 439* Wed Nov 10 2021 Zhipeng Xie <xiezhipeng1@huawei.com> - 2.9.12-1 440- Type:enhancement 441- ID:NA 442- SUG:NA 443- DESC:upgrade to upstream v2.9.12 444 445* Tue Nov 9 2021 panxiaohe <panxiaohe@huawei.com> - 2.9.10-19 446- Type:bugfix 447- ID:NA 448- SUG:NA 449- DESC:fix memleaks in xmlXIncludeProcessFlags 450 451* Sat Oct 30 2021 huangduirong <huangduirong@huawei.com> - 2.9.10-18 452- Type:bugfix 453- ID:NA 454- SUG:NA 455- DESC:fix fuzz issues, fix null-deref in xmlSchemaGetComponentTargetNs 456 457* Sat Oct 23 2021 panxiaohe <panxiaohe@huawei.com> - 2.9.10-17 458- Type:bugfix 459- ID:NA 460- SUG:NA 461- DESC:fix fuzz issues 462 fix memory leaks in XPointer string-range function 463 fix null pointer deref in xmlXPtrRangeInsideFunction 464 stop using maxParserDepth in xpath.c 465 hardcode maximum XPath recursion depth 466 fix XPath recursion limit 467 468* Thu Oct 21 2021 panxiaohe <panxiaohe@huawei.com> - 2.9.10-16 469- Type:bugfix 470- ID:NA 471- SUG:NA 472- DESC:fix fuzz issues 473 fix heap-use-after-free in xmlXIncludeIncludeNode 474 fix stack overflow in xmlDocDumpMemory 475 fix stack overflow in htmlDocContentDumpOutput 476 477* Wed Jun 2 2021 guoxiaoqi <guoxiaoqi2@huawei.com> - 2.9.10-15 478- Type:CVE 479- ID:CVE-2021-3541 480- SUG:NA 481- DESC:fix CVE-2021-3541 482 483* Sat May 29 2021 zoulin <zoulin13@huawei.com> - 2.9.10-14 484- Type:bugfix 485- ID:NA 486- SUG:NA 487- DESC:[add] patches from upstream 488 Fix-handling-of-unexpected-EOF-in-xmlParseContent.patch 489 Fix-line-numbers-in-error-messages-for-mismatched-ta.patch 490 Fix-null-deref-in-legacy-SAX1-parser.patch 491 update-for-xsd-language-type-check.patch 492 Fix-dangling-pointer-with-xmllint-dropdtd.patch 493 Fix-duplicate-xmlStrEqual-calls-in-htmlParseEndTag.patch 494 Fix-exponential-behavior-with-recursive-entities.patch 495 Fix-quadratic-behavior-when-looking-up-xml-attribute.patch 496 Fix-use-after-free-with-xmllint-html-push.patch 497 Fix-xmlGetNodePath-with-invalid-node-types.patch 498 Stop-checking-attributes-for-UTF-8-validity.patch 499 500* Fri May 28 2021 guoxiaoqi <guoxiaoqi2@huawei.com> - 2.9.10-13 501- Type:CVE 502- ID:CVE-2021-3517, CVE-2021-3518 503- SUG:NA 504- DESC:fix CVE-2021-3517 and CVE-2021-3518 505 506* Wed May 26 2021 yangkang <yangkang90@huawei.com> - 2.9.10-12 507- Type:CVE 508- ID:CVE-2021-3537 509- SUG:NA 510- DESC:fix CVE-2021-3537 511 512* Tue Mar 2 2021 Lirui <lirui130@huawei.com> - 2.9.10-11 513- fix problems detected by oss-fuzz test 514 515* Thu Nov 12 2020 Liquor <lirui130@huawei.com> - 2.9.10-10 516- fix problems detected by oss-fuzz test 517 518* Thu Oct 29 2020 panxiaohe <panxiaohe@huawei.com> - 2.9.10-9 519- remove subpackage python2-libxml2 520 521* Mon Sep 14 2020 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 2.9.10-8 522- revert Don-t-try-to-handle-namespaces-when-building-HTML-do.patch. 523 rubygem-nokogoro test case fail,because this patch remove xml namespace function. 524 525* Thu Sep 10 2020 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 2.9.10-7 526- Fixed some issues found in fuzzing testcases 527 528* Fri Aug 28 2020 zoulin <zoulin13@huawei.com> - 2.9.10-6 529- Fix more quadratic runtime issues in HTML push parse 530- Fix reset HTML parser input before reporting error 531 532* Wed Aug 12 2020 Liquor <lirui130@huawei.com> - 2.9.10-5 533- Limit regexp nesting depth 534- Fix exponential runtime in xmlFARecurseDeterminism 535 536* Mon Aug 3 2020 Liquor <lirui130@huawei.com> - 2.9.10-4 537- Fix integer overflow in xmlFAParseQuantExact 538 539* Tue Jul 28 2020 shenyangyang <shenyangyang4@huawei.com> - 2.9.10-3 540- Fix-use-after-free-with-validating-reader and 541 Never-expand-parameter-entities-in-text-declaration 542 543* Fri Jul 3 2020 wangchen <wangchen137@huawei.com> - 2.9.10-2 544- Sync some patches from community 545 546* Fri Apr 24 2020 BruceGW <gyl93216@163.com> - 2.9.10-1 547- update upstream to 2.9.10 548 549* Tue Mar 17 2020 Leo Fang<leofang_94@163.com> - 2.9.8-9 550- Sync some patches from community 551 552* Thu Dec 19 2019 openEuler Buildteam <buildteam@openEuler.org> - 2.9.8-8 553- Delete unused infomation 554 555* Tue Sep 24 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9.8-7 556- Fix memory leak in xmlSchemaValidateStream 557 558* Fri Sep 20 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9.8-6 559- Delete redundant information 560 561* Tue Sep 10 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9.8-5 562- Delete epoch 563 564* Thu Sep 5 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9.8-2 565- Backport upstream patches and merge static library to devel package 566 567