Hello community, here is the log from the commit of package expat for openSUSE:Factory checked in at 2019-07-08 15:00:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/expat (Old) and /work/SRC/openSUSE:Factory/.expat.new.4615 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "expat" Mon Jul 8 15:00:07 2019 rev:57 rq:713395 version:2.2.7 Changes: -------- --- /work/SRC/openSUSE:Factory/expat/expat.changes 2019-02-11 21:16:10.183375978 +0100 +++ /work/SRC/openSUSE:Factory/.expat.new.4615/expat.changes 2019-07-08 15:00:08.602454578 +0200 @@ -1,0 +2,22 @@ +Tue Jul 2 10:33:51 UTC 2019 - Pedro Monreal Gonzalez <[email protected]> + +- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937) + * Security fixes: + - CVE-2018-20843 - Fix extraction of namespace prefixes from + XML names; XML names with multiple colons could end up in + the wrong namespace, and take a high amount of RAM and CPU + resources while processing, opening the door to use for + denial-of-service attacks + * Other changes: + - Autotools/CMake: Utilize -fvisibility=hidden to stop + exporting non-API symbols + - Autotools: Add --without-examples and --without-tests + - Autotools: Modernize configure.ac + - Autotools: Fix check for -fvisibility=hidden for Clang + - Autotools: Fix compilation for lack of docbook2x-man + - CMake: Make libdir of pkgconfig expat.pc support multilib + - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR + - Remove fallback to bcopy, assume that memmove(3) exists +- Removed expat-2.2.6-fix-make-clean.patch + +------------------------------------------------------------------- Old: ---- expat-2.2.6-fix-make-clean.patch expat-2.2.6.tar.bz2 expat-2.2.6.tar.bz2.asc New: ---- expat-2.2.7.tar.xz expat-2.2.7.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.fbIma0/_old 2019-07-08 15:00:09.306455642 +0200 +++ /var/tmp/diff_new_pack.fbIma0/_new 2019-07-08 15:00:09.310455648 +0200 @@ -16,19 +16,18 @@ # -%global unversion 2_2_6 +%global unversion 2_2_7 Name: expat -Version: 2.2.6 +Version: 2.2.7 Release: 0 Summary: XML Parser Toolkit License: MIT Group: Development/Libraries/C and C++ URL: http://libexpat.github.io -Source0: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.bz2 +Source0: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz Source1: %{name}faq.html Source2: baselibs.conf -Source3: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.bz2.asc -Patch0: expat-2.2.6-fix-make-clean.patch +Source3: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz.asc BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: pkgconfig @@ -63,7 +62,6 @@ %prep %setup -q -%patch0 -p1 cp %{SOURCE1} . rm -f examples/*.dsp @@ -99,7 +97,6 @@ %doc doc/expat.png doc/reference.html doc/style.css doc/valid-xhtml10.png %doc examples/elements.c examples/outline.c examples/Makefile.am examples/Makefile.in %doc AUTHORS Changes -%{_mandir}/man?/* %{_bindir}/xmlwf %files -n libexpat1
