commit libxml2 for openSUSE:Factory

2020-11-02 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2020-11-02 09:40:31

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.3463 (New)


Package is "libxml2"

Mon Nov  2 09:40:31 2020 rev:100 rq:844894 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2020-09-10 
22:45:34.363687118 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new.3463/libxml2.changes
2020-11-02 09:40:36.669622463 +0100
@@ -1,0 +2,6 @@
+Fri Oct 23 19:11:01 UTC 2020 - Benjamin Greiner 
+
+- Make python subpackage ready for multiple python3 flavors
+  gh#openSUSE/python-rpm-macros#66
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.dnu739/_old  2020-11-02 09:40:38.221623952 +0100
+++ /var/tmp/diff_new_pack.dnu739/_new  2020-11-02 09:40:38.225623956 +0100
@@ -20,21 +20,26 @@
 # Define "python" as a package in _multibuild file
 %global flavor @BUILD_FLAVOR@%{nil}
 %if "%{flavor}" == "python"
-%define psuffix -python
+%global pprefix python-
 %define oldpython python
 %bcond_without python
 %bcond_without python2
 %else
-%define psuffix %{nil}
+%global pprefix %{nil}
 %bcond_with python
 %endif
 %define bname libxml2
 %define lname libxml2-2
-Name:   %{bname}%{psuffix}
+Name:   %{pprefix}%{bname}
 Version:2.9.10
 Release:0
+%if !%{with python}
 Summary:A Library to Manipulate XML Files
 License:MIT
+%else
+Summary:Python  Bindings for libxml2
+License:MIT
+%endif
 URL:http://xmlsoft.org
 Source: ftp://xmlsoft.org/libxml2/%{bname}-%{version}.tar.gz
 Source1:ftp://xmlsoft.org/libxml2/%{bname}-%{version}.tar.gz.asc
@@ -57,29 +62,41 @@
 Patch7: libxml2-CVE-2020-24977.patch
 BuildRequires:  fdupes
 BuildRequires:  pkgconfig
+BuildRequires:  python-rpm-macros
 %if !%{with python}
 BuildRequires:  readline-devel
 BuildRequires:  pkgconfig(liblzma)
 BuildRequires:  pkgconfig(zlib)
-%endif
-%if %{with python}
+%else
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module xml}
-BuildRequires:  python-rpm-macros
 BuildRequires:  pkgconfig(libxml-2.0)
-Requires:   libxml2-2 = %{version}
+Requires:   %{lname} = %{version}
+Provides:   python-libxml2-python = %{version}-%{release}
+Obsoletes:  %{bname}-python < %{version}-%{release}
+Obsoletes:  python-libxml2-python < %{version}-%{release}
 %if "%{python_flavor}" == "python2"
-Obsoletes:  %{bname}-python < %{version}
-Provides:   %{bname}-python = %{version}
-Obsoletes:  %{oldpython}-libxml2 < %{version}
-Provides:   %{oldpython}-libxml2 = %{version}
+Provides:   %{bname}-python = %{version}-%{release}
+Provides:   %{oldpython}-libxml2 = %{version}-%{release}
+Obsoletes:  %{oldpython}-libxml2 < %{version}-%{release}
 %endif
 %endif
+%python_subpackages
 
 %description
 The XML C library was initially developed for the GNOME project. It is
 now used by many programs to load and save extensible data structures
 or manipulate any kind of XML files.
+%if %{with python}
+This package contains a module that permits
+applications written in the Python programming language to use the
+interface supplied by the libxml2 library to manipulate XML files.
+
+This library allows manipulation of XML files. It includes support for
+reading, modifying, and writing XML and HTML files. There is DTD
+support that includes parsing and validation even with complex DTDs,
+either at parse time or later once the document has been modified.
+%endif
 
 %package -n %{lname}
 Summary:A Library to Manipulate XML Files
@@ -136,38 +153,6 @@
 now used by many programs to load and save extensible data structures
 or manipulate any kind of XML files.
 
-%package -n python2-libxml2
-Summary:Python 2 Bindings for libxml2
-Obsoletes:  libxml2-python
-Provides:   python2-libxml2-python
-Obsoletes:  python2-libxml2-python
-
-%description -n python2-libxml2
-The python2-libxml2 package contains a module that permits
-applications written in the Python programming language to use the
-interface supplied by the libxml2 library to manipulate XML files.
-
-This library allows manipulation of XML files. It includes support for
-reading, modifying, and writing XML and HTML files. There is DTD
-support that includes parsing and validation even with complex DTDs,
-either at parse time or later once the document has been modified.
-
-%package -n python3-libxml2
-Summary:Python 3 Bindings for libxml2
-Obsoletes:  libxml2-python
-Provides:   python3-libxml2-python
-Obsoletes:

commit libxml2 for openSUSE:Factory

2020-09-10 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2020-09-10 22:45:28

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.4249 (New)


Package is "libxml2"

Thu Sep 10 22:45:28 2020 rev:99 rq:832832 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2020-06-11 
14:38:27.400219318 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new.4249/libxml2.changes
2020-09-10 22:45:34.363687118 +0200
@@ -1,0 +2,7 @@
+Mon Sep  7 08:12:29 UTC 2020 - Pedro Monreal 
+
+- Security fix: [bsc#1176179, CVE-2020-24977]
+  * xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal
+- Add patch libxml2-CVE-2020-24977.patch
+
+---

New:

  libxml2-CVE-2020-24977.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.YckBWg/_old  2020-09-10 22:45:35.399688073 +0200
+++ /var/tmp/diff_new_pack.YckBWg/_new  2020-09-10 22:45:35.403688076 +0200
@@ -53,6 +53,8 @@
 Patch5: libxml2-CVE-2020-7595.patch
 # PATCH-FIX-UPSTREAM bsc#1159928 CVE-2019-19956 Revert usptream commit
 Patch6: libxml2-CVE-2019-19956.patch
+# PATCH-FIX-UPSTREAM bsc#1176179 CVE-2020-24977 xmllint: 
global-buffer-overflow in xmlEncodeEntitiesInternal
+Patch7: libxml2-CVE-2020-24977.patch
 BuildRequires:  fdupes
 BuildRequires:  pkgconfig
 %if !%{with python}
@@ -175,6 +177,7 @@
 %patch4 -p1 -R
 %patch5 -p1
 %patch6 -p1 -R
+%patch7 -p1
 
 %build
 %if !%{with python}


++ libxml2-CVE-2020-24977.patch ++
>From 50f06b3efb638efb0abd95dc62dca05ae67882c2 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer 
Date: Fri, 7 Aug 2020 21:54:27 +0200
Subject: [PATCH] Fix out-of-bounds read with 'xmllint --htmlout'

Make sure that truncated UTF-8 sequences don't cause an out-of-bounds
array access.

Thanks to @SuhwanSong and the Agency for Defense Development (ADD) for
the report.

Fixes #178.
---
 xmllint.c | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/xmllint.c b/xmllint.c
index f6a8e4636..c647486f3 100644
--- a/xmllint.c
+++ b/xmllint.c
@@ -528,6 +528,12 @@ static void
 xmlHTMLEncodeSend(void) {
 char *result;
 
+/*
+ * xmlEncodeEntitiesReentrant assumes valid UTF-8, but the buffer might
+ * end with a truncated UTF-8 sequence. This is a hack to at least avoid
+ * an out-of-bounds read.
+ */
+memset([sizeof(buffer)-4], 0, 4);
 result = (char *) xmlEncodeEntitiesReentrant(NULL, BAD_CAST buffer);
 if (result) {
xmlGenericError(xmlGenericErrorContext, "%s", result);
-- 
GitLab

commit libxml2 for openSUSE:Factory

2020-06-11 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2020-06-11 14:38:13

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.3606 (New)


Package is "libxml2"

Thu Jun 11 14:38:13 2020 rev:98 rq:810571 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2020-04-19 
21:41:16.451094155 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new.3606/libxml2.changes
2020-06-11 14:38:27.400219318 +0200
@@ -1,0 +2,15 @@
+Wed May 27 12:09:35 UTC 2020 - Pedro Monreal Gonzalez 

+
+- Fix invalid xmlns references since the fix for CVE-2019-19956 [bsc#1172021]
+- Revert upstream commit 5a02583c7e683896d84878bd90641d8d9b0d0549
+  * Add patch libxml2-CVE-2019-19956.patch
+
+---
+Mon Mar 16 12:02:39 UTC 2020 - Pedro Monreal Gonzalez 

+
+- Security fix: [bsc#1161517, CVE-2020-7595]
+  * xmlStringLenDecodeEntities in parser.c has an infinite loop in
+a certain end-of-file situation
+- Add libxml2-CVE-2020-7595.patch
+
+---

New:

  libxml2-CVE-2019-19956.patch
  libxml2-CVE-2020-7595.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.Qq3Ajj/_old  2020-06-11 14:38:28.300221892 +0200
+++ /var/tmp/diff_new_pack.Qq3Ajj/_new  2020-06-11 14:38:28.304221903 +0200
@@ -49,6 +49,10 @@
 Patch3: libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
 # PATCH-FIX-UPSTREAM bsc#1157450 This commit breaks perl-XML-LibXSLT
 Patch4: libxml2-xmlFreeNodeList-recursive.patch
+# PATCH-FIX-UPSTREAM bsc#1161517 CVE-2020-7595 Infinite loop in 
xmlStringLenDecodeEntities
+Patch5: libxml2-CVE-2020-7595.patch
+# PATCH-FIX-UPSTREAM bsc#1159928 CVE-2019-19956 Revert usptream commit
+Patch6: libxml2-CVE-2019-19956.patch
 BuildRequires:  fdupes
 BuildRequires:  pkgconfig
 %if !%{with python}
@@ -169,6 +173,8 @@
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1 -R
+%patch5 -p1
+%patch6 -p1 -R
 
 %build
 %if !%{with python}


++ libxml2-CVE-2019-19956.patch ++
>From 5a02583c7e683896d84878bd90641d8d9b0d0549 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie 
Date: Wed, 7 Aug 2019 17:39:17 +0800
Subject: [PATCH] Fix memory leak in xmlParseBalancedChunkMemoryRecover

When doc is NULL, namespace created in xmlTreeEnsureXMLDecl
is bind to newDoc->oldNs, in this case, set newDoc->oldNs to
NULL and free newDoc will cause a memory leak.

Found with libFuzzer.

Closes #82.
---
 parser.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/parser.c b/parser.c
index 1ce1ccf14..26d9f4e3b 100644
--- a/parser.c
+++ b/parser.c
@@ -13894,7 +13894,8 @@ xmlParseBalancedChunkMemoryRecover(xmlDocPtr doc, 
xmlSAXHandlerPtr sax,
 xmlFreeParserCtxt(ctxt);
 newDoc->intSubset = NULL;
 newDoc->extSubset = NULL;
-newDoc->oldNs = NULL;
+if(doc != NULL)
+   newDoc->oldNs = NULL;
 xmlFreeDoc(newDoc);
 
 return(ret);
++ libxml2-CVE-2020-7595.patch ++
>From 0e1a49c8907645d2e155f0d89d4d9895ac5112b5 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie 
Date: Thu, 12 Dec 2019 17:30:55 +0800
Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities

When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef
return NULL which cause a infinite loop in xmlStringLenDecodeEntities

Found with libFuzzer.

Signed-off-by: Zhipeng Xie 
---
 parser.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/parser.c b/parser.c
index d1c31963..a34bb6cd 100644
--- a/parser.c
+++ b/parser.c
@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const 
xmlChar *str, int len,
 else
 c = 0;
 while ((c != 0) && (c != end) && /* non input consuming loop */
-  (c != end2) && (c != end3)) {
+   (c != end2) && (c != end3) &&
+   (ctxt->instate != XML_PARSER_EOF)) {
 
if (c == 0) break;
 if ((c == '&') && (str[1] == '#')) {
-- 
2.24.1

commit libxml2 for openSUSE:Factory

2020-04-19 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2020-04-19 21:41:03

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.2738 (New)


Package is "libxml2"

Sun Apr 19 21:41:03 2020 rev:97 rq:785542 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2019-12-24 
14:28:59.054547325 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new.2738/libxml2.changes
2020-04-19 21:41:16.451094155 +0200
@@ -1,0 +2,13 @@
+Mon Mar 16 10:01:58 UTC 2020 - Tomáš Chvátal 
+
+- Do not pull in the non-python deps on the python build
+
+---
+Sat Mar 14 10:56:14 UTC 2020 - Tomáš Chvátal 
+
+- Revert the previous change and use multibuild to determine
+  supported flavors.
+  We need to be able to enable/disable pythons in prjconf and
+  multibuild directly clashes with that.
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.7cvA0R/_old  2020-04-19 21:41:17.499096257 +0200
+++ /var/tmp/diff_new_pack.7cvA0R/_new  2020-04-19 21:41:17.503096265 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,33 +20,21 @@
 # Define "python" as a package in _multibuild file
 %global flavor @BUILD_FLAVOR@%{nil}
 %if "%{flavor}" == "python"
-%bcond_without python
-%define skip_python3 1
 %define psuffix -python
 %define oldpython python
-%define python_pname python2-libxml2
-%endif
-
-%if "%{flavor}" == "python3"
 %bcond_without python
-%define skip_python2 1
-%define psuffix -python3
-%define python_pname python3-libxml2
-%endif
-
-%if "%{flavor}" == ""
+%bcond_without python2
+%else
+%define psuffix %{nil}
 %bcond_with python
-%define python_pname void
 %endif
-
 %define bname libxml2
 %define lname libxml2-2
-Name:   %{bname}%{?psuffix}
+Name:   %{bname}%{psuffix}
 Version:2.9.10
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
-Group:  Development/Libraries/C and C++
 URL:http://xmlsoft.org
 Source: ftp://xmlsoft.org/libxml2/%{bname}-%{version}.tar.gz
 Source1:ftp://xmlsoft.org/libxml2/%{bname}-%{version}.tar.gz.asc
@@ -63,11 +51,11 @@
 Patch4: libxml2-xmlFreeNodeList-recursive.patch
 BuildRequires:  fdupes
 BuildRequires:  pkgconfig
+%if !%{with python}
 BuildRequires:  readline-devel
-BuildRequires:  xz-devel
-BuildRequires:  zlib-devel
 BuildRequires:  pkgconfig(liblzma)
 BuildRequires:  pkgconfig(zlib)
+%endif
 %if %{with python}
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module xml}
@@ -89,7 +77,6 @@
 
 %package -n %{lname}
 Summary:A Library to Manipulate XML Files
-Group:  System/Libraries
 
 %description -n %{lname}
 The XML C library was initially developed for the GNOME project. It is
@@ -109,7 +96,6 @@
 
 %package tools
 Summary:Tools using libxml
-Group:  Productivity/Text/Utilities
 Provides:   %{bname} = %{version}-%{release}
 Obsoletes:  %{bname} < %{version}-%{release}
 
@@ -118,7 +104,6 @@
 
 %package devel
 Summary:Development files for libxml2, an XML manipulation library
-Group:  Development/Libraries/C and C++
 Requires:   %{bname}-tools = %{version}
 Requires:   %{lname} = %{version}
 Requires:   glibc-devel
@@ -137,7 +122,6 @@
 
 %package doc
 Summary:Documentation for libxml, an XML manipulation library
-Group:  Documentation/HTML
 Requires:   %{lname} = %{version}
 BuildArch:  noarch
 
@@ -146,15 +130,30 @@
 now used by many programs to load and save extensible data structures
 or manipulate any kind of XML files.
 
-%package -n %{python_pname}
+%package -n python2-libxml2
 Summary:Python 2 Bindings for libxml2
-Group:  Development/Libraries/Python
 Obsoletes:  libxml2-python
-Provides:   %{python_pname}-python
-Obsoletes:  %{python_pname}-python
+Provides:   python2-libxml2-python
+Obsoletes:  python2-libxml2-python
+
+%description -n python2-libxml2
+The python2-libxml2 package contains a module that permits
+applications written in the Python programming language to use the
+interface supplied by the libxml2 library to manipulate XML files.
+
+This library allows manipulation of XML files. It includes support for
+reading, modifying, and writing XML and HTML files. There is DTD
+support that includes

commit libxml2 for openSUSE:Factory

2019-12-24 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2019-12-24 14:28:53

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.6675 (New)


Package is "libxml2"

Tue Dec 24 14:28:53 2019 rev:96 rq:757499 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2019-12-07 
15:23:22.439728931 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new.6675/libxml2.changes
2019-12-24 14:28:59.054547325 +0100
@@ -1,0 +2,8 @@
+Sun Dec 15 17:56:15 UTC 2019 - Stefan Brüns 
+
+- Build python2 and python3 bindings in separate flavors. As
+  python3-libxml2 is a dependency of e.g. itstools and thus many
+  other packages these packages no longer have a build dependency
+  on python2. Breaks a build loop for python2.
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.4y6XG5/_old  2019-12-24 14:29:00.102547832 +0100
+++ /var/tmp/diff_new_pack.4y6XG5/_new  2019-12-24 14:29:00.106547834 +0100
@@ -20,16 +20,28 @@
 # Define "python" as a package in _multibuild file
 %global flavor @BUILD_FLAVOR@%{nil}
 %if "%{flavor}" == "python"
-%define pysuffix -python
+%bcond_without python
+%define skip_python3 1
+%define psuffix -python
 %define oldpython python
+%define python_pname python2-libxml2
+%endif
+
+%if "%{flavor}" == "python3"
 %bcond_without python
-%else
-%define pysuffix %{nil}
+%define skip_python2 1
+%define psuffix -python3
+%define python_pname python3-libxml2
+%endif
+
+%if "%{flavor}" == ""
 %bcond_with python
+%define python_pname void
 %endif
+
 %define bname libxml2
 %define lname libxml2-2
-Name:   %{bname}%{pysuffix}
+Name:   %{bname}%{?psuffix}
 Version:2.9.10
 Release:0
 Summary:A Library to Manipulate XML Files
@@ -134,32 +146,15 @@
 now used by many programs to load and save extensible data structures
 or manipulate any kind of XML files.
 
-%package -n python2-libxml2
+%package -n %{python_pname}
 Summary:Python 2 Bindings for libxml2
 Group:  Development/Libraries/Python
 Obsoletes:  libxml2-python
-Provides:   python2-libxml2-python
-Obsoletes:  python2-libxml2-python
-
-%description -n python2-libxml2
-The python2-libxml2 package contains a module that permits
-applications written in the Python programming language to use the
-interface supplied by the libxml2 library to manipulate XML files.
-
-This library allows manipulation of XML files. It includes support for
-reading, modifying, and writing XML and HTML files. There is DTD
-support that includes parsing and validation even with complex DTDs,
-either at parse time or later once the document has been modified.
-
-%package -n python3-libxml2
-Summary:Python 3 Bindings for libxml2
-Group:  Development/Libraries/Python
-Obsoletes:  libxml2-python
-Provides:   python3-libxml2-python
-Obsoletes:  python3-libxml2-python
+Provides:   %{python_pname}-python
+Obsoletes:  %{python_pname}-python
 
-%description -n python3-libxml2
-The python3-libxml2 package contains a module that permits
+%description -n %{python_pname}
+The %{python_pname} package contains a module that permits
 applications written in the Python programming language to use the
 interface supplied by the libxml2 library to manipulate XML files.
 
@@ -262,27 +257,24 @@
 %dir %{_datadir}/gtk-doc/html
 
 %else
-%files -n python2-libxml2
+%files -n %{python_pname}
 %doc python/TODO
 %doc python/libxml2class.txt
 %doc doc/*.py
 %doc doc/python.html
+%if "%{python_flavor}" == "python2"
 %{python2_sitearch}/libxml2.py*
 %{python2_sitearch}/drv_libxml2.py*
 %{python2_sitearch}/libxml2mod*.so
 %{python2_sitearch}/*.egg-info
-
-%files -n python3-libxml2
-%doc python/TODO
-%doc python/libxml2class.txt
-%doc doc/*.py
-%doc doc/python.html
+%else
 %{python3_sitearch}/libxml2.py
 %{python3_sitearch}/__pycache__/libxml2.*
 %{python3_sitearch}/drv_libxml2.py
 %{python3_sitearch}/__pycache__/drv_libxml2.*
 %{python3_sitearch}/libxml2mod*.so
 %{python3_sitearch}/*.egg-info
+%endif
 
 %endif
 

++ _multibuild ++
--- /var/tmp/diff_new_pack.4y6XG5/_old  2019-12-24 14:29:00.126547844 +0100
+++ /var/tmp/diff_new_pack.4y6XG5/_new  2019-12-24 14:29:00.126547844 +0100
@@ -1,3 +1,4 @@
 
   python
+  python3

commit libxml2 for openSUSE:Factory

2019-12-07 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2019-12-07 15:22:20

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.4691 (New)


Package is "libxml2"

Sat Dec  7 15:22:20 2019 rev:95 rq:751668 version:2.9.10

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2019-09-13 
14:56:55.481273692 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new.4691/libxml2.changes
2019-12-07 15:23:22.439728931 +0100
@@ -1,0 +2,118 @@
+Thu Nov 28 15:32:58 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Since libxml2-2.9.10 perl-XML-LibXSLT fails to build: [bsc#1157450]
+  * Revert upstream commit to make xmlFreeNodeList non-recursive
+
https://github.com/GNOME/libxml2/commit/0762c9b69ba01628f72eada1c64ff3d361fb5716
+- Add patch libxml2-xmlFreeNodeList-recursive.patch
+
+---
+Fri Nov 15 17:59:54 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Version update to 2.9.10:
+  * Portability:
++ Fix exponent digits when running tests under old MSVC
++ Work around buggy ceil() function on AIX
++ Don't call printf with NULL string in runtest.c
++ Switched from unsigned long to ptrdiff_t in parser.c
++ timsort.h: support older GCCs
++ Make configure.ac work with older pkg-config
+  * Bug Fixes:
++ Fix for conditional sections at end of document
++ Make sure that Python tests exit with error code
++ Audit memory error handling in xpath.c
++ Fix error code in xmlTextWriterStartDocument
++ Fix integer overflow when counting written bytes
++ Fix uninitialized memory access in HTML parser
++ Fix memory leak in xmlSchemaValAtomicType
++ Disallow conditional sections in internal subset
++ Fix use-after-free in xmlTextReaderFreeNodeList
++ Fix Regextests
++ Fix empty branch in regex
++ Fix integer overflow in entity recursion check
++ Don't read external entities or XIncludes from stdin
++ Fix Schema determinism check of ##other namespaces
++ Fix potential null deref in xmlSchemaIDCFillNodeTables
++ Fix potential memory leak in xmlBufBackToBuffer
++ Fix error message when processing XIncludes with fallbacks
++ Fix memory leak in xmlRegEpxFromParse
++ 14:00 is a valid timezone for xs:dateTime
++ Fix memory leak in xmlParseBalancedChunkMemoryRecover
++ Fix potential null deref in xmlRelaxNGParsePatterns
++ Misleading error message with xs:{min|max}Inclusive
++ Fix memory leak in xmlXIncludeLoadTxt
++ Partial fix for comparison of xs:durations
++ Fix null deref in xmlreader buffer
++ Fix unability to RelaxNG-validate grammar with choice-based name class
++ Fix unability to validate ambiguously constructed interleave for RelaxNG
++ Fix possible null dereference in xmlXPathIdFunction
++ fix memory leak in xmlAllocOutputBuffer
++ Fix unsigned int overflow
++ dict.h: gcc 2.95 doesn't allow multiple storage classes
++ Fix another code path in xmlParseQName
++ Make sure that xmlParseQName returns NULL in error case
++ Fix build without reader but with pattern
++ Fix memory leak in xmlAllocOutputBufferInternal error path
++ Fix unsigned integer overflow
++ Fix return value of xmlOutputBufferWrite
++ Fix parser termination from "Double hyphen within comment" error
++ Fix call stack overflow in xmlFreePattern
++ Fix null deref in previous commit
++ Fix memory leaks in xmlXPathParseNameComplex error paths
++ Check for integer overflow in xmlXPtrEvalChildSeq
++ Fix xmllint dump of XPath namespace nodes
++ Fix float casts in xmlXPathSubstringFunction
++ Fix null deref in xmlregexp error path
++ Fix null pointer dereference in xmlTextReaderReadOuterXml
++ Fix memory leaks in xmlParseStartTag2 error paths
++ Fix memory leak in xmlSAX2StartElement
++ Fix commit "Memory leak in xmlFreeID (xmlreader.c)"
++ Fix NULL pointer deref in xmlTextReaderValidateEntity
++ Memory leak in xmlFreeTextReader
++ Memory leak in xmlFreeID (xmlreader.c)
+  * Improvements:
++ Propagate memory errors in valuePush
++ Propagate memory errors in xmlXPathCompExprAdd
++ Make xmlFreeDocElementContent non-recursive
++ Avoid ignored attribute warnings under GCC
++ Make xmlDumpElementContent non-recursive
++ Make apibuild.py ignore ATTRIBUTE_NO_SANITIZE
++ Mark xmlExp* symbols as removed
++ Make xmlParseConditionalSections non-recursive
++ Adjust expected error in Python tests
++ Make xmlTextReaderFreeNodeList non-recursive
++ Make xmlFreeNodeList non-recursive
++ Make xmlParseContent and xmlParseElement non-recursive
++ Remove executable bit from non-executable files
++ Fix

commit libxml2 for openSUSE:Factory

2019-09-13 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2019-09-13 14:56:54

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.7948 (New)


Package is "libxml2"

Fri Sep 13 14:56:54 2019 rev:94 rq:729358 version:2.9.9

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2019-02-04 
21:10:14.511894228 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new.7948/libxml2.changes
2019-09-13 14:56:55.481273692 +0200
@@ -1,0 +2,35 @@
+Mon Sep  9 08:24:40 UTC 2019 - Tomáš Chvátal 
+
+- Do not depend on setuptools to keep the depgraph small and
+  avoid build cycles
+
+---
+Fri Aug  2 13:08:40 UTC 2019 - Tomáš Chvátal 
+
+- Use python[23]-libmxl2 as python names not python-libxml2-python
+  which is kinda confusing
+
+---
+Thu Aug  1 10:53:13 UTC 2019 - Tomáš Chvátal 
+
+- Do not ship libtool archive anymore
+
+---
+Wed Jul 31 12:27:10 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Enable tests also in the python subpackages
+
+---
+Thu Jul  4 08:52:14 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH
+  to avoid nodeset limit when processing large XML files [bsc#1135123]
+  * Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
+
+---
+Mon Feb 25 08:40:16 UTC 2019 - Pedro Monreal Gonzalez 

+
+- Merge python-libxml2-python spec and changes files into the
+  libxml2 ones using _multibuild [bsc#1126499, bsc#1123919]
+
+---
@@ -35,0 +71,3 @@
+- Add libxml2-python3-string-null-check.patch: fix NULL pointer
+dereference when parsing invalid data (bsc#1065270
+glgo#libxml2!15).).
@@ -48,0 +87 @@
+- Drop patch python3.6-verify_fd.patch merged upstream
@@ -91,0 +131,21 @@
+Sat Nov 11 15:30:27 UTC 2017 - aavind...@gmail.com
+
+- clean with spec-cleaner
+
+---
+Thu Oct 26 14:10:55 UTC 2017 - jmate...@suse.com
+
+- libxml2-python3-unicode-errors.patch: work around an issue with
+  libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270)
+
+---
+Mon Oct  2 15:59:57 UTC 2017 - jmate...@suse.com
+
+- convert to singlespec, build a python 3 version
+- change build instructions to use setup.py (and %python_build macros)
+  instead of makefile-based approach
+- add python3.6-verify_fd.patch that fixes libxml2 on python 3.6
+- rename to python-libxml2-python to conform to package naming policy
+  (PyPI name is "libxml2-python")
+
+---
@@ -289,0 +350,5 @@
+Sun Jul  7 06:00:42 UTC 2013 - co...@suse.com
+
+- buildignore python to avoid build cycle
+
+---
@@ -336 +401 @@
-  * please se ChangeLog for more info
+  * please see ChangeLog for more info
@@ -372,0 +438,5 @@
+Sat Feb 25 08:47:58 UTC 2012 - co...@suse.com
+
+- fix version
+
+---
@@ -378,0 +449,6 @@
+Thu Feb 23 11:00:21 UTC 2012 - co...@suse.com
+
+- renamed to python-libxml2 to follow python naming expectations
+- do not require python but let rpm figure it out
+
+---
@@ -427,0 +504,5 @@
+Mon Dec  6 09:05:53 UTC 2010 - co...@novell.com
+
+- buildrequire python-xml to fix build
+
+---
@@ -474,0 +556,5 @@
+Wed Apr  7 16:34:29 UTC 2010 - co...@novell.com
+
+- fix build
+
+---
@@ -486,0 +573,5 @@
+
+---
+Tue Dec 15 12:19:16 CET 2009 - jeng...@medozas.de
+
+- enable parallel building

Old:

  python-libxml2-python.changes
  python-libxml2-python.spec

New:

  _multibuild
  libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.3q3GMs/_old  2019-09-13 14:56:56.241273725 +0200
+++ /var/tmp/diff_new_pack.3q3GMs/_new  2019-09-13 14:56:56.245273725 +0200
@@ -16,24 +16,57 @@
 #
 
 
+%{?!python_module:%define python_module() python-%{**} python3-%{**}}
+# Define "python" as a package in _multibuild file
+%global flavor

commit libxml2 for openSUSE:Factory

2019-02-04 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2019-02-04 21:10:12

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new.28833 (New)


Package is "libxml2"

Mon Feb  4 21:10:12 2019 rev:93 rq:668978 version:2.9.9

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2018-03-26 
12:05:24.153792873 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new.28833/libxml2.changes   
2019-02-04 21:10:14.511894228 +0100
@@ -1,0 +2,36 @@
+Sat Jan 26 00:24:23 UTC 2019 - mgo...@suse.com
+
+- Version update to 2.9.9:
+  * Security:
++ CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA
+  decompression (boo#1088279 boo#1105166).
++ CVE-2018-14404 Fix nullptr deref with XPath logic ops
+  (boo#1102046).
+  * Bug fixes:
++ Fix building relative URIs
++ Problem with data in interleave in RelaxNG validation
++ Fix memory leak in xmlSwitchInputEncodingInt error path
++ Set doc on element obtained from freeElems
++ Fix HTML serialization with UTF-8 encoding
++ Use actual doc in xmlTextReaderRead*Xml
++ Unlink node before freeing it in xmlSAX2StartElement
++ Check return value of nodePush in xmlSAX2StartElement
++ Free input buffer in xmlHaltParser
++ Reset HTML parser input pointers on encoding failure
++ Fix xmlSchemaValidCtxtPtr reuse memory leak
++ Fix xmlTextReaderNext with preparsed document
++ HTML noscript should not close p
++ Don't change context node in xmlXPathRoot
+  * Improvements:
++ Remove redefined starts and defines inside include elements
++ Allow choice within choice in nameClass in RELAX NG
++ Look inside divs for starts and defines inside include
++  Add newlines to 'xmllint --xpath' output
++ Don't include SAX.h from globals.h
++ Support xmlTextReaderNextSibling w/o preparsed doc
++ Improve restoring of context size and position
++ Simplify and harden nodeset filtering
++ Avoid unnecessary backups of the context node
++ Fix inconsistency in xmlXPathIsInf
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2-python.changes
2018-03-19 23:31:26.916352270 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new.28833/python-libxml2-python.changes 
2019-02-04 21:10:14.631894185 +0100
@@ -1,0 +2,38 @@
+Sat Jan 26 00:25:51 UTC 2019 - mgo...@suse.com
+
+- Version update to 2.9.9:
+  * Security:
++ CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA
+  decompression.
++ CVE-2018-14404 Fix nullptr deref with XPath logic ops.
+  * Bug fixes:
++ Fix building relative URIs
++ Problem with data in interleave in RelaxNG validation
++ Fix memory leak in xmlSwitchInputEncodingInt error path
++ Set doc on element obtained from freeElems
++ Fix HTML serialization with UTF-8 encoding
++ Use actual doc in xmlTextReaderRead*Xml
++ Unlink node before freeing it in xmlSAX2StartElement
++ Check return value of nodePush in xmlSAX2StartElement
++ Free input buffer in xmlHaltParser
++ Reset HTML parser input pointers on encoding failure
++ Fix xmlSchemaValidCtxtPtr reuse memory leak
++ Fix xmlTextReaderNext with preparsed document
++ HTML noscript should not close p
++ Don't change context node in xmlXPathRoot
+  * Improvements:
++ Remove redefined starts and defines inside include elements
++ Allow choice within choice in nameClass in RELAX NG
++ Look inside divs for starts and defines inside include
++  Add newlines to 'xmllint --xpath' output
++ Don't include SAX.h from globals.h
++ Support xmlTextReaderNextSibling w/o preparsed doc
++ Improve restoring of context size and position
++ Simplify and harden nodeset filtering
++ Avoid unnecessary backups of the context node
++ Fix inconsistency in xmlXPathIsInf
+- Add libxml2-python3-string-null-check.patch: fix NULL pointer
+dereference when parsing invalid data (bsc#1065270
+glgo#libxml2!15).). 
+
+---

Old:

  libxml2-2.9.8.tar.gz
  libxml2-2.9.8.tar.gz.asc

New:

  libxml2-2.9.9.tar.gz
  libxml2-2.9.9.tar.gz.asc
  libxml2-python3-string-null-check.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.DKgD09/_old  2019-02-04 21:10:15.419893904 +0100
+++ /var/tmp/diff_new_pack.DKgD09/_new  2019-02-04 21:10:15.423893902 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions

commit libxml2 for openSUSE:Factory

2018-03-26 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2018-03-26 12:05:14

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Mon Mar 26 12:05:14 2018 rev:92 rq:589171 version:2.9.8

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2018-03-19 
23:31:26.468368431 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2018-03-26 
12:05:24.153792873 +0200
@@ -1,0 +2,5 @@
+Tue Mar 20 13:15:36 CET 2018 - ku...@suse.de
+
+- Use %license instead of %doc [bsc#1082318]
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.rSlYjc/_old  2018-03-26 12:05:27.201683711 +0200
+++ /var/tmp/diff_new_pack.rSlYjc/_new  2018-03-26 12:05:27.209683424 +0200
@@ -122,7 +122,7 @@
 %install
 %make_install BASE_DIR="%{_docdir}" DOC_MODULE="%{name}"
 mkdir -p "%{buildroot}/%{_docdir}/%{name}"
-cp -a AUTHORS NEWS README COPYING* Copyright TODO* 
%{buildroot}%{_docdir}/%{name}/
+cp -a AUTHORS NEWS README TODO* %{buildroot}%{_docdir}/%{name}/
 ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml
 %fdupes %{buildroot}%{_datadir}
 
@@ -137,14 +137,15 @@
 
 %files -n %{lname}
 %{_libdir}/lib*.so.*
+%license COPYING* Copyright
 %doc %dir %{_docdir}/%{name}
 %doc %{_docdir}/%{name}/[ANRCT]*
 
 %files tools
 %{_bindir}/xmllint
 %{_bindir}/xmlcatalog
-%{_mandir}/man1/xmllint.1*
-%{_mandir}/man1/xmlcatalog.1*
+%{_mandir}/man1/xmllint.1%{?ext_man}
+%{_mandir}/man1/xmlcatalog.1%{?ext_man}
 
 %files devel
 %{_bindir}/xml2-config
@@ -158,8 +159,8 @@
 %{_libdir}/*.sh
 %{_libdir}/pkgconfig/*.pc
 %{_libdir}/cmake
-%{_mandir}/man1/xml2-config.1%{ext_man}
-%{_mandir}/man3/libxml.3%{ext_man}
+%{_mandir}/man1/xml2-config.1%{?ext_man}
+%{_mandir}/man3/libxml.3%{?ext_man}
 
 %files doc
 %{_datadir}/gtk-doc/html/*

commit libxml2 for openSUSE:Factory

2018-03-19 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2018-03-19 23:31:23

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Mon Mar 19 23:31:23 2018 rev:91 rq:586779 version:2.9.8

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2017-11-14 
14:45:25.153957124 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2018-03-19 
23:31:26.468368431 +0100
@@ -1,0 +2,8 @@
+Wed Mar 14 13:12:34 UTC 2018 - tchva...@suse.com
+
+- Version update to 2.9.8:
+  * Various -Werror fixes and compilation updates as travis is now
+used by upstream
+  * Few additional tests added for ICU operations
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2-python.changes
2017-11-14 14:45:25.905929797 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2-python.changes   
2018-03-19 23:31:26.916352270 +0100
@@ -1,0 +2,9 @@
+Wed Mar 14 13:12:34 UTC 2018 - tchva...@suse.com
+
+- Version update to 2.9.8:
+  * Various -Werror fixes and compilation updates as travis is now
+used by upstream
+  * Few additional tests added for ICU operations
+- Drop patch python3.6-verify_fd.patch merged upstream
+
+---

Old:

  libxml2-2.9.7.tar.gz
  libxml2-2.9.7.tar.gz.asc
  python3.6-verify_fd.patch

New:

  libxml2-2.9.8.tar.gz
  libxml2-2.9.8.tar.gz.asc



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.wikdsm/_old  2018-03-19 23:31:28.312301911 +0100
+++ /var/tmp/diff_new_pack.wikdsm/_new  2018-03-19 23:31:28.316301766 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %define lname libxml2-2
 Name:   libxml2
-Version:2.9.7
+Version:2.9.8
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT

++ python-libxml2-python.spec ++
--- /var/tmp/diff_new_pack.wikdsm/_old  2018-03-19 23:31:28.352300468 +0100
+++ /var/tmp/diff_new_pack.wikdsm/_new  2018-03-19 23:31:28.356300323 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-libxml2-python
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,14 +19,13 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %define oldpython python
 Name:   python-libxml2-python
-Version:2.9.7
+Version:2.9.8
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT
 Group:  Development/Libraries/Python
 Url:http://xmlsoft.org
 Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
-Patch0: python3.6-verify_fd.patch
 Patch1: libxml2-python3-unicode-errors.patch
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module xml}
@@ -54,7 +53,6 @@
 
 %prep
 %setup -q -n libxml2-%{version}
-%patch0 -p1
 %patch1 -p1
 
 %build

++ libxml2-2.9.7.tar.gz -> libxml2-2.9.8.tar.gz ++
 5604 lines of diff (skipped)

commit libxml2 for openSUSE:Factory

2017-11-14 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-11-14 14:45:24

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Tue Nov 14 14:45:24 2017 rev:90 rq:541036 version:2.9.7

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2017-09-29 
11:48:43.163210936 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-11-14 
14:45:25.153957124 +0100
@@ -1,0 +2,41 @@
+Sat Nov 11 15:31:50 UTC 2017 - aavind...@gmail.com
+
+- Version update to 2.9.7 release:
+  * Bug Fixes:
++ xmlcatalog: restore ability to query system catalog easily
++ Fix comparison of nodesets to strings
+  * Improvements:
++ Add Makefile rules to rebuild HTML man pages
++ Remove generated file python/setup.py from version control
++ Fix mixed decls and code in timsort.h
++ Rework handling of return values in thread tests
++ Fix unused variable warnings in testrecurse
++ Fix -Wimplicit-fallthrough warnings
++ Upgrade timsort.h to latest revision
++ Fix a couple of warnings in dict.c and threads.c
++ Fix unused variable warnings in nanohttp.c
++ Don't include winsock2.h in xmllint.c
++ Use __linux__ macro in generated code
+  * Portability:
++ Add declaration for DllMain
++ Fix preprocessor conditional in threads.h
++ Fix macro redefinition warning
++ many Windows specific improvements
+  * Documentation:
++ xmlcatalog: refresh man page wrt. quering system catalog easily
+- Includes bug fixes from 2.9.6:
+  * Fix XPath stack frame logic
+  * Report undefined XPath variable error message
+  * Fix regression with librsvg
+  * Handle more invalid entity values in recovery mode
+  * Fix structured validation errors
+  * Fix memory leak in LZMA decompressor
+  * Set memory limit for LZMA decompression
+  * Handle illegal entity values in recovery mode
+  * Fix debug dump of streaming XPath expressions
+  * Fix memory leak in nanoftp
+  * Fix memory leaks in SAX1 parser
+- Drop libxml2-bug787941.patch
+  * upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2-python.changes
2017-11-03 16:31:47.069067677 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2-python.changes   
2017-11-14 14:45:25.905929797 +0100
@@ -1,0 +2,5 @@
+Sat Nov 11 15:30:27 UTC 2017 - aavind...@gmail.com
+
+- clean with spec-cleaner
+
+---

Old:

  libxml2-2.9.5.tar.gz
  libxml2-2.9.5.tar.gz.asc
  libxml2-bug787941.patch

New:

  libxml2-2.9.7.tar.gz
  libxml2-2.9.7.tar.gz.asc



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.lFvY5n/_old  2017-11-14 14:45:27.133885172 +0100
+++ /var/tmp/diff_new_pack.lFvY5n/_new  2017-11-14 14:45:27.137885027 +0100
@@ -18,7 +18,7 @@
 
 %define lname libxml2-2
 Name:   libxml2
-Version:2.9.5
+Version:2.9.7
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
@@ -29,7 +29,6 @@
 Source2:baselibs.conf
 Source3:%{name}.keyring
 Patch0: fix-perl.diff
-Patch1: libxml2-bug787941.patch
 BuildRequires:  fdupes
 BuildRequires:  pkgconfig
 BuildRequires:  readline-devel
@@ -101,7 +100,6 @@
 %prep
 %setup -q
 %patch0
-%patch1 -p1
 
 %build
 %configure \

++ python-libxml2-python.spec ++
--- /var/tmp/diff_new_pack.lFvY5n/_old  2017-11-14 14:45:27.165884009 +0100
+++ /var/tmp/diff_new_pack.lFvY5n/_new  2017-11-14 14:45:27.169883864 +0100
@@ -19,7 +19,7 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %define oldpython python
 Name:   python-libxml2-python
-Version:2.9.5
+Version:2.9.7
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT
@@ -34,7 +34,6 @@
 BuildRequires:  python-rpm-macros
 BuildRequires:  pkgconfig(libxml-2.0)
 Requires:   libxml2-2 = %{version}
-BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %ifpython2
 Obsoletes:  libxml2-python < %{version}
 Provides:   libxml2-python = %{version}
@@ -84,7 +83,6 @@
 rm -f python/tests/Makefile*
 
 %files %{python_files}
-%defattr(-, root, root)
 %doc python/TODO
 %doc python/libxml2class.txt
 %doc python/tests

++ libxml2-2.9.5.tar.gz -> libxml2-2.9.7.tar.gz ++
 4917 lines of diff (skipped)

commit libxml2 for openSUSE:Factory

2017-11-03 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-11-03 16:31:32

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Fri Nov  3 16:31:32 2017 rev:89 rq:536925 version:2.9.5

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2-python.changes
2017-10-05 11:54:47.130364991 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2-python.changes   
2017-11-03 16:31:47.069067677 +0100
@@ -1,0 +2,6 @@
+Thu Oct 26 14:10:55 UTC 2017 - jmate...@suse.com
+
+- libxml2-python3-unicode-errors.patch: work around an issue with
+  libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270)
+
+---

New:

  libxml2-python3-unicode-errors.patch



Other differences:
--
++ python-libxml2-python.spec ++
--- /var/tmp/diff_new_pack.Xongfg/_old  2017-11-03 16:31:47.825040162 +0100
+++ /var/tmp/diff_new_pack.Xongfg/_new  2017-11-03 16:31:47.825040162 +0100
@@ -27,6 +27,7 @@
 Url:http://xmlsoft.org
 Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
 Patch0: python3.6-verify_fd.patch
+Patch1: libxml2-python3-unicode-errors.patch
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module xml}
 BuildRequires:  pkgconfig
@@ -55,6 +56,7 @@
 %prep
 %setup -q -n libxml2-%{version}
 %patch0 -p1
+%patch1 -p1
 
 %build
 export CFLAGS="%{optflags} -fno-strict-aliasing"


++ libxml2-python3-unicode-errors.patch ++
Index: libxml2-2.9.5/python/libxml.c
===
--- libxml2-2.9.5.orig/python/libxml.c
+++ libxml2-2.9.5/python/libxml.c
@@ -1620,6 +1620,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU
 PyObject *message;
 PyObject *result;
 char str[1000];
+unsigned char *ptr = (unsigned char *)str;
 
 #ifdef DEBUG_ERROR
 printf("libxml_xmlErrorFuncHandler(%p, %s, ...) called\n", ctx, msg);
@@ -1636,12 +1637,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU
str[999] = 0;
 va_end(ap);
 
+#if PY_MAJOR_VERSION >= 3
+/* Ensure the error string doesn't start at UTF8 continuation. */
+while (*ptr && (*ptr & 0xc0) == 0x80)
+ptr++;
+#endif
+
 list = PyTuple_New(2);
 PyTuple_SetItem(list, 0, libxml_xmlPythonErrorFuncCtxt);
 Py_XINCREF(libxml_xmlPythonErrorFuncCtxt);
-message = libxml_charPtrConstWrap(str);
+message = libxml_charPtrConstWrap(ptr);
 PyTuple_SetItem(list, 1, message);
 result = PyEval_CallObject(libxml_xmlPythonErrorFuncHandler, list);
+/* Forget any errors caused in the error handler. */
+PyErr_Clear();
 Py_XDECREF(list);
 Py_XDECREF(result);
 }

commit libxml2 for openSUSE:Factory

2017-10-05 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-10-05 11:54:42

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Thu Oct  5 11:54:42 2017 rev:88 rq:530521 version:2.9.5

Changes:

New Changes file:

--- /dev/null   2017-10-05 07:47:18.104773531 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2-python.changes   
2017-10-05 11:54:47.130364991 +0200
@@ -0,0 +1,1541 @@
+---
+Mon Oct  2 15:59:57 UTC 2017 - jmate...@suse.com
+
+- convert to singlespec, build a python 3 version
+- change build instructions to use setup.py (and %python_build macros)
+  instead of makefile-based approach
+- add python3.6-verify_fd.patch that fixes libxml2 on python 3.6
+- rename to python-libxml2-python to conform to package naming policy
+  (PyPI name is "libxml2-python")
+
+---
+Thu Sep 21 14:19:56 UTC 2017 - jeng...@inai.de
+
+- Update package summaries and RPM groups. Trim descriptions for
+  size on secondary subpackages. Replace install call by a
+  commonly-used macro.
+
+---
+Sun Sep 10 09:54:07 UTC 2017 - tchva...@suse.com
+
+- Version update to 2.9.5 release:
+  * Merged all the previous cve fixes that were patched in
+  * Few small tweaks
+- Remove merged patches:
+  * libxml2-CVE-2016-4658.patch
+  * libxml2-CVE-2017-0663.patch
+  * libxml2-CVE-2017-5969.patch
+  * libxml2-CVE-2017-9047.patch
+  * libxml2-CVE-2017-9048.patch
+  * libxml2-CVE-2017-9049.patch
+  * libxml2-2.9.4-fix_attribute_decoding.patch
+
+---
+Fri May 27 14:22:55 UTC 2016 - psim...@suse.com
+
+- Update python-libxml2 to version libxml2-2.9.4. The new version
+  is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835,
+  CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838,
+  CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and
+  CVE-2016-1762.
+
+---
+Fri Oct 31 10:55:27 UTC 2014 - vci...@suse.com
+
+- Update to 2.9.2 version 
+
+---
+Sun Jul  7 06:00:42 UTC 2013 - co...@suse.com
+
+- buildignore python to avoid build cycle
+
+---
+Sat Dec 15 15:55:26 UTC 2012 - p.drou...@gmail.com
+
+- update to 2.9.0 version:
+  * please see the Changelog
+- Updated patchs to get working with new version:
+  * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch )
+  * fix-perl.diff 
+  
+---
+Tue Jun 12 18:10:07 UTC 2012 - ch...@computersalat.de
+
+- update to 2.8.0
+  * please see ChangeLog for more info
+
+---
+Sat Feb 25 08:47:58 UTC 2012 - co...@suse.com
+
+- fix version
+
+---
+Thu Feb 23 11:00:21 UTC 2012 - co...@suse.com
+
+- renamed to python-libxml2 to follow python naming expectations
+- do not require python but let rpm figure it out
+
+---
+Mon Dec 26 17:08:59 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant tags/sections
+
+---
+Fri Jul  8 08:52:06 UTC 2011 - sasc...@suse.de
+
+- update to libxml-2.7.8+git20110708
+  - several important bugfixes
+
+---
+Mon Dec  6 09:05:53 UTC 2010 - co...@novell.com
+
+- buildrequire python-xml to fix build
+
+---
+Fri Dec  3 12:24:42 UTC 2010 - pu...@novell.com
+
+- update to libxml-2.7.8
+  - number of bufixes, documentation and portability fixes
+  - update language ID parser to RFC 5646
+  - sort python generated stubs
+  - add an HTML parser option to avoid a default doctype
+  - see http://xmlsoft.org/news.html for exact details
+- clean up specfile
+
+---
+Wed Apr  7 16:34:29 UTC 2010 - co...@novell.com
+
+- fix build
+
+---
+Tue Mar 23 23:46:00 CET 2010 - mrd...@opensuse.org
+
+- update to 2.7.7
+- add extra options to ./configure for scribus features and avoid a crash
+- updates from 2.7.3 > 2.7.7 include a number of portability, correctness
+  memory leaks and build fixes including some CVE
+- see http://xmlsoft.org/news.html for exact details
+

commit libxml2 for openSUSE:Factory

2017-09-29 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-09-29 11:48:40

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Fri Sep 29 11:48:40 2017 rev:87 rq:528090 version:2.9.5

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2017-06-20 
11:00:55.163117626 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-09-29 
11:48:43.163210936 +0200
@@ -1,0 +2,28 @@
+Thu Sep 21 14:19:56 UTC 2017 - jeng...@inai.de
+
+- Update package summaries and RPM groups. Trim descriptions for
+  size on secondary subpackages. Replace install call by a
+  commonly-used macro.
+
+---
+Thu Sep 21 14:05:29 UTC 2017 - tchva...@suse.com
+
+- Add patch to fix TW integration:
+  * libxml2-bug787941.patch
+
+---
+Sun Sep 10 09:54:07 UTC 2017 - tchva...@suse.com
+
+- Version update to 2.9.5 release:
+  * Merged all the previous cve fixes that were patched in
+  * Few small tweaks
+- Remove merged patches:
+  * libxml2-CVE-2016-4658.patch
+  * libxml2-CVE-2017-0663.patch
+  * libxml2-CVE-2017-5969.patch
+  * libxml2-CVE-2017-9047.patch
+  * libxml2-CVE-2017-9048.patch
+  * libxml2-CVE-2017-9049.patch
+  * libxml2-2.9.4-fix_attribute_decoding.patch
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2016-06-12 
18:51:33.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2017-09-29 11:48:43.211204168 +0200
@@ -1,0 +2,22 @@
+Thu Sep 21 14:19:56 UTC 2017 - jeng...@inai.de
+
+- Update package summaries and RPM groups. Trim descriptions for
+  size on secondary subpackages. Replace install call by a
+  commonly-used macro.
+
+---
+Sun Sep 10 09:54:07 UTC 2017 - tchva...@suse.com
+
+- Version update to 2.9.5 release:
+  * Merged all the previous cve fixes that were patched in
+  * Few small tweaks
+- Remove merged patches:
+  * libxml2-CVE-2016-4658.patch
+  * libxml2-CVE-2017-0663.patch
+  * libxml2-CVE-2017-5969.patch
+  * libxml2-CVE-2017-9047.patch
+  * libxml2-CVE-2017-9048.patch
+  * libxml2-CVE-2017-9049.patch
+  * libxml2-2.9.4-fix_attribute_decoding.patch
+
+---

Old:

  libxml2-2.9.4-fix_attribute_decoding.patch
  libxml2-2.9.4.tar.gz
  libxml2-2.9.4.tar.gz.asc
  libxml2-CVE-2016-4658.patch
  libxml2-CVE-2017-0663.patch
  libxml2-CVE-2017-5969.patch
  libxml2-CVE-2017-9047.patch
  libxml2-CVE-2017-9048.patch
  libxml2-CVE-2017-9049.patch

New:

  libxml2-2.9.5.tar.gz
  libxml2-2.9.5.tar.gz.asc
  libxml2-bug787941.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.0WWeFS/_old  2017-09-29 11:48:44.075082344 +0200
+++ /var/tmp/diff_new_pack.0WWeFS/_new  2017-09-29 11:48:44.075082344 +0200
@@ -18,55 +18,29 @@
 
 %define lname libxml2-2
 Name:   libxml2
-Version:2.9.4
+Version:2.9.5
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
-Group:  System/Libraries
+Group:  Development/Libraries/C and C++
 Url:http://xmlsoft.org
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source1:ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc
 Source2:baselibs.conf
 Source3:%{name}.keyring
 Patch0: fix-perl.diff
-# PATCH-FIX-UPSTREAM bnc#983288 kstreit...@suse.com -- fix attribute decoding 
during XML schema validation
-Patch1: libxml2-2.9.4-fix_attribute_decoding.patch
-# PATCH-FIX-UPSTREAM bsc#1005544 pmonrealgonza...@suse.com -- Disallow 
namespace nodes in XPointer ranges
-Patch2: libxml2-CVE-2016-4658.patch
-# PATCH-FIX-UPSTREAM bsc#1039063 -- pmonrealgonza...@suse.com -- stack 
overflow vulnerability
-Patch3: libxml2-CVE-2017-9047.patch
-# PATCH-FIX-UPSTREAM bsc#1039064 -- pmonrealgonza...@suse.com -- stack 
overflow vulnerability
-Patch4: libxml2-CVE-2017-9048.patch
-# PATCH-FIX-UPSTREAM bsc#1039066 -- pmonrealgonza...@suse.com -- heap-based 
buffer overflow
-Patch5: libxml2-CVE-2017-9049.patch
-# PATCH-FIX-UPSTREAM bnc#1024989 pmonrealgonza...@suse.com -- CVE-2017-5969 
NULL pointer derefence parsing xml file
-Patch6: libxml2-CVE-2017-5969.patch
-# PATCH-FIX-UPSTREAM bnc#1044337 pmonrealgonza...@suse.com -- CVE-2017-0663: 
libxml2: Heap buffer overflow in xmlAddID
-Patch7: libxml2-CVE-2017-0663.patch
-
+Patch1:

commit libxml2 for openSUSE:Factory

2017-06-20 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-06-20 11:00:00

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Tue Jun 20 11:00:00 2017 rev:86 rq:504140 version:2.9.4

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2017-06-02 
10:29:23.385329513 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-06-20 
11:00:55.163117626 +0200
@@ -1,0 +2,14 @@
+Thu Jun 15 13:12:25 UTC 2017 - pmonrealgonza...@suse.com
+
+- Security fix:
+  * libxml2-CVE-2017-0663.patch [bsc#1044337, CVE-2017-0663]
+* Fix Heap buffer overflow in xmlAddID
+
+---
+Wed Jun 14 14:15:38 UTC 2017 - pmonrealgonza...@suse.com
+
+- Security fix:
+  * libxml2-CVE-2017-5969.patch [bsc#1024989, CVE-2017-5969]
+* Fix NULL pointer deref in xmlDumpElementContent
+
+---

New:

  libxml2-CVE-2017-0663.patch
  libxml2-CVE-2017-5969.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.2YQhpV/_old  2017-06-20 11:00:56.722897764 +0200
+++ /var/tmp/diff_new_pack.2YQhpV/_new  2017-06-20 11:00:56.722897764 +0200
@@ -39,6 +39,10 @@
 Patch4: libxml2-CVE-2017-9048.patch
 # PATCH-FIX-UPSTREAM bsc#1039066 -- pmonrealgonza...@suse.com -- heap-based 
buffer overflow
 Patch5: libxml2-CVE-2017-9049.patch
+# PATCH-FIX-UPSTREAM bnc#1024989 pmonrealgonza...@suse.com -- CVE-2017-5969 
NULL pointer derefence parsing xml file
+Patch6: libxml2-CVE-2017-5969.patch
+# PATCH-FIX-UPSTREAM bnc#1044337 pmonrealgonza...@suse.com -- CVE-2017-0663: 
libxml2: Heap buffer overflow in xmlAddID
+Patch7: libxml2-CVE-2017-0663.patch
 
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
@@ -140,6 +144,8 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
+%patch7 -p1
 
 %build
 %configure --disable-static \


++ libxml2-CVE-2017-0663.patch ++
>From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer 
Date: Tue, 6 Jun 2017 12:56:28 +0200
Subject: Fix type confusion in xmlValidateOneNamespace

Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
namespace declarations make no practical sense anyway.

Fixes bug 780228.

Found with libFuzzer and ASan.
---
 valid.c | 7 +++
 1 file changed, 7 insertions(+)

Index: libxml2-2.9.4/valid.c
===
--- libxml2-2.9.4.orig/valid.c
+++ libxml2-2.9.4/valid.c
@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix,
}
 }
 
+/*
+ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
+ * xmlAddID and xmlAddRef for namespace declarations, but it makes
+ * no practical sense to use ID types anyway.
+ */
+#if 0
 /* Validity Constraint: ID uniqueness */
 if (attrDecl->atype == XML_ATTRIBUTE_ID) {
 if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix,
 if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
ret = 0;
 }
+#endif
 
 /* Validity Constraint: Notation Attributes */
 if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
++ libxml2-CVE-2017-5969.patch ++
>From 94691dc884d1a8ada39f073408b4bb92fe7fe882 Mon Sep 17 00:00:00 2001
From: Daniel Veillard 
Date: Wed, 7 Jun 2017 16:47:36 +0200
Subject: Fix NULL pointer deref in xmlDumpElementContent

Can only be triggered in recovery mode.

Fixes bug 758422 (CVE-2017-5969).
---
 valid.c | 24 ++--
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/valid.c b/valid.c
index 9b2df56..8075d3a 100644
--- a/valid.c
+++ b/valid.c
@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, 
xmlElementContentPtr content, int glob)
xmlBufferWriteCHAR(buf, content->name);
break;
case XML_ELEMENT_CONTENT_SEQ:
-   if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
-   (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
+   if ((content->c1 != NULL) &&
+   ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
+(content->c1->type == XML_ELEMENT_CONTENT_SEQ)))
xmlDumpElementContent(buf, content->c1, 1);
else
xmlDumpElementContent(buf, content->c1, 0);
 xmlBufferWriteChar(buf, " , ");
-   if ((content->c2->type == XML_ELEMENT_CONTENT_OR) ||
-   ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) &&
-

commit libxml2 for openSUSE:Factory

2017-06-02 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-06-02 10:29:22

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Fri Jun  2 10:29:22 2017 rev:85 rq:497430 version:2.9.4

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2017-03-10 
21:44:25.306481823 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-06-02 
10:29:23.385329513 +0200
@@ -1,0 +2,11 @@
+Mon May 22 15:42:43 UTC 2017 - pmonrealgonza...@suse.com
+
+- Security fixes:
+  * libxml2-CVE-2017-9049.patch [bsc#1039066]
+* heap-based buffer overflow (xmlDictComputeFastKey func)
+  * libxml2-CVE-2017-9048.patch [bsc#1039063]
+* stack overflow vulnerability (xmlSnprintfElementContent func)
+  * libxml2-CVE-2017-9047.patch [bsc#1039064]
+* stack overflow vulnerability (xmlSnprintfElementContent func)
+
+---

New:

  libxml2-CVE-2017-9047.patch
  libxml2-CVE-2017-9048.patch
  libxml2-CVE-2017-9049.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.29r4Ny/_old  2017-06-02 10:29:24.101228357 +0200
+++ /var/tmp/diff_new_pack.29r4Ny/_new  2017-06-02 10:29:24.105227792 +0200
@@ -33,6 +33,13 @@
 Patch1: libxml2-2.9.4-fix_attribute_decoding.patch
 # PATCH-FIX-UPSTREAM bsc#1005544 pmonrealgonza...@suse.com -- Disallow 
namespace nodes in XPointer ranges
 Patch2: libxml2-CVE-2016-4658.patch
+# PATCH-FIX-UPSTREAM bsc#1039063 -- pmonrealgonza...@suse.com -- stack 
overflow vulnerability
+Patch3: libxml2-CVE-2017-9047.patch
+# PATCH-FIX-UPSTREAM bsc#1039064 -- pmonrealgonza...@suse.com -- stack 
overflow vulnerability
+Patch4: libxml2-CVE-2017-9048.patch
+# PATCH-FIX-UPSTREAM bsc#1039066 -- pmonrealgonza...@suse.com -- heap-based 
buffer overflow
+Patch5: libxml2-CVE-2017-9049.patch
+
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -130,6 +137,9 @@
 %patch0
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
 
 %build
 %configure --disable-static \


++ libxml2-CVE-2017-9047.patch ++
Index: libxml2-2.9.4/valid.c
===
--- libxml2-2.9.4.orig/valid.c
+++ libxml2-2.9.4/valid.c
@@ -1270,6 +1270,7 @@ xmlSnprintfElementContent(char *buf, int
}
strcat(buf, (char *) content->prefix);
strcat(buf, ":");
+   len += xmlStrlen(content->prefix);
}
if (size - len < xmlStrlen(content->name) + 10) {
strcat(buf, " ...");
++ libxml2-CVE-2017-9048.patch ++
Index: libxml2-2.9.4/valid.c
===
--- libxml2-2.9.4.orig/valid.c
+++ libxml2-2.9.4/valid.c
@@ -1320,6 +1320,7 @@ xmlSnprintfElementContent(char *buf, int
xmlSnprintfElementContent(buf, size, content->c2, 0);
break;
 }
+if (size - strlen(buf) <= 2) return;
 if (englob)
 strcat(buf, ")");
 switch (content->ocur) {
++ libxml2-CVE-2017-9049.patch ++
--- a/parser.c  
+++ a/parser.c  
@@ -3312,6 +3312,7 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
 int len = 0, l;
 int c;
 int count = 0;
+size_t startPosition = 0;
 
 #ifdef DEBUG
 nbParseNameComplex++;
@@ -3323,6 +3324,7 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
 GROW;
 if (ctxt->instate == XML_PARSER_EOF)
 return(NULL);
+startPosition = CUR_PTR - BASE_PTR;
 c = CUR_CHAR(l);
 if ((ctxt->options & XML_PARSE_OLD10) == 0) {
 /*
@@ -3420,9 +3422,11 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
 xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "Name");
 return(NULL);
 }
-if ((*ctxt->input->cur == '\n') && (ctxt->input->cur[-1] == '\r'))
-return(xmlDictLookup(ctxt->dict, ctxt->input->cur - (len + 1), len));
-return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len));
+
+if (BASE_PTR + startPosition + len > ctxt->input->end)
+  return(NULL);
+
+return(xmlDictLookup(ctxt->dict, BASE_PTR + startPosition, len));
 }
 
 /**

commit libxml2 for openSUSE:Factory

2017-03-10 Thread root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2017-03-10 21:44:24

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Fri Mar 10 21:44:24 2017 rev:84 rq:477481 version:2.9.4

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2016-06-12 
18:51:33.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2017-03-10 
21:44:25.306481823 +0100
@@ -1,0 +2,9 @@
+Tue Mar  7 11:42:23 UTC 2017 - pmonrealgonza...@suse.com
+
+- Added libxml2-CVE-2016-4658.patch: Disallow namespace nodes in 
+  XPointer ranges. Namespace nodes must be copied to avoid 
+  use-after-free errors. But they don't necessarily have a physical
+  representation in a document, so simply disallow them in XPointer
+  ranges [bsc#1005544] [CVE-2016-4658] 
+
+---

New:

  libxml2-CVE-2016-4658.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.fbCywQ/_old  2017-03-10 21:44:26.126365534 +0100
+++ /var/tmp/diff_new_pack.fbCywQ/_new  2017-03-10 21:44:26.126365534 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -31,6 +31,8 @@
 Patch0: fix-perl.diff
 # PATCH-FIX-UPSTREAM bnc#983288 kstreit...@suse.com -- fix attribute decoding 
during XML schema validation
 Patch1: libxml2-2.9.4-fix_attribute_decoding.patch
+# PATCH-FIX-UPSTREAM bsc#1005544 pmonrealgonza...@suse.com -- Disallow 
namespace nodes in XPointer ranges
+Patch2: libxml2-CVE-2016-4658.patch
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -127,6 +129,7 @@
 %setup -q
 %patch0
 %patch1 -p1
+%patch2 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.fbCywQ/_old  2017-03-10 21:44:26.162360429 +0100
+++ /var/tmp/diff_new_pack.fbCywQ/_new  2017-03-10 21:44:26.166359861 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-libxml2
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed


++ libxml2-CVE-2016-4658.patch ++
>From c1d1f7121194036608bf555f08d3062a36fd344b Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer 
Date: Tue, 28 Jun 2016 18:34:52 +0200
Subject: Disallow namespace nodes in XPointer ranges

Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.

Found with afl-fuzz.

Fixes CVE-2016-4658.
---
 xpointer.c | 149 +++--
 1 file changed, 56 insertions(+), 93 deletions(-)

diff --git a/xpointer.c b/xpointer.c
index a7b03fb..694d120 100644
--- a/xpointer.c
+++ b/xpointer.c
@@ -320,6 +320,45 @@ xmlXPtrRangesEqual(xmlXPathObjectPtr range1, 
xmlXPathObjectPtr range2) {
 }
 
 /**
+ * xmlXPtrNewRangeInternal:
+ * @start:  the starting node
+ * @startindex:  the start index
+ * @end:  the ending point
+ * @endindex:  the ending index
+ *
+ * Internal function to create a new xmlXPathObjectPtr of type range
+ *
+ * Returns the newly created object.
+ */
+static xmlXPathObjectPtr
+xmlXPtrNewRangeInternal(xmlNodePtr start, int startindex,
+xmlNodePtr end, int endindex) {
+xmlXPathObjectPtr ret;
+
+/*
+ * Namespace nodes must be copied (see xmlXPathNodeSetDupNs).
+ * Disallow them for now.
+ */
+if ((start != NULL) && (start->type == XML_NAMESPACE_DECL))
+   return(NULL);
+if ((end != NULL) && (end->type == XML_NAMESPACE_DECL))
+   return(NULL);
+
+ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
+if (ret == NULL) {
+xmlXPtrErrMemory("allocating range");
+   return(NULL);
+}
+memset(ret, 0, sizeof(xmlXPathObject));
+ret->type = XPATH_RANGE;
+ret->user = start;
+ret->index = startindex;
+ret->user2 = end;
+ret->index2 = endindex;
+return(ret);
+}
+
+/**
  * xmlXPtrNewRange:
  * @start:  the starting node
  * @startindex:  the start index
@@ -344,17 +383,7 @@ xmlXPtrNewRange(xmlNodePtr start, int startindex,
 if (endindex < 0)
return(NULL);
 
-

commit libxml2 for openSUSE:Factory

2016-06-12 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2016-06-12 18:51:32

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2016-05-25 
21:21:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2016-06-12 
18:51:33.0 +0200
@@ -1,0 +2,19 @@
+Wed Jun  8 12:20:43 UTC 2016 - kstreit...@suse.com
+
+- add libxml2-2.9.4-fix_attribute_decoding.patch to fix attribute
+  decoding during XML schema validation [bnc#983288]
+
+---
+Fri May 27 14:22:55 UTC 2016 - psim...@suse.com
+
+- Update libxml2 to version libxml2-2.9.4. The new version is
+  resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835,
+  CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838,
+  CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and
+  CVE-2016-1762.
+
+- Remove obsolete patches libxml2-2.9.1-CVE-2016-3627.patch,
+  0001-Add-missing-increments-of-recursion-depth-counter-to.patch,
+  and libxml2-2.9.3-bogus_UTF-8_encoding_error.patch.
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2014-11-06 
16:49:40.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2016-06-12 18:51:33.0 +0200
@@ -1,0 +2,9 @@
+Fri May 27 14:22:55 UTC 2016 - psim...@suse.com
+
+- Update python-libxml2 to version libxml2-2.9.4. The new version
+  is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835,
+  CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838,
+  CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and
+  CVE-2016-1762.
+
+---

Old:

  0001-Add-missing-increments-of-recursion-depth-counter-to.patch
  libxml2-2.9.1-CVE-2016-3627.patch
  libxml2-2.9.3-bogus_UTF-8_encoding_error.patch
  libxml2-2.9.3.tar.gz
  libxml2-2.9.3.tar.gz.asc

New:

  libxml2-2.9.4-fix_attribute_decoding.patch
  libxml2-2.9.4.tar.gz
  libxml2-2.9.4.tar.gz.asc



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.cVKM0d/_old  2016-06-12 18:51:34.0 +0200
+++ /var/tmp/diff_new_pack.cVKM0d/_new  2016-06-12 18:51:34.0 +0200
@@ -18,7 +18,7 @@
 
 %define lname libxml2-2
 Name:   libxml2
-Version:2.9.3
+Version:2.9.4
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
@@ -29,12 +29,8 @@
 Source2:baselibs.conf
 Source3:%{name}.keyring
 Patch0: fix-perl.diff
-# PATCH-FIX-SUSE bnc#972335 psim...@suse.com -- CVE-2016-3627 - stack 
exhaustion while parsing xml files in recovery mode
-Patch1: libxml2-2.9.1-CVE-2016-3627.patch
-# PATCH-FIX-SUSE bnc#975947 psim...@suse.com -- crash in xml validator
-Patch2: 0001-Add-missing-increments-of-recursion-depth-counter-to.patch
-# PATCH-FIX-UPSTREAM bnc#962796 kstreit...@suse.com -- parser fails with bogus 
UTF-8 encoding error
-Patch3: libxml2-2.9.3-bogus_UTF-8_encoding_error.patch
+# PATCH-FIX-UPSTREAM bnc#983288 kstreit...@suse.com -- fix attribute decoding 
during XML schema validation
+Patch1: libxml2-2.9.4-fix_attribute_decoding.patch
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -131,8 +127,6 @@
 %setup -q
 %patch0
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.cVKM0d/_old  2016-06-12 18:51:34.0 +0200
+++ /var/tmp/diff_new_pack.cVKM0d/_new  2016-06-12 18:51:34.0 +0200
@@ -17,7 +17,7 @@
 
 
 Name:   python-libxml2
-Version:2.9.3
+Version:2.9.4
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT

++ libxml2-2.9.4-fix_attribute_decoding.patch ++
>From 256366ed60f8795279b25f7b7b55e8089b4c6ff4 Mon Sep 17 00:00:00 2001
From: Alex Henrie 
Date: Thu, 26 May 2016 17:38:35 -0600
Subject: [PATCH] Fix attribute decoding during XML schema validation

For https://bugzilla.gnome.org/show_bug.cgi?id=766834

vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs,
so this function can't call xmlStringLenDecodeEntities to decode the
entities.
---
 xmlschemas.c | 30 +-
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/xmlschemas.c b/xmlschemas.c
index e1b3a4f..59535e5 100644
--- a/xmlschemas.c
+++ b/xmlschemas.c
@@ -27391,6 +27391,7 @@

commit libxml2 for openSUSE:Factory

2016-05-25 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2016-05-25 21:21:23

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2016-05-08 
10:38:37.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2016-05-25 
21:21:24.0 +0200
@@ -1,0 +2,8 @@
+Fri May 20 14:59:32 UTC 2016 - kstreit...@suse.com
+
+- add libxml2-2.9.3-bogus_UTF-8_encoding_error.patch to fix XML
+  push parser that fails with bogus UTF-8 encoding error when
+  multi-byte character in large CDATA section is split across
+  buffer [bnc#962796]
+
+---

New:

  libxml2-2.9.3-bogus_UTF-8_encoding_error.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.KWq30B/_old  2016-05-25 21:21:25.0 +0200
+++ /var/tmp/diff_new_pack.KWq30B/_new  2016-05-25 21:21:25.0 +0200
@@ -33,6 +33,8 @@
 Patch1: libxml2-2.9.1-CVE-2016-3627.patch
 # PATCH-FIX-SUSE bnc#975947 psim...@suse.com -- crash in xml validator
 Patch2: 0001-Add-missing-increments-of-recursion-depth-counter-to.patch
+# PATCH-FIX-UPSTREAM bnc#962796 kstreit...@suse.com -- parser fails with bogus 
UTF-8 encoding error
+Patch3: libxml2-2.9.3-bogus_UTF-8_encoding_error.patch
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -130,6 +132,7 @@
 %patch0
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %configure --disable-static \

++ libxml2-2.9.3-bogus_UTF-8_encoding_error.patch ++
 604 lines (skipped)

commit libxml2 for openSUSE:Factory

2016-05-08 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2016-05-08 10:38:36

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2016-03-26 
15:20:25.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2016-05-08 
10:38:37.0 +0200
@@ -1,0 +2,10 @@
+Tue May  3 11:40:42 UTC 2016 - sfl...@suse.de
+
+- Add libxml2-2.9.1-CVE-2016-3627.patch to fix stack exhaustion
+  while parsing certain XML files in recovery mode (CVE-2016-3627,
+  bnc#972335).
+
+- Add 0001-Add-missing-increments-of-recursion-depth-counter-to.patch
+  to improve protection against Billion Laughs Attack (bnc#975947).
+
+---

New:

  0001-Add-missing-increments-of-recursion-depth-counter-to.patch
  libxml2-2.9.1-CVE-2016-3627.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.3PvXb1/_old  2016-05-08 10:38:38.0 +0200
+++ /var/tmp/diff_new_pack.3PvXb1/_new  2016-05-08 10:38:38.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,10 @@
 Source2:baselibs.conf
 Source3:%{name}.keyring
 Patch0: fix-perl.diff
+# PATCH-FIX-SUSE bnc#972335 psim...@suse.com -- CVE-2016-3627 - stack 
exhaustion while parsing xml files in recovery mode
+Patch1: libxml2-2.9.1-CVE-2016-3627.patch
+# PATCH-FIX-SUSE bnc#975947 psim...@suse.com -- crash in xml validator
+Patch2: 0001-Add-missing-increments-of-recursion-depth-counter-to.patch
 BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -124,6 +128,8 @@
 %prep
 %setup -q
 %patch0
+%patch1 -p1
+%patch2 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.3PvXb1/_old  2016-05-08 10:38:38.0 +0200
+++ /var/tmp/diff_new_pack.3PvXb1/_new  2016-05-08 10:38:38.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package python-libxml2
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

++ 0001-Add-missing-increments-of-recursion-depth-counter-to.patch ++
>From 6f0af3f6b9b1c5f82a2bb5ded65923437fee5d21 Mon Sep 17 00:00:00 2001
From: Peter Simons 
Date: Fri, 15 Apr 2016 11:56:55 +0200
Subject: [PATCH 2/2] Add missing increments of recursion depth counter to XML
 parser.

The functions xmlParserEntityCheck() and xmlParseAttValueComplex() used to call
xmlStringDecodeEntities() in a recursive context without incrementing the
'depth' counter in the parser context. Because of that omission, the parser
failed to detect attribute recursions in certain documents before running out
of stack space.
---
 parser.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/parser.c b/parser.c
index 9604a72..4da151f 100644
--- a/parser.c
+++ b/parser.c
@@ -144,8 +144,10 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
 
ent->checked = 1;
 
+++ctxt->depth;
rep = xmlStringDecodeEntities(ctxt, ent->content,
  XML_SUBSTITUTE_REF, 0, 0, 0);
+--ctxt->depth;
 
ent->checked = (ctxt->nbentities - oldnbent + 1) * 2;
if (rep != NULL) {
@@ -3966,8 +3968,10 @@ xmlParseEntityValue(xmlParserCtxtPtr ctxt, xmlChar 
**orig) {
 * an entity declaration, it is bypassed and left as is.
 * so XML_SUBSTITUTE_REF is not set here.
 */
+++ctxt->depth;
ret = xmlStringDecodeEntities(ctxt, buf, XML_SUBSTITUTE_PEREF,
  0, 0, 0);
+--ctxt->depth;
if (orig != NULL)
*orig = buf;
else
@@ -4092,9 +4096,11 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int 
*attlen, int normalize) {
} else if ((ent != NULL) &&
   (ctxt->replaceEntities != 0)) {
if (ent->etype != XML_INTERNAL_PREDEFINED_ENTITY) {
+   ++ctxt->depth;
rep = xmlStringDecodeEntities(ctxt, ent->content,

commit libxml2 for openSUSE:Factory

2016-03-26 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2016-03-26 15:20:24

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is "libxml2"

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2014-11-06 
16:49:40.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2016-03-26 
15:20:25.0 +0100
@@ -1,0 +2,13 @@
+Tue Nov 24 16:12:35 UTC 2015 - r...@fthiessen.de
+
+- Update to new upstream release 2.9.3 (bsc#954429):
+  * Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941,
+CVE-2015-1819, CVE-2015-7497, CVE-2015-7498, CVE-2015-5312,
+CVE-2015-7499, CVE-2015-7500 and CVE-2015-8242
+  * And other bugfixes
+- Removed upstream fixed patches:
+  * libxml2-dont_initialize_catalog.patch
+  * 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+  * 0002-Adding-example-from-bugs-738805-to-regression-tests.patch
+
+---

Old:

  0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
  0002-Adding-example-from-bugs-738805-to-regression-tests.patch
  libxml2-2.9.2.tar.gz
  libxml2-2.9.2.tar.gz.asc
  libxml2-dont_initialize_catalog.patch

New:

  libxml2-2.9.3.tar.gz
  libxml2-2.9.3.tar.gz.asc



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.fMPyRm/_old  2016-03-26 15:20:26.0 +0100
+++ /var/tmp/diff_new_pack.fMPyRm/_new  2016-03-26 15:20:26.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,28 +17,24 @@
 
 
 %define lname libxml2-2
-
 Name:   libxml2
-Version:2.9.2
+Version:2.9.3
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
 Group:  System/Libraries
 Url:http://xmlsoft.org
-# Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every 
day
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source1:ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc
 Source2:baselibs.conf
 Source3:%{name}.keyring
 Patch0: fix-perl.diff
-Patch1: libxml2-dont_initialize_catalog.patch
-Patch2: 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
-Patch3: 0002-Adding-example-from-bugs-738805-to-regression-tests.patch
-BuildRoot:  %{_tmppath}/%{name}-%{version}-build
+BuildRequires:  fdupes
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  xz-devel
 BuildRequires:  zlib-devel
+BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 
 %description
 The XML C library was initially developed for the GNOME project. It is
@@ -56,11 +52,11 @@
 The library also supports RelaxNG. Support for W3C XML Schemas is in
 progress.
 
-%package -n %lname
+%package -n %{lname}
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
 
-%description -n %lname
+%description -n %{lname}
 The XML C library was initially developed for the GNOME project. It is
 now used by many programs to load and save extensible data structures
 or manipulate any kind of XML files.
@@ -128,14 +124,11 @@
 %prep
 %setup -q
 %patch0
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
 
 %build
 %configure --disable-static \
---docdir=%_docdir/%name \
---with-html-dir=%_docdir/%name/html \
+--docdir=%{_docdir}/%{name} \
+--with-html-dir=%{_docdir}/%{name}/html \
 --with-fexceptions \
 --with-history \
 --without-python \
@@ -146,25 +139,26 @@
 --with-reader \
 --with-http
 
-make %{?_smp_mflags} BASE_DIR="%_docdir" DOC_MODULE="%name"
+make %{?_smp_mflags} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}"
 
 %install
-make install DESTDIR="%buildroot" BASE_DIR="%_docdir" DOC_MODULE="%name"
-mkdir -p "%buildroot/%_docdir/%name"
+make install DESTDIR=%{buildroot} BASE_DIR="%{_docdir}" DOC_MODULE="%{name}"
+mkdir -p "%{buildroot}/%{_docdir}/%{name}"
 cp -a AUTHORS NEWS README COPYING* Copyright TODO* 
%{buildroot}%{_docdir}/%{name}/
 ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml
+%fdupes %{buildroot}%{_datadir}
 
 %check
 # qemu-arm can't keep up atm, disabling check for arm
 %ifnarch %arm
-make check
+make %{?_smp_mflags} check
 %endif
 
-%post -n %lname -p /sbin/ldconfig
+%post -n %{lname} -p /sbin/ldconfig
 
-%postun -n %lname -p /sbin/ldconfig
+%postun -n %{lname} -p /sbin/ldconfig
 
-%files -n

commit libxml2 for openSUSE:Factory

2014-11-06 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2014-11-06 16:49:37

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2014-10-19 
19:27:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2014-11-06 
16:49:40.0 +0100
@@ -1,0 +2,47 @@
+Mon Nov  3 17:13:24 UTC 2014 - vci...@suse.com
+
+- fix a missing entities after CVE-2014-3660 fix
+  (https://bugzilla.gnome.org/show_bug.cgi?id=738805)
+  * added patches:
+0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+0002-Adding-example-from-bugs-738805-to-regression-tests.patch
+
+---
+Mon Nov  3 10:01:23 UTC 2014 - vci...@suse.com
+
+- fix a regression in libxml2 2.9.2
+  * https://bugzilla.redhat.com/show_bug.cgi?id=1153753
+- add libxml2-dont_initialize_catalog.patch
+
+---
+Fri Oct 31 10:55:27 UTC 2014 - vci...@suse.com
+
+- update to 2.9.2
+  * drop libxml2-CVE-2014-3660.patch (upstream)
+  * add keyring to verify tarball
+  Security:
+  Fix for CVE-2014-3660 billion laugh variant
+  CVE-2014-0191 Do not fetch external parameter entities
+  Improvements:
+  win32/libxml2.def.src after rebuild in doc
+  elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement()
+  elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode
+  Provide cmake module
+  Fix a couple of issues raised by make dist
+  Fix and add const qualifiers
+  Preparing for upcoming release of 2.9.2
+  Fix zlib and lzma libraries check via command line
+  wrong error column in structured error when parsing end tag
+  doc/news.html: small update to avoid line join while generating NEWS.
+  Add methods for python3 iterator
+  Support element node traversal in document fragments
+  xmlNodeSetName: Allow setting the name to a substring of the currently set 
name
+  Added macros for argument casts
+  adding init calls to xml and html Read parsing entry points
+  Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c
+  Implement choice for name classes on attributes
+  Two small namespace tweaks
+  xmllint --memory should fail on empty files
+  Cast encoding name to char pointer to match arg type
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2013-07-08 
07:14:41.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2014-11-06 16:49:40.0 +0100
@@ -1,0 +2,5 @@
+Fri Oct 31 10:55:27 UTC 2014 - vci...@suse.com
+
+- Update to 2.9.2 version 
+
+---

Old:

  libxml2-2.9.1.tar.gz
  libxml2-CVE-2014-3660.patch

New:

  0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
  0002-Adding-example-from-bugs-738805-to-regression-tests.patch
  libxml2-2.9.2.tar.gz
  libxml2-2.9.2.tar.gz.asc
  libxml2-dont_initialize_catalog.patch
  libxml2.keyring



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.fHeuZt/_old  2014-11-06 16:49:41.0 +0100
+++ /var/tmp/diff_new_pack.fHeuZt/_new  2014-11-06 16:49:41.0 +0100
@@ -19,7 +19,7 @@
 %define lname libxml2-2
 
 Name:   libxml2
-Version:2.9.1
+Version:2.9.2
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
@@ -27,9 +27,13 @@
 Url:http://xmlsoft.org
 # Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every 
day
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
+Source1:ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz.asc
 Source2:baselibs.conf
+Source3:%{name}.keyring
 Patch0: fix-perl.diff
-Patch1: libxml2-CVE-2014-3660.patch
+Patch1: libxml2-dont_initialize_catalog.patch
+Patch2: 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+Patch3: 0002-Adding-example-from-bugs-738805-to-regression-tests.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -125,6 +129,8 @@
 %setup -q
 %patch0
 %patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 %build
 %configure --disable-static \
@@ -183,6 +189,7 @@
 %{_libdir}/libxml2.la
 %{_libdir}/*.sh
 %{_libdir}/pkgconfig/*.pc
+%{_libdir}/cmake
 %doc %{_mandir}/man1/xml2-config.1*
 %doc %{_mandir}/man3/libxml.3*
 

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.fHeuZt/_old  2014-11-06 16:49:41.0

commit libxml2 for openSUSE:Factory

2014-10-19 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2014-10-19 19:27:51

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2014-08-25 
11:03:13.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2014-10-19 
19:27:55.0 +0200
@@ -1,0 +2,8 @@
+Fri Oct 17 13:58:17 UTC 2014 - vci...@suse.com
+
+- fix for CVE-2014-3660 (bnc#901546)
+  * denial of service via recursive entity expansion
+(related to billion laughs)
+  * added libxml2-CVE-2014-3660.patch
+
+---

New:

  libxml2-CVE-2014-3660.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.OCM0A4/_old  2014-10-19 19:27:55.0 +0200
+++ /var/tmp/diff_new_pack.OCM0A4/_new  2014-10-19 19:27:55.0 +0200
@@ -29,6 +29,7 @@
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch0: fix-perl.diff
+Patch1: libxml2-CVE-2014-3660.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -123,6 +124,7 @@
 %prep
 %setup -q
 %patch0
+%patch1 -p1
 
 %build
 %configure --disable-static \

++ libxml2-CVE-2014-3660.patch ++
From be2a7edaf289c5da74a4f9ed3a0b6c733e775230 Mon Sep 17 00:00:00 2001
From: Daniel Veillard veill...@redhat.com
Date: Thu, 16 Oct 2014 13:59:47 +0800
Subject: Fix for CVE-2014-3660

Issues related to the billion laugh entity expansion which happened to
escape the initial set of fixes

diff --git a/parser.c b/parser.c
index f51e8d2..1d93967 100644
--- a/parser.c
+++ b/parser.c
@@ -130,6 +130,29 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
 return (0);
 if (ctxt-lastError.code == XML_ERR_ENTITY_LOOP)
 return (1);
+
+/*
+ * This may look absurd but is needed to detect
+ * entities problems
+ */
+if ((ent != NULL)  (ent-etype != XML_INTERNAL_PREDEFINED_ENTITY) 
+   (ent-content != NULL)  (ent-checked == 0)) {
+   unsigned long oldnbent = ctxt-nbentities;
+   xmlChar *rep;
+
+   ent-checked = 1;
+
+   rep = xmlStringDecodeEntities(ctxt, ent-content,
+ XML_SUBSTITUTE_REF, 0, 0, 0);
+
+   ent-checked = (ctxt-nbentities - oldnbent + 1) * 2;
+   if (rep != NULL) {
+   if (xmlStrchr(rep, ''))
+   ent-checked |= 1;
+   xmlFree(rep);
+   rep = NULL;
+   }
+}
 if (replacement != 0) {
if (replacement  XML_MAX_TEXT_LENGTH)
return(0);
@@ -189,9 +212,12 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
 return (0);
 } else {
 /*
- * strange we got no data for checking just return
+ * strange we got no data for checking
  */
-return (0);
+   if (((ctxt-lastError.code != XML_ERR_UNDECLARED_ENTITY) 
+(ctxt-lastError.code != XML_WAR_UNDECLARED_ENTITY)) ||
+   (ctxt-nbentities = 1))
+   return (0);
 }
 xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
 return (1);
@@ -2589,6 +2615,7 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
  name, NULL);
ctxt-valid = 0;
}
+   xmlParserEntityCheck(ctxt, 0, NULL, 0);
} else if (ctxt-input-free != deallocblankswrapper) {
input = xmlNewBlanksWrapperInputStream(ctxt, entity);
if (xmlPushInput(ctxt, input)  0)
@@ -2759,6 +2786,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const 
xmlChar *str, int len,
if ((ctxt-lastError.code == XML_ERR_ENTITY_LOOP) ||
(ctxt-lastError.code == XML_ERR_INTERNAL_ERROR))
goto int_error;
+   xmlParserEntityCheck(ctxt, 0, ent, 0);
if (ent != NULL)
ctxt-nbentities += ent-checked / 2;
if ((ent != NULL) 
@@ -2810,6 +2838,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const 
xmlChar *str, int len,
ent = xmlParseStringPEReference(ctxt, str);
if (ctxt-lastError.code == XML_ERR_ENTITY_LOOP)
goto int_error;
+   xmlParserEntityCheck(ctxt, 0, ent, 0);
if (ent != NULL)
ctxt-nbentities += ent-checked / 2;
if (ent != NULL) {
@@ -7312,6 +7341,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
   (ret != XML_WAR_UNDECLARED_ENTITY)) {
xmlFatalErrMsgStr(ctxt,

commit libxml2 for openSUSE:Factory

2014-08-25 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2014-08-25 11:02:51

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2014-06-18 
22:04:36.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2014-08-25 
11:03:13.0 +0200
@@ -1,0 +2,5 @@
+Mon Aug 18 15:42:34 UTC 2014 - fcro...@suse.com
+
+- Add obsoletes/provides to baselibs.conf.
+
+---



Other differences:
--
python-libxml2.spec: same change
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.giO7ml/_old  2014-08-25 11:03:14.0 +0200
+++ /var/tmp/diff_new_pack.giO7ml/_new  2014-08-25 11:03:14.0 +0200
@@ -1,4 +1,6 @@
 libxml2-2
+obsoletes libxml2-targettype  version
+provides libxml2-targettype = version
 libxml2-devel
 requires -libxml2-targettype
 requires libxml2-2-targettype = version

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2014-06-18 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2014-06-18 22:04:33

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2014-05-26 
10:28:13.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2014-06-18 
22:04:36.0 +0200
@@ -1,0 +2,6 @@
+Thu Jun  5 08:30:58 UTC 2014 - vci...@suse.com
+
+- temporarily reverting libxml2-CVE-2014-0191.patch until there is a fix
+  that doesn't break other applications
+
+---

Old:

  libxml2-CVE-2014-0191.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.af0Z2y/_old  2014-06-18 22:04:36.0 +0200
+++ /var/tmp/diff_new_pack.af0Z2y/_new  2014-06-18 22:04:36.0 +0200
@@ -29,7 +29,6 @@
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch0: fix-perl.diff
-Patch1: libxml2-CVE-2014-0191.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -124,7 +123,6 @@
 %prep
 %setup -q
 %patch0
-%patch1 -p1
 
 %build
 %configure --disable-static \

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2014-05-26 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2014-05-26 10:28:11

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2013-08-04 
16:55:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2014-05-26 
10:28:13.0 +0200
@@ -1,0 +2,8 @@
+Fri May 23 15:01:54 UTC 2014 - vci...@suse.com
+
+- fix for CVE-2014-0191 (bnc#876652)
+  * libxml2: external parameter entity loaded when entity
+substitution is disabled
+  * added libxml2-CVE-2014-0191.patch
+
+---

New:

  libxml2-CVE-2014-0191.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.QXKXtu/_old  2014-05-26 10:28:15.0 +0200
+++ /var/tmp/diff_new_pack.QXKXtu/_new  2014-05-26 10:28:15.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,7 @@
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch0: fix-perl.diff
+Patch1: libxml2-CVE-2014-0191.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -123,6 +124,7 @@
 %prep
 %setup -q
 %patch0
+%patch1 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.QXKXtu/_old  2014-05-26 10:28:15.0 +0200
+++ /var/tmp/diff_new_pack.QXKXtu/_new  2014-05-26 10:28:15.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package python-libxml2
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

++ libxml2-CVE-2014-0191.patch ++
From 9cd1c3cfbd32655d60572c0a413e017260c854df Mon Sep 17 00:00:00 2001
From: Daniel Veillard veill...@redhat.com
Date: Tue, 22 Apr 2014 15:30:56 +0800
Subject: Do not fetch external parameter entities

Unless explicitely asked for when validating or replacing entities
with their value. Problem pointed out by Daniel Berrange berra...@redhat.com

From 7c3c663e4f844aaecbb0cfc29567fe2ee9506fc4 Mon Sep 17 00:00:00 2001
From: Alexandre Rostovtsev tetrom...@gentoo.org
Date: Fri, 16 May 2014 22:46:00 -0400
Subject: [PATCH] xmllint: a posteriori validation needs to load exernal
 entities

For https://bugzilla.gnome.org/show_bug.cgi?id=730290

Index: libxml2-2.9.1/parser.c
===
--- libxml2-2.9.1.orig/parser.c 2013-04-16 15:39:18.0 +0200
+++ libxml2-2.9.1/parser.c  2014-05-23 11:26:43.344897186 +0200
@@ -2595,6 +2595,20 @@ xmlParserHandlePEReference(xmlParserCtxt
xmlCharEncoding enc;
 
/*
+* Note: external parsed entities will not be loaded, it is
+* not required for a non-validating parser, unless the
+* option of validating, or substituting entities were
+* given. Doing so is far more secure as the parser will
+* only process data coming from the document entity by
+* default.
+*/
+if ((entity-etype == XML_EXTERNAL_PARAMETER_ENTITY) 
+   ((ctxt-options  XML_PARSE_NOENT) == 0) 
+   ((ctxt-options  XML_PARSE_DTDVALID) == 0) 
+   (ctxt-validate == 0))
+   return;
+
+   /*
 * handle the extra spaces added before and after
 * c.f. http://www.w3.org/TR/REC-xml#as-PE
 * this is done independently.
Index: libxml2-2.9.1/xmllint.c
===
--- libxml2-2.9.1.orig/xmllint.c2013-03-27 04:31:47.0 +0100
+++ libxml2-2.9.1/xmllint.c 2014-05-23 11:26:43.344897186 +0200
@@ -3505,7 +3505,12 @@ main(int argc, char **argv) {
xmlLoadExtDtdDefaultValue |= XML_COMPLETE_ATTRS;
 if (noent != 0) xmlSubstituteEntitiesDefault(1);
 #ifdef LIBXML_VALID_ENABLED
-if (valid != 0)

commit libxml2 for openSUSE:Factory

2013-08-04 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2013-08-04 16:55:46

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2013-04-20 
17:49:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2013-08-04 
16:55:48.0 +0200
@@ -1,0 +2,12 @@
+Fri Aug  2 12:57:36 UTC 2013 - vci...@suse.com
+
+- update to 2.9.1
+  dropped patches (in upstream):
+  * libxml2-2.9.0-CVE-2012-5134.patch
+  * 
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
+  * libxml2-CVE-2013-1969.patch
+  New features:
+  * Support for Python3
+  * Add xmlXPathSetContextNode and xmlXPathNodeEval
+
+---

Old:

  libxml2-2.9.0-CVE-2012-5134.patch
  libxml2-2.9.0.tar.gz
  
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
  libxml2-CVE-2013-1969.patch

New:

  libxml2-2.9.1.tar.gz



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.J9UxYr/_old  2013-08-04 16:55:49.0 +0200
+++ /var/tmp/diff_new_pack.J9UxYr/_new  2013-08-04 16:55:49.0 +0200
@@ -19,7 +19,7 @@
 %define lname libxml2-2
 
 Name:   libxml2
-Version:2.9.0
+Version:2.9.1
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
@@ -29,10 +29,6 @@
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch0: fix-perl.diff
-# PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334)
-Patch1: libxml2-2.9.0-CVE-2012-5134.patch
-Patch4: 
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
-Patch5: libxml2-CVE-2013-1969.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -127,9 +123,6 @@
 %prep
 %setup -q
 %patch0
-%patch1 -p1
-%patch4 -p1
-%patch5 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.J9UxYr/_old  2013-08-04 16:55:49.0 +0200
+++ /var/tmp/diff_new_pack.J9UxYr/_new  2013-08-04 16:55:49.0 +0200
@@ -17,7 +17,7 @@
 
 
 Name:   python-libxml2
-Version:2.9.0
+Version:2.9.1
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT

++ libxml2-2.9.0.tar.gz - libxml2-2.9.1.tar.gz ++
 17241 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2013-04-20 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2013-04-20 17:49:22

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2013-03-22 
11:56:16.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2013-04-20 
17:49:24.0 +0200
@@ -1,0 +2,6 @@
+Thu Apr 18 14:07:49 UTC 2013 - vci...@suse.com
+
+- fix for CVE-2013-1969 (bnc#815665)
+  * libxml2-CVE-2013-1969.patch
+
+---

New:

  libxml2-CVE-2013-1969.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.8fzHuX/_old  2013-04-20 17:49:26.0 +0200
+++ /var/tmp/diff_new_pack.8fzHuX/_new  2013-04-20 17:49:26.0 +0200
@@ -32,6 +32,7 @@
 # PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334)
 Patch1: libxml2-2.9.0-CVE-2012-5134.patch
 Patch4: 
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
+Patch5: libxml2-CVE-2013-1969.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -128,6 +129,7 @@
 %patch0
 %patch1 -p1
 %patch4 -p1
+%patch5 -p1
 
 %build
 %configure --disable-static \

++ libxml2-CVE-2013-1969.patch ++
From de0cc20c29cb3f056062925395e0f68d2250a46f Mon Sep 17 00:00:00 2001
From: Daniel Veillard veill...@redhat.com
Date: Tue, 12 Feb 2013 08:55:34 +
Subject: Fix some buffer conversion issues

https://bugzilla.gnome.org/show_bug.cgi?id=690202

Buffer overflow errors originating from xmlBufGetInputBase in 2.9.0
The pointers from the context input were not properly reset after
that call which can do reallocations.
---
diff --git a/HTMLparser.c b/HTMLparser.c
index a533f37..6b83654 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -6054,6 +6054,8 @@ htmlParseChunk(htmlParserCtxtPtr ctxt, const char *chunk, 
int size,
if ((in-encoder != NULL)  (in-buffer != NULL) 
(in-raw != NULL)) {
int nbchars;
+   size_t base = xmlBufGetInputBase(in-buffer, ctxt-input);
+   size_t current = ctxt-input-cur - ctxt-input-base;
 
nbchars = xmlCharEncInput(in);
if (nbchars  0) {
@@ -6061,6 +6063,7 @@ htmlParseChunk(htmlParserCtxtPtr ctxt, const char *chunk, 
int size,
 encoder error\n, NULL, NULL);
return(XML_ERR_INVALID_ENCODING);
}
+   xmlBufSetInputBaseCur(in-buffer, ctxt-input, base, current);
}
}
 }
diff --git a/parser.c b/parser.c
index 31f90d6..1c99051 100644
--- a/parser.c
+++ b/parser.c
@@ -12126,7 +12126,7 @@ xmldecl_done:
 remain = 0;
 }
 }
-   res =xmlParserInputBufferPush(ctxt-input-buf, size, chunk);
+   res = xmlParserInputBufferPush(ctxt-input-buf, size, chunk);
if (res  0) {
ctxt-errNo = XML_PARSER_EOF;
ctxt-disableSAX = 1;
@@ -12143,6 +12143,8 @@ xmldecl_done:
if ((in-encoder != NULL)  (in-buffer != NULL) 
(in-raw != NULL)) {
int nbchars;
+   size_t base = xmlBufGetInputBase(in-buffer, ctxt-input);
+   size_t current = ctxt-input-cur - ctxt-input-base;
 
nbchars = xmlCharEncInput(in);
if (nbchars  0) {
@@ -12151,6 +12153,7 @@ xmldecl_done:
xmlParseChunk: encoder error\n);
return(XML_ERR_INVALID_ENCODING);
}
+   xmlBufSetInputBaseCur(in-buffer, ctxt-input, base, current);
}
}
 }
@@ -12190,7 +12193,14 @@ xmldecl_done:
 }
 if ((end_in_lf == 1)  (ctxt-input != NULL) 
 (ctxt-input-buf != NULL)) {
+   size_t base = xmlBufGetInputBase(ctxt-input-buf-buffer,
+ctxt-input);
+   size_t current = ctxt-input-cur - ctxt-input-base;
+
xmlParserInputBufferPush(ctxt-input-buf, 1, \r);
+
+   xmlBufSetInputBaseCur(ctxt-input-buf-buffer, ctxt-input,
+ base, current);
 }
 if (terminate) {
/*
--
cgit v0.9.1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2013-03-22 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2013-03-22 11:56:15

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-12-19 
11:14:13.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2013-03-22 
11:56:16.0 +0100
@@ -1,0 +2,6 @@
+Thu Mar  7 13:28:59 UTC 2013 - vci...@suse.com
+
+- fix for CVE-2013-0338 (bnc#805233)
+  
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
+
+---

New:

  
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.Oz8PoD/_old  2013-03-22 11:56:18.0 +0100
+++ /var/tmp/diff_new_pack.Oz8PoD/_new  2013-03-22 11:56:18.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libxml2
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -31,6 +31,7 @@
 Patch0: fix-perl.diff
 # PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334)
 Patch1: libxml2-2.9.0-CVE-2012-5134.patch
+Patch4: 
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -126,6 +127,7 @@
 %setup -q
 %patch0
 %patch1 -p1
+%patch4 -p1
 
 %build
 %configure --disable-static \

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.Oz8PoD/_old  2013-03-22 11:56:18.0 +0100
+++ /var/tmp/diff_new_pack.Oz8PoD/_new  2013-03-22 11:56:18.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-libxml2
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

++ 
libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
 ++
From 23f05e0c33987d6605387b300c4be5da2120a7ab Mon Sep 17 00:00:00 2001
From: Daniel Veillard veill...@redhat.com
Date: Tue, 19 Feb 2013 10:21:49 +0800
Subject: [PATCH] Detect excessive entities expansion upon replacement

If entities expansion in the XML parser is asked for,
it is possble to craft relatively small input document leading
to excessive on-the-fly content generation.
This patch accounts for those replacement and stop parsing
after a given threshold. it can be bypassed as usual with the
HUGE parser option.
---
 include/libxml/parser.h |1 +
 parser.c|   44 ++--
 parserInternals.c   |2 ++
 3 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/include/libxml/parser.h b/include/libxml/parser.h
index e1346e4..3f5730d 100644
--- a/include/libxml/parser.h
+++ b/include/libxml/parser.h
@@ -310,6 +310,7 @@ struct _xmlParserCtxt {
 xmlParserNodeInfo *nodeInfoTab;   /* array of nodeInfos */
 
 intinput_id;  /* we need to label inputs */
+unsigned long  sizeentcopy;   /* volume of entity copy */
 };
 
 /**
diff --git a/parser.c b/parser.c
index 91f8c90..ddf3b5b 100644
--- a/parser.c
+++ b/parser.c
@@ -122,7 +122,7 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const 
xmlChar *ID,
  */
 static int
 xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
- xmlEntityPtr ent)
+ xmlEntityPtr ent, size_t replacement)
 {
 size_t consumed = 0;
 
@@ -130,7 +130,24 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
 return (0);
 if (ctxt-lastError.code == XML_ERR_ENTITY_LOOP)
 return (1);
-if (size != 0) {
+if (replacement != 0) {
+   if (replacement  XML_MAX_TEXT_LENGTH)
+   return(0);
+
+/*
+* If the volume of entity copy reaches 10 times the
+* amount of parsed data and over the large text threshold
+* then that's very likely to be an abuse.
+*/
+if (ctxt-input != NULL) {
+   consumed = ctxt-input-consumed +
+  (ctxt-input-cur - ctxt-input-base);
+   }
+consumed += ctxt-sizeentities;
+
+if (replacement

commit libxml2 for openSUSE:Factory

2012-12-19 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-12-19 11:14:09

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-12-10 
17:16:53.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-12-19 
11:14:13.0 +0100
@@ -1,0 +2,9 @@
+Sat Dec 15 15:55:26 UTC 2012 - p.drou...@gmail.com
+
+- update to 2.9.0 version:
+  * please see the Changelog
+- Updated patchs to get working with new version:
+   * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch )
+   * fix-perl.diff
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2012-09-23 
08:30:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2012-12-19 11:14:13.0 +0100
@@ -1,0 +2,9 @@
+Sat Dec 15 15:55:26 UTC 2012 - p.drou...@gmail.com
+
+- update to 2.9.0 version:
+  * please see the Changelog
+- Updated patchs to get working with new version:
+  * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch )
+  * fix-perl.diff 
+  
+---
@@ -5 +14 @@
-  * please se ChangeLog for more info
+  * please see ChangeLog for more info

Old:

  libxml2-2.8.0.tar.gz
  libxml2-CVE-2012-5134.patch

New:

  libxml2-2.9.0-CVE-2012-5134.patch
  libxml2-2.9.0.tar.gz



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.jH9nI9/_old  2012-12-19 11:14:16.0 +0100
+++ /var/tmp/diff_new_pack.jH9nI9/_new  2012-12-19 11:14:16.0 +0100
@@ -19,7 +19,7 @@
 %define lname libxml2-2
 
 Name:   libxml2
-Version:2.8.0
+Version:2.9.0
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
@@ -30,7 +30,7 @@
 Source2:baselibs.conf
 Patch0: fix-perl.diff
 # PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334)
-Patch1: libxml2-CVE-2012-5134.patch
+Patch1: libxml2-2.9.0-CVE-2012-5134.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -104,9 +104,7 @@
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
 Requires:   %{lname} = %{version}
-%if 0%{?suse_version} = 1120
 BuildArch:  noarch
-%endif
 
 %description doc
 The XML C library was initially developed for the GNOME project. It is

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.jH9nI9/_old  2012-12-19 11:14:16.0 +0100
+++ /var/tmp/diff_new_pack.jH9nI9/_new  2012-12-19 11:14:16.0 +0100
@@ -17,7 +17,7 @@
 
 
 Name:   python-libxml2
-Version:2.8.0
+Version:2.9.0
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT

++ fix-perl.diff ++
--- /var/tmp/diff_new_pack.jH9nI9/_old  2012-12-19 11:14:16.0 +0100
+++ /var/tmp/diff_new_pack.jH9nI9/_new  2012-12-19 11:14:16.0 +0100
@@ -11,9 +11,9 @@
 
 Index: SAX2.c
 ===
 SAX2.c.orig
-+++ SAX2.c
-@@ -2162,7 +2162,6 @@ xmlSAX2StartElementNs(void *ctx,
+--- SAX2.c.orig2012-09-11 08:01:01.0 +0200
 SAX2.c 2012-12-15 16:32:27.353560391 +0100
+@@ -2188,7 +2188,6 @@
  xmlNodePtr parent;
  xmlNsPtr last = NULL, ns;
  const xmlChar *uri, *pref;
@@ -21,7 +21,7 @@
  int i, j;
  
  if (ctx == NULL) return;
-@@ -2182,20 +2181,6 @@ xmlSAX2StartElementNs(void *ctx,
+@@ -2208,20 +2207,6 @@
  }
  
  /*
@@ -42,7 +42,7 @@
   * allocate the node
   */
  if (ctxt-freeElems != NULL) {
-@@ -2208,10 +2193,7 @@ xmlSAX2StartElementNs(void *ctx,
+@@ -2234,10 +2219,7 @@
if (ctxt-dictNames)
ret-name = localname;
else {
@@ -54,20 +54,20 @@
if (ret-name == NULL) {
xmlSAX2ErrMemory(ctxt, xmlSAX2StartElementNs);
return;
-@@ -2223,11 +2205,8 @@ xmlSAX2StartElementNs(void *ctx,
+@@ -2249,11 +2231,8 @@
if (ctxt-dictNames)
-   ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL, 
+   ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL,
   (xmlChar *) localname, NULL);
 -  else if (lname == NULL)
 -  ret = xmlNewDocNode(ctxt-myDoc, NULL, localname, NULL);
else
--  ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL, 
+-  ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL,
 - (xmlChar *)

commit libxml2 for openSUSE:Factory

2012-12-10 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-12-10 17:16:52

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-09-26 
16:21:27.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-12-10 
17:16:53.0 +0100
@@ -1,0 +2,5 @@
+Fri Dec  7 10:49:11 UTC 2012 - vci...@suse.com
+
+- Add libxml2-CVE-2012-5134.patch to fix CVE-2012-5134 (bnc#793334)
+
+---

New:

  libxml2-CVE-2012-5134.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.EgdYt5/_old  2012-12-10 17:16:55.0 +0100
+++ /var/tmp/diff_new_pack.EgdYt5/_new  2012-12-10 17:16:55.0 +0100
@@ -29,6 +29,8 @@
 Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch0: fix-perl.diff
+# PATCH-FIX-UPSTREAM CVE-2012-5134 (bnc#793334)
+Patch1: libxml2-CVE-2012-5134.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
@@ -125,6 +127,7 @@
 %prep
 %setup -q
 %patch0
+%patch1 -p1
 
 %build
 %configure --disable-static \

++ libxml2-CVE-2012-5134.patch ++
From 6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d Mon Sep 17 00:00:00 2001
From: Daniel Veillard veill...@redhat.com
Date: Mon, 29 Oct 2012 02:39:55 +
Subject: Fix potential out of bound access

---
Index: libxml2-2.8.0/parser.c
===
--- libxml2-2.8.0.orig/parser.c 2012-05-18 09:30:30.0 +0200
+++ libxml2-2.8.0/parser.c  2012-12-07 12:00:57.111732279 +0100
@@ -3931,7 +3931,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr
c = CUR_CHAR(l);
 }
 if ((in_space)  (normalize)) {
-while (buf[len - 1] == 0x20) len--;
+while ((len  0)  (buf[len - 1] == 0x20)) len--;
 }
 buf[len] = 0;
 if (RAW == '') {
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-09-26 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-09-26 16:21:26

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-09-23 
21:28:40.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-09-26 
16:21:27.0 +0200
@@ -1,0 +2,6 @@
+Sun Sep 23 19:40:30 UTC 2012 - dims...@opensuse.org
+
+- Add a comment next to libxml2.la to make sure that anybody
+  removing it knows why it's there and reconsiders.
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.eYmxwh/_old  2012-09-26 16:21:28.0 +0200
+++ /var/tmp/diff_new_pack.eYmxwh/_new  2012-09-26 16:21:28.0 +0200
@@ -179,6 +179,7 @@
 %{_includedir}/libxml
 %{_includedir}/libxml2
 %{_libdir}/lib*.so
+# libxml2.la is needed for the python-libxml2 build. Deleting it breaks build 
of python-libxml2.
 %{_libdir}/libxml2.la
 %{_libdir}/*.sh
 %{_libdir}/pkgconfig/*.pc

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-09-23 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-09-23 08:30:37

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-03-12 
20:15:25.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-09-23 
08:30:39.0 +0200
@@ -1,0 +2,14 @@
+Fri Sep 21 18:04:16 UTC 2012 - jeng...@inai.de
+
+- Remove .la files; make sure installation succeeds for
+  Fedora_17 target
+
+---
+Tue Jun 12 18:10:07 UTC 2012 - ch...@computersalat.de
+
+- update to 2.8.0
+  * please se ChangeLog for more info
+- remove obsolete bigendian64 patch
+- rebase fix-perl patch
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2012-02-25 
09:49:12.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2012-09-23 08:30:39.0 +0200
@@ -1,0 +2,6 @@
+Tue Jun 12 18:10:07 UTC 2012 - ch...@computersalat.de
+
+- update to 2.8.0
+  * please se ChangeLog for more info
+
+---

Old:

  bigendian64.patch
  libxml2-git-snapshot.tar.gz

New:

  libxml2-2.8.0.tar.gz



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.9HuE9y/_old  2012-09-23 08:30:43.0 +0200
+++ /var/tmp/diff_new_pack.9HuE9y/_new  2012-09-23 08:30:43.0 +0200
@@ -15,25 +15,25 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 %define lname libxml2-2
 
 Name:   libxml2
-Version:2.7.8+git20120223
+Version:2.8.0
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
 Group:  System/Libraries
 Url:http://xmlsoft.org
 # Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every 
day
-Source: libxml2-git-snapshot.tar.gz
+Source: ftp://xmlsoft.org/libxml2/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
-Patch0: bigendian64.patch
-Patch1: fix-perl.diff
+Patch0: fix-perl.diff
+BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  xz-devel
 BuildRequires:  zlib-devel
-BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 
 %description
 The XML C library was initially developed for the GNOME project. It is
@@ -74,8 +74,8 @@
 %package tools
 Summary:Tools using libxml
 Group:  System/Libraries
-Provides:   %name = %version-%release
-Obsoletes:  %name  2.7.8+git20120223
+Provides:   %{name} = %{version}-%{release}
+Obsoletes:  %{name}  %{version}-%{release}
 
 %description tools
 This package contains xmllint, a very useful tool proving libxml's power.
@@ -83,8 +83,8 @@
 %package devel
 Summary:Include Files and Libraries mandatory for Development
 Group:  Development/Libraries/C and C++
-Requires:   %name-tools = %{version}
 Requires:   %{lname} = %{version}
+Requires:   %{name}-tools = %{version}
 Requires:   glibc-devel
 Requires:   readline-devel
 Requires:   xz-devel
@@ -123,13 +123,13 @@
 progress.
 
 %prep
-%setup -q -n %{name}-2.7.8
-%patch0 -p0
-%patch1 -p1 -R
+%setup -q
+%patch0
 
 %build
 %configure --disable-static \
---with-html-subdir=packages/%{name}/html \
+--docdir=%_docdir/%name \
+--with-html-dir=%_docdir/%name/html \
 --with-fexceptions \
 --with-history \
 --without-python \
@@ -140,10 +140,12 @@
 --with-reader \
 --with-http
 
-make %{?_smp_mflags} DOC_MODULE=packages/%{name}
+make %{?_smp_mflags} BASE_DIR=%_docdir DOC_MODULE=%name
 
 %install
-%makeinstall DOC_MODULE=packages/%{name}
+make install DESTDIR=%buildroot BASE_DIR=%_docdir DOC_MODULE=%name
+rm -f %buildroot/%_libdir/*.la
+mkdir -p %buildroot/%_docdir/%name
 cp -a AUTHORS NEWS README COPYING* Copyright TODO* 
%{buildroot}%{_docdir}/%{name}/
 ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml
 
@@ -178,7 +180,6 @@
 %{_includedir}/libxml
 %{_includedir}/libxml2
 %{_libdir}/lib*.so
-%{_libdir}/libxml2.la
 %{_libdir}/*.sh
 %{_libdir}/pkgconfig/*.pc
 %doc %{_mandir}/man1/xml2-config.1*

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.9HuE9y/_old  2012-09-23 08:30:43.0 +0200
+++ /var/tmp/diff_new_pack.9HuE9y/_new  2012-09-23 08:30:43.0 +0200
@@ -15,23 +15,24 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 Name:

commit libxml2 for openSUSE:Factory

2012-09-23 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-09-23 21:28:39

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-09-23 
08:30:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-09-23 
21:28:40.0 +0200
@@ -1,0 +2,5 @@
+Sun Sep 23 19:28:04 UTC 2012 - co...@suse.com
+
+- readd .la file, python-libxml2 needs it
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.g7sCK7/_old  2012-09-23 21:28:41.0 +0200
+++ /var/tmp/diff_new_pack.g7sCK7/_new  2012-09-23 21:28:41.0 +0200
@@ -144,7 +144,6 @@
 
 %install
 make install DESTDIR=%buildroot BASE_DIR=%_docdir DOC_MODULE=%name
-rm -f %buildroot/%_libdir/*.la
 mkdir -p %buildroot/%_docdir/%name
 cp -a AUTHORS NEWS README COPYING* Copyright TODO* 
%{buildroot}%{_docdir}/%{name}/
 ln -s libxml2/libxml %{buildroot}%{_includedir}/libxml
@@ -180,6 +179,7 @@
 %{_includedir}/libxml
 %{_includedir}/libxml2
 %{_libdir}/lib*.so
+%{_libdir}/libxml2.la
 %{_libdir}/*.sh
 %{_libdir}/pkgconfig/*.pc
 %doc %{_mandir}/man1/xml2-config.1*

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-03-12 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-03-12 20:15:24

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-03-07 
20:09:40.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-03-12 
20:15:25.0 +0100
@@ -1,0 +2,7 @@
+Sun Mar 11 21:00:19 UTC 2012 - jeng...@medozas.de
+
+- libxml2-2 should not require libxml2-tools. There is no trouble
+  expected, since attempting to install libxml2 will already pull
+  in libxml2-tools due to Provides tags.
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.JfFwzw/_old  2012-03-12 20:15:27.0 +0100
+++ /var/tmp/diff_new_pack.JfFwzw/_new  2012-03-12 20:15:27.0 +0100
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 %define lname libxml2-2
 
 Name:   libxml2
@@ -55,10 +54,6 @@
 %package -n %lname
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
-# this is technically not true, but all other suse versions and fedora 
-# have the tools in libxml2, so avoid too much trouble and always install
-# them for now
-Requires:   %name-tools
 
 %description -n %lname
 The XML C library was initially developed for the GNOME project. It is
@@ -79,7 +74,7 @@
 %package tools
 Summary:Tools using libxml
 Group:  System/Libraries
-Provides:   %name = %version
+Provides:   %name = %version-%release
 Obsoletes:  %name  2.7.8+git20120223
 
 %description tools

++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.JfFwzw/_old  2012-03-12 20:15:27.0 +0100
+++ /var/tmp/diff_new_pack.JfFwzw/_new  2012-03-12 20:15:27.0 +0100
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 Name:   python-libxml2
 Version:2.7.8+git20120223
 Release:0

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-03-07 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-03-07 20:09:37

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-03-02 
13:49:15.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-03-07 
20:09:40.0 +0100
@@ -1,0 +2,13 @@
+Mon Mar  5 10:18:12 UTC 2012 - co...@suse.com
+
+- revert the two commits that broke perl-XML-LibXML's test case,
+  I hope the two upstreams will figure it out
+
+---
+Fri Mar  2 16:47:56 UTC 2012 - co...@suse.com
+
+- update to git to fix some issues
+  * Fix a logic error in Schemas Component ConstraintsHEADmaster
+  * Fix a wrong enum type use in Schemas Types
+
+---

New:

  fix-perl.diff



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.HsTZMk/_old  2012-03-07 20:09:41.0 +0100
+++ /var/tmp/diff_new_pack.HsTZMk/_new  2012-03-07 20:09:41.0 +0100
@@ -29,6 +29,7 @@
 Source: libxml2-git-snapshot.tar.gz
 Source2:baselibs.conf
 Patch0: bigendian64.patch
+Patch1: fix-perl.diff
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  xz-devel
@@ -129,6 +130,7 @@
 %prep
 %setup -q -n %{name}-2.7.8
 %patch0 -p0
+%patch1 -p1 -R
 
 %build
 %configure --disable-static \

++ fix-perl.diff ++
commit 77b77b1301e052d90e6a0967534a698506afcd86
Author: Daniel Veillard veill...@redhat.com
Date:   Thu Jan 26 19:11:02 2012 +0800

Fix SAX2 builder in case of undefined element namespaces

Work as in XML-1.0 before namespaces, and use prefix:localname
as the new element name (and no namespace of course)
Also fix 3 cases in the regression tests where the prefix: was
erroneously dropped in such case

diff --git a/SAX2.c b/SAX2.c
index c0482c0..0c48d65 100644
--- a/SAX2.c
+++ b/SAX2.c
@@ -2163,6 +2163,7 @@ xmlSAX2StartElementNs(void *ctx,
 xmlNodePtr parent;
 xmlNsPtr last = NULL, ns;
 const xmlChar *uri, *pref;
+xmlChar *lname = NULL;
 int i, j;
 
 if (ctx == NULL) return;
@@ -2182,6 +2183,20 @@ xmlSAX2StartElementNs(void *ctx,
 }
 
 /*
+ * Take care of the rare case of an undefined namespace prefix
+ */
+if ((prefix != NULL)  (URI == NULL)) {
+if (ctxt-dictNames) {
+   const xmlChar *fullname;
+
+   fullname = xmlDictQLookup(ctxt-dict, prefix, localname);
+   if (fullname != NULL)
+   localname = fullname;
+   } else {
+   lname = xmlBuildQName(localname, prefix, NULL, 0);
+   }
+}
+/*
  * allocate the node
  */
 if (ctxt-freeElems != NULL) {
@@ -2194,7 +2209,10 @@ xmlSAX2StartElementNs(void *ctx,
if (ctxt-dictNames)
ret-name = localname;
else {
-   ret-name = xmlStrdup(localname);
+   if (lname == NULL)
+   ret-name = xmlStrdup(localname);
+   else
+   ret-name = lname;
if (ret-name == NULL) {
xmlSAX2ErrMemory(ctxt, xmlSAX2StartElementNs);
return;
@@ -2206,8 +2224,11 @@ xmlSAX2StartElementNs(void *ctx,
if (ctxt-dictNames)
ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL, 
   (xmlChar *) localname, NULL);
-   else
+   else if (lname == NULL)
ret = xmlNewDocNode(ctxt-myDoc, NULL, localname, NULL);
+   else
+   ret = xmlNewDocNodeEatName(ctxt-myDoc, NULL, 
+  (xmlChar *) lname, NULL);
if (ret == NULL) {
xmlSAX2ErrMemory(ctxt, xmlSAX2StartElementNs);
return;
diff --git a/result/namespaces/err_7.xml b/result/namespaces/err_7.xml
index f4e5164..4b4c662 100644
--- a/result/namespaces/err_7.xml
+++ b/result/namespaces/err_7.xml
@@ -1,2 +1,2 @@
 ?xml version=1.0?
-foo/
+f:foo/
diff --git a/result/xmlid/id_tst2.xml b/result/xmlid/id_tst2.xml
index 33ee896..856a320 100644
--- a/result/xmlid/id_tst2.xml
+++ b/result/xmlid/id_tst2.xml
@@ -1,6 +1,6 @@
 Object is a Node Set :
 Set contains 1 nodes:
-1  ELEMENT foo
+1  ELEMENT n:foo
 ATTRIBUTE id
   TEXT
 content=bar
diff --git a/result/xmlid/id_tst3.xml b/result/xmlid/id_tst3.xml
index e2f8228..6d8865c 100644
--- a/result/xmlid/id_tst3.xml
+++ b/result/xmlid/id_tst3.xml
@@ -1,6 +1,6 @@
 Object is a Node Set :
 Set contains 1 nodes:
-1  ELEMENT o:o
+1  ELEMENT f:o:o
 ATTRIBUTE id
   TEXT

commit libxml2 for openSUSE:Factory

2012-03-02 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-03-02 13:49:01

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-02-26 
10:14:24.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-03-02 
13:49:15.0 +0100
@@ -1,0 +2,5 @@
+Thu Mar  1 18:36:33 CET 2012 - meiss...@suse.de
+
+- fixed a 64bit big endian bug in the file reader.
+
+---

New:

  bigendian64.patch



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.jUyqPd/_old  2012-03-02 13:49:18.0 +0100
+++ /var/tmp/diff_new_pack.jUyqPd/_new  2012-03-02 13:49:18.0 +0100
@@ -28,6 +28,7 @@
 # Source ftp://xmlsoft.org/libxml2/libxml2-git-snapshot.tar.gz changes every 
day
 Source: libxml2-git-snapshot.tar.gz
 Source2:baselibs.conf
+Patch0: bigendian64.patch
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  xz-devel
@@ -127,6 +128,7 @@
 
 %prep
 %setup -q -n %{name}-2.7.8
+%patch0 -p0
 
 %build
 %configure --disable-static \

++ bigendian64.patch ++
--- xzlib.c.xx  2012-03-01 17:23:54.0 +
+++ xzlib.c 2012-03-01 17:24:48.0 +
@@ -228,9 +228,14 @@
 if (state-err != LZMA_OK)
 return -1;
 if (state-eof == 0) {
+/* avail_in is size_t, which is not necessary sizeof(unsigned) */
+unsigned tmp = strm-avail_in;
 if (xz_load(state, state-in, state-size,
-(unsigned *) (strm-avail_in)) == -1)
+tmp) == -1) {
+strm-avail_in = tmp;
 return -1;
+}
+strm-avail_in = tmp;
 strm-next_in = state-in;
 }
 return 0;
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-02-26 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-02-26 10:14:22

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-02-25 
09:09:52.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-02-26 
10:14:24.0 +0100
@@ -1,0 +2,7 @@
+Sat Feb 25 13:50:54 UTC 2012 - co...@suse.com
+
+- the fallout of requiring libxml2-tools as explicit buildrequire
+  is just too large, so avoid it for now and create a cycle between
+  libxml2-2 and libxml2-tools
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.jg1G1V/_old  2012-02-26 10:14:26.0 +0100
+++ /var/tmp/diff_new_pack.jg1G1V/_new  2012-02-26 10:14:26.0 +0100
@@ -53,8 +53,10 @@
 %package -n %lname
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
-Provides:   %name = %version
-Obsoletes:  %name  2.7.8+git20120223
+# this is technically not true, but all other suse versions and fedora 
+# have the tools in libxml2, so avoid too much trouble and always install
+# them for now
+Requires:   %name-tools
 
 %description -n %lname
 The XML C library was initially developed for the GNOME project. It is
@@ -75,7 +77,8 @@
 %package tools
 Summary:Tools using libxml
 Group:  System/Libraries
-Provides:   %name:/usr/bin/xmllint
+Provides:   %name = %version
+Obsoletes:  %name  2.7.8+git20120223
 
 %description tools
 This package contains xmllint, a very useful tool proving libxml's power.
@@ -83,6 +86,7 @@
 %package devel
 Summary:Include Files and Libraries mandatory for Development
 Group:  Development/Libraries/C and C++
+Requires:   %name-tools = %{version}
 Requires:   %{lname} = %{version}
 Requires:   glibc-devel
 Requires:   readline-devel

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-02-25 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-02-25 09:09:51

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-02-25 
07:30:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-02-25 
09:09:52.0 +0100
@@ -1,0 +2,6 @@
+Sat Feb 25 08:09:00 UTC 2012 - co...@suse.com
+
+- add provide for the old name to fix packages with explicit
+  library dependency
+
+---



Other differences:
--
++ libxml2.spec ++
--- /var/tmp/diff_new_pack.LTk8SO/_old  2012-02-25 09:09:54.0 +0100
+++ /var/tmp/diff_new_pack.LTk8SO/_new  2012-02-25 09:09:54.0 +0100
@@ -53,6 +53,8 @@
 %package -n %lname
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
+Provides:   %name = %version
+Obsoletes:  %name  2.7.8+git20120223
 
 %description -n %lname
 The XML C library was initially developed for the GNOME project. It is
@@ -84,8 +86,8 @@
 Requires:   %{lname} = %{version}
 Requires:   glibc-devel
 Requires:   readline-devel
-Requires:   zlib-devel
 Requires:   xz-devel
+Requires:   zlib-devel
 # bug437293
 %ifarch ppc64
 Obsoletes:  libxml2-devel-64bit

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-02-25 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-02-25 09:49:11

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/python-libxml2.changes   2012-02-25 
07:30:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2012-02-25 09:49:12.0 +0100
@@ -1,0 +2,5 @@
+Sat Feb 25 08:47:58 UTC 2012 - co...@suse.com
+
+- fix version
+
+---



Other differences:
--
++ python-libxml2.spec ++
--- /var/tmp/diff_new_pack.NvzEgR/_old  2012-02-25 09:49:13.0 +0100
+++ /var/tmp/diff_new_pack.NvzEgR/_new  2012-02-25 09:49:13.0 +0100
@@ -17,7 +17,7 @@
 
 
 Name:   python-libxml2
-Version:2.7.8+git20110223
+Version:2.7.8+git20120223
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2012-02-24 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-02-25 07:30:28

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2012-02-15 
16:16:54.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-02-25 
07:30:30.0 +0100
@@ -1,0 +2,7 @@
+Thu Feb 23 10:42:16 UTC 2012 - co...@suse.com
+
+- update to today's GIT snapshot:
+include XZ support
+- split libxml2-2 according to shared library policy
+
+---
New Changes file:

--- /dev/null   2010-08-26 16:28:41.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/python-libxml2.changes  
2012-02-25 07:30:30.0 +0100
@@ -0,0 +1,1469 @@
+---
+Thu Feb 23 11:00:21 UTC 2012 - co...@suse.com
+
+- renamed to python-libxml2 to follow python naming expectations
+- do not require python but let rpm figure it out
+
+---
+Mon Dec 26 17:08:59 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant tags/sections
+
+---
+Fri Jul  8 08:52:06 UTC 2011 - sasc...@suse.de
+
+- update to libxml-2.7.8+git20110708
+  - several important bugfixes
+
+---
+Mon Dec  6 09:05:53 UTC 2010 - co...@novell.com
+
+- buildrequire python-xml to fix build
+
+---
+Fri Dec  3 12:24:42 UTC 2010 - pu...@novell.com
+
+- update to libxml-2.7.8
+  - number of bufixes, documentation and portability fixes
+  - update language ID parser to RFC 5646
+  - sort python generated stubs
+  - add an HTML parser option to avoid a default doctype
+  - see http://xmlsoft.org/news.html for exact details
+- clean up specfile
+
+---
+Wed Apr  7 16:34:29 UTC 2010 - co...@novell.com
+
+- fix build
+
+---
+Tue Mar 23 23:46:00 CET 2010 - mrd...@opensuse.org
+
+- update to 2.7.7
+- add extra options to ./configure for scribus features and avoid a crash
+- updates from 2.7.3  2.7.7 include a number of portability, correctness
+  memory leaks and build fixes including some CVE
+- see http://xmlsoft.org/news.html for exact details
+
+---
+Tue Dec 15 12:19:16 CET 2009 - jeng...@medozas.de
+
+- enable parallel building
+
+---
+Thu Mar 19 10:16:50 CET 2009 - prus...@suse.cz
+
+- updated to 2.7.2
+  * Portability fix: fix solaris compilation problem,
+fix compilation if XPath is not configured in
+  * Bug fixes: nasty entity bug introduced in 2.7.0, restore old
+behaviour when saving an HTML doc with an xml dump function,
+HTML UTF-8 parsing bug, fix reader custom error handlers
+(Riccardo Scussat)
+  * Improvement: xmlSave options for more flexibility to save
+as XML/HTML/XHTML, handle leading BOM in HTML documents
+- updated to 2.7.3
+  * Build fix: fix build when HTML support is not included.
+  * Bug fixes: avoid memory overflow in gigantic text nodes,
+indentation problem on the writed (Rob Richards),
+xmlAddChildList pointer problem (Rob Richards and Kevin Milburn),
+xmlAddChild problem with attribute (Rob Richards and Kris Breuker),
+avoid a memory leak in an edge case (Daniel Zimmermann),
+deallocate some pthread data (Alex Ott).
+  * Improvements: configure option to avoid rebuilding docs
+(Adrian Bunk), limit text nodes to 10MB max by default,
+add element traversal APIs, add a parser option to enable
+pre 2.7 SAX behavior (Rob Richards),
+add gcc malloc checking (Marcus Meissner),
+add gcc printf like functions parameters checking (Marcus Meissner).
+- dropped obsoleted patches:
+  * alloc_size.patch (mainline)
+  * CVE-2008-4225.patch (mainline)
+  * CVE-2008-4226.patch (mainline)
+  * CVE-2008-4409.patch (mainline)
+  * oldsax.patch (mainline)
+  * pritnf.patch (mainline)
+  * xmlsave.patch (mainline)
+
+---
+Mon Jan 12 17:21:59 CET 2009 - prus...@suse.cz
+
+- added oldsax.patch to enable pre 2.7.0 sax behaviour [bnc#457056]
+
+---
+Wed Dec 10 12:34:56 CET 2008 - o...@suse.de
+
+- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
+  (bnc#437293)
+

commit libxml2 for openSUSE:Factory

2012-02-15 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2012-02-15 16:16:36

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2-python.changes   2011-09-23 
02:11:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2-python.changes  
2012-02-15 16:16:54.0 +0100
@@ -1,0 +2,5 @@
+Mon Dec 26 17:08:59 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant tags/sections
+
+---
--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2011-12-27 
18:37:51.0 +0100
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2012-02-15 
16:16:54.0 +0100
@@ -1,0 +2,5 @@
+Mon Dec 26 17:08:52 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant tags/sections
+
+---



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.Cbokbo/_old  2012-02-15 16:16:55.0 +0100
+++ /var/tmp/diff_new_pack.Cbokbo/_new  2012-02-15 16:16:55.0 +0100
@@ -16,13 +16,14 @@
 #
 
 
+
 Name:   libxml2-python
 Version:2.7.8+git20110708
 Release:0
 Summary:Python Bindings for libxml2
 License:MIT
 Group:  Development/Libraries/Python
-Url:http://xmlsoft.org
+URL:http://xmlsoft.org
 Source: libxml2-%{version}.tar.bz2
 Source1:libxml2-python-rpmlintrc
 BuildRequires:  libxml2-devel
@@ -79,9 +80,6 @@
 # #223696
 rm -f %{buildroot}%{py_sitedir}/*.{la,a}
 
-%clean
-rm -rf %{buildroot}
-
 %files
 %defattr(-, root, root)
 %doc python/TODO

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.Cbokbo/_old  2012-02-15 16:16:55.0 +0100
+++ /var/tmp/diff_new_pack.Cbokbo/_new  2012-02-15 16:16:55.0 +0100
@@ -16,13 +16,14 @@
 #
 
 
+
 Name:   libxml2
 Version:2.7.8+git20110708
 Release:0
 Summary:A Library to Manipulate XML Files
 License:MIT
 Group:  System/Libraries
-Url:http://xmlsoft.org
+URL:http://xmlsoft.org
 Source: %{name}-%{version}.tar.bz2
 Source2:baselibs.conf
 BuildRequires:  autoconf
@@ -127,9 +128,6 @@
 
 %postun -p /sbin/ldconfig
 
-%clean
-rm -rf %{buildroot}
-
 %files
 %defattr(-, root, root)
 %doc %dir %{_docdir}/%{name}

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2011-12-27 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2011-12-27 18:37:09

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes  2011-09-23 
02:11:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.libxml2.new/libxml2.changes 2011-12-27 
18:37:51.0 +0100
@@ -1,0 +2,11 @@
+Wed Dec 21 10:24:19 UTC 2011 - co...@suse.com
+
+- add autoconf as buildrequire to avoid implicit dependency
+
+---
+Tue Dec 20 11:05:01 UTC 2011 - co...@suse.com
+
+- own aclocal directory, there is no other reason to buildrequire
+  automake
+
+---



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.GfH3Mk/_old  2011-12-27 18:37:52.0 +0100
+++ /var/tmp/diff_new_pack.GfH3Mk/_new  2011-12-27 18:37:52.0 +0100
@@ -16,18 +16,18 @@
 #
 
 
-
 Name:   libxml2-python
 Version:2.7.8+git20110708
-Release:1
-License:MIT
+Release:0
 Summary:Python Bindings for libxml2
-Url:http://xmlsoft.org
+License:MIT
 Group:  Development/Libraries/Python
+Url:http://xmlsoft.org
 Source: libxml2-%{version}.tar.bz2
 Source1:libxml2-python-rpmlintrc
 BuildRequires:  libxml2-devel
-BuildRequires:  python-devel python-xml
+BuildRequires:  python-devel
+BuildRequires:  python-xml
 %py_requires
 Requires:   libxml2 = %{version}
 # Uncomment to save space:

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.GfH3Mk/_old  2011-12-27 18:37:52.0 +0100
+++ /var/tmp/diff_new_pack.GfH3Mk/_new  2011-12-27 18:37:52.0 +0100
@@ -16,16 +16,16 @@
 #
 
 
-
 Name:   libxml2
 Version:2.7.8+git20110708
-Release:1
-License:MIT
+Release:0
 Summary:A Library to Manipulate XML Files
-Url:http://xmlsoft.org
+License:MIT
 Group:  System/Libraries
+Url:http://xmlsoft.org
 Source: %{name}-%{version}.tar.bz2
 Source2:baselibs.conf
+BuildRequires:  autoconf
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  zlib-devel
@@ -52,7 +52,6 @@
 progress.
 
 %package devel
-License:MIT
 Summary:Include Files and Libraries mandatory for Development
 Group:  Development/Libraries/C and C++
 Requires:   %{name} = %{version}
@@ -69,7 +68,6 @@
 to develop applications that require these.
 
 %package doc
-License:MIT
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
 Requires:   %{name} = %{version}
@@ -145,6 +143,7 @@
 %files devel
 %defattr(-, root, root)
 %{_bindir}/xml2-config
+%dir %{_datadir}/aclocal
 %{_datadir}/aclocal/libxml.m4
 %{_includedir}/libxml
 %{_includedir}/libxml2

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2011-12-06 Thread h_root 
Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory checked 
in at 2011-12-06 18:26:27

Comparing /work/SRC/openSUSE:Factory/libxml2 (Old)
 and  /work/SRC/openSUSE:Factory/.libxml2.new (New)


Package is libxml2, Maintainer is vci...@suse.com

Changes:

libxml2.changes: same change



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.CeETVW/_old  2011-12-06 18:48:01.0 +0100
+++ /var/tmp/diff_new_pack.CeETVW/_new  2011-12-06 18:48:01.0 +0100
@@ -20,7 +20,7 @@
 Name:   libxml2-python
 Version:2.7.8+git20110708
 Release:1
-License:MIT License (or similar)
+License:MIT
 Summary:Python Bindings for libxml2
 Url:http://xmlsoft.org
 Group:  Development/Libraries/Python

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.CeETVW/_old  2011-12-06 18:48:01.0 +0100
+++ /var/tmp/diff_new_pack.CeETVW/_new  2011-12-06 18:48:01.0 +0100
@@ -20,7 +20,7 @@
 Name:   libxml2
 Version:2.7.8+git20110708
 Release:1
-License:MIT License (or similar)
+License:MIT
 Summary:A Library to Manipulate XML Files
 Url:http://xmlsoft.org
 Group:  System/Libraries
@@ -52,7 +52,7 @@
 progress.
 
 %package devel
-License:MIT License (or similar)
+License:MIT
 Summary:Include Files and Libraries mandatory for Development
 Group:  Development/Libraries/C and C++
 Requires:   %{name} = %{version}
@@ -69,7 +69,7 @@
 to develop applications that require these.
 
 %package doc
-License:MIT License (or similar)
+License:MIT
 Summary:A Library to Manipulate XML Files
 Group:  System/Libraries
 Requires:   %{name} = %{version}

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2011-07-11 Thread h_root 

Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory
checked in at Mon Jul 11 12:30:03 CEST 2011.




--- libxml2/libxml2-python.changes  2010-12-06 10:06:08.0 +0100
+++ /mounts/work_src_done/STABLE/libxml2/libxml2-python.changes 2011-07-11 
11:00:19.0 +0200
@@ -1,0 +2,6 @@
+Fri Jul  8 08:52:06 UTC 2011 - sasc...@suse.de
+
+- update to libxml-2.7.8+git20110708
+  - several important bugfixes
+
+---
--- libxml2/libxml2.changes 2011-06-29 14:11:23.0 +0200
+++ /mounts/work_src_done/STABLE/libxml2/libxml2.changes2011-07-08 
11:01:40.0 +0200
@@ -1,0 +2,11 @@
+Fri Jul  8 08:52:06 UTC 2011 - sasc...@suse.de
+
+- update to libxml-2.7.8+git20110708
+  - several important bugfixes
+- drop upstreamed patches:
+  * libxml2-CVE-2010-4494.patch
+  * libxml2-CVE-2011-1944.patch
+  * noxref.patch
+  * symbol-versioning.patch
+
+---

calling whatdependson for head-i586


Old:

  libxml2-2.7.8.tar.bz2
  libxml2-CVE-2010-4494.patch
  libxml2-CVE-2011-1944.patch
  noxref.patch
  symbol-versioning.patch

New:

  libxml2-2.7.8+git20110708.tar.bz2



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.flqead/_old  2011-07-11 12:29:28.0 +0200
+++ /var/tmp/diff_new_pack.flqead/_new  2011-07-11 12:29:28.0 +0200
@@ -18,8 +18,8 @@
 
 
 Name:   libxml2-python
-Version:2.7.8
-Release:5
+Version:2.7.8+git20110708
+Release:1
 License:MIT License (or similar)
 Summary:Python Bindings for libxml2
 Url:http://xmlsoft.org
@@ -45,7 +45,7 @@
 either at parse time or later once the document has been modified.
 
 %prep
-%setup -q -n libxml2-%{version}
+%setup -q -n libxml2-2.7.8
 
 %build
 # workaround for bnc#310196

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.flqead/_old  2011-07-11 12:29:28.0 +0200
+++ /var/tmp/diff_new_pack.flqead/_new  2011-07-11 12:29:28.0 +0200
@@ -18,18 +18,14 @@
 
 
 Name:   libxml2
-Version:2.7.8
-Release:20
+Version:2.7.8+git20110708
+Release:1
 License:MIT License (or similar)
 Summary:A Library to Manipulate XML Files
 Url:http://xmlsoft.org
 Group:  System/Libraries
 Source: %{name}-%{version}.tar.bz2
 Source2:baselibs.conf
-Patch1: noxref.patch
-Patch2: libxml2-CVE-2010-4494.patch
-Patch3: symbol-versioning.patch
-Patch4: libxml2-CVE-2011-1944.patch
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  zlib-devel
@@ -98,11 +94,7 @@
 progress.
 
 %prep
-%setup -q
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
+%setup -q -n %{name}-2.7.8
 
 %build
 # needed with patch3 - until it is no longer required






Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libxml2 for openSUSE:Factory

2011-06-29 Thread h_root 

Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory
checked in at Wed Jun 29 15:18:04 CEST 2011.



mismatched tag at line 109, column 4, byte 3108:
/script
  /head
===^

 at /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi/XML/Parser.pm 
line 187
xargs: /work/src/bin/tools/get_bugzilla: exited with status 255; aborting


--- libxml2/libxml2.changes 2011-06-05 23:38:32.0 +0200
+++ /mounts/work_src_done/STABLE/libxml2/libxml2.changes2011-06-29 
14:11:23.0 +0200
@@ -1,0 +2,5 @@
+Wed Jun 29 09:05:59 UTC 2011 - pu...@novell.com
+
+- add libxml2-CVE-2011-1944.patch (bnc#697372)
+
+---

calling whatdependson for head-i586


New:

  libxml2-CVE-2011-1944.patch



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.zfgljP/_old  2011-06-29 15:17:28.0 +0200
+++ /var/tmp/diff_new_pack.zfgljP/_new  2011-06-29 15:17:28.0 +0200
@@ -19,7 +19,7 @@
 
 Name:   libxml2-python
 Version:2.7.8
-Release:4
+Release:5
 License:MIT License (or similar)
 Summary:Python Bindings for libxml2
 Url:http://xmlsoft.org

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.zfgljP/_old  2011-06-29 15:17:28.0 +0200
+++ /var/tmp/diff_new_pack.zfgljP/_new  2011-06-29 15:17:28.0 +0200
@@ -19,7 +19,7 @@
 
 Name:   libxml2
 Version:2.7.8
-Release:18
+Release:20
 License:MIT License (or similar)
 Summary:A Library to Manipulate XML Files
 Url:http://xmlsoft.org
@@ -29,6 +29,7 @@
 Patch1: noxref.patch
 Patch2: libxml2-CVE-2010-4494.patch
 Patch3: symbol-versioning.patch
+Patch4: libxml2-CVE-2011-1944.patch
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  zlib-devel
@@ -101,6 +102,7 @@
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 # needed with patch3 - until it is no longer required

++ libxml2-CVE-2011-1944.patch ++
From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001
From: Chris Evans scarybea...@gmail.com
Date: Wed, 23 Mar 2011 08:13:06 +0800
Subject: [PATCH] Fix some potential problems on reallocation failures

The count was incremented before the allocation
and not fixed in case of failure
* xpath.c: corrects a few instances where the available count of some
   structure is updated before we know the allocation actually
   succeeds

Signed-off-by: Petr Uzel petr.u...@suse.cz
---
 xpath.c |   20 ++--
 1 files changed, 10 insertions(+), 10 deletions(-)

Index: libxml2-2.7.8/xpath.c
===
--- libxml2-2.7.8.orig/xpath.c
+++ libxml2-2.7.8/xpath.c
@@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur,
 } else if (cur-nodeNr == cur-nodeMax) {
 xmlNodePtr *temp;
 
-cur-nodeMax *= 2;
-   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax *
+   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax * 2 *
  sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, growing nodeset\n);
return;
}
+cur-nodeMax *= 2;
cur-nodeTab = temp;
 }
 cur-nodeTab[cur-nodeNr++] = xmlXPathNodeSetDupNs(node, ns);
@@ -3575,13 +3575,13 @@ xmlXPathNodeSetAdd(xmlNodeSetPtr cur, xm
 } else if (cur-nodeNr == cur-nodeMax) {
 xmlNodePtr *temp;
 
-cur-nodeMax *= 2;
-   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax *
+   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax * 2 *
  sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, growing nodeset\n);
return;
}
+cur-nodeMax *= 2;
cur-nodeTab = temp;
 }
 if (val-type == XML_NAMESPACE_DECL) {
@@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr c
 } else if (cur-nodeNr == cur-nodeMax) {
 xmlNodePtr *temp;
 
-cur-nodeMax *= 2;
-   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax *
+   temp = (xmlNodePtr *) xmlRealloc(cur-nodeTab, cur-nodeMax * 2 *
  sizeof(xmlNodePtr));
if (temp == NULL) {
xmlXPathErrMemory(NULL, growing nodeset\n);
return;
}
cur-nodeTab = temp;
+cur-nodeMax *= 2;
 }
 if (val-type == XML_NAMESPACE_DECL) {
xmlNsPtr ns = (xmlNsPtr) val;
@@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1,
} else if (val1-nodeNr == val1-nodeMax) {
xmlNodePtr *temp;
 
-   val1-nodeMax *= 2;
-   temp = (xmlNodePtr *)

commit libxml2 for openSUSE:Factory

2011-06-07 Thread h_root 

Hello community,

here is the log from the commit of package libxml2 for openSUSE:Factory
checked in at Tue Jun 7 09:00:02 CEST 2011.




--- libxml2/libxml2.changes 2011-01-03 10:44:12.0 +0100
+++ /mounts/work_src_done/STABLE/libxml2/libxml2.changes2011-06-05 
23:38:32.0 +0200
@@ -1,0 +2,5 @@
+Sun Jun  5 21:36:07 UTC 2011 - cshor...@googlemail.com
+
+- add symbol-versioning.patch to restore 11.3 versioned symbols 
+
+---

calling whatdependson for head-i586


New:

  symbol-versioning.patch



Other differences:
--
++ libxml2-python.spec ++
--- /var/tmp/diff_new_pack.b9L0dF/_old  2011-06-07 08:57:14.0 +0200
+++ /var/tmp/diff_new_pack.b9L0dF/_new  2011-06-07 08:57:14.0 +0200
@@ -1,5 +1,5 @@
 #
-# spec file for package libxml2-python (Version 2.7.8)
+# spec file for package libxml2-python
 #
 # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -19,7 +19,7 @@
 
 Name:   libxml2-python
 Version:2.7.8
-Release:3
+Release:4
 License:MIT License (or similar)
 Summary:Python Bindings for libxml2
 Url:http://xmlsoft.org

++ libxml2.spec ++
--- /var/tmp/diff_new_pack.b9L0dF/_old  2011-06-07 08:57:14.0 +0200
+++ /var/tmp/diff_new_pack.b9L0dF/_new  2011-06-07 08:57:14.0 +0200
@@ -1,5 +1,5 @@
 #
-# spec file for package libxml2 (Version 2.7.8)
+# spec file for package libxml2
 #
 # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -19,7 +19,7 @@
 
 Name:   libxml2
 Version:2.7.8
-Release:3
+Release:18
 License:MIT License (or similar)
 Summary:A Library to Manipulate XML Files
 Url:http://xmlsoft.org
@@ -28,6 +28,7 @@
 Source2:baselibs.conf
 Patch1: noxref.patch
 Patch2: libxml2-CVE-2010-4494.patch
+Patch3: symbol-versioning.patch
 BuildRequires:  pkg-config
 BuildRequires:  readline-devel
 BuildRequires:  zlib-devel
@@ -99,8 +100,12 @@
 %setup -q
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
+# needed with patch3 - until it is no longer required
+%__autoconf
+
 %configure --disable-static \
 --with-html-subdir=packages/%{name}/html \
 --with-fexceptions \

++ symbol-versioning.patch ++
--- libxml2-2.7.8.orig/configure.in 2010-11-04 17:01:19.0 +
+++ libxml2-2.7.8/configure.in  2011-06-05 20:56:21.505617000 +
@@ -84,7 +84,7 @@
   esac
 fi
 AC_SUBST(VERSION_SCRIPT_FLAGS)
-AM_CONDITIONAL([USE_VERSION_SCRIPT], [test -z $VERSION_SCRIPT_FLAGS])
+AM_CONDITIONAL([USE_VERSION_SCRIPT], [test -n $VERSION_SCRIPT_FLAGS])
 
 dnl
 dnl We process the AC_ARG_WITH first so that later we can modify





Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org