Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libxslt-tools | Distribution: openSUSE Leap 15.2 |
Version: 1.1.32 | Vendor: openSUSE |
Release: lp152.5.1 | Build date: Fri May 29 19:51:30 2020 |
Group: Development/Tools/Other | Build host: obs-arm-2 |
Size: 138000 | Source RPM: libxslt-1.1.32-lp152.5.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: http://xmlsoft.org/XSLT/ | |
Summary: Extended Stylesheet Language (XSL) Transformation utilities |
This package contains xsltproc, a command line interface to the XSLT engine. xtend the
MIT AND GPL-2.0+
* Mon Oct 21 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix [bsc#1154609, CVE-2019-18197] * Fix dangling pointer in xsltCopyText * Add libxslt-CVE-2019-18197.patch * Tue Jul 02 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix: [bsc#1140101, CVE-2019-13118] * Fix uninitialized read with UTF-8 grouping chars. Read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character * Added libxslt-CVE-2019-13118.patch * Tue Jul 02 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix: [bsc#1140095, CVE-2019-13117] * Fix uninitialized read of xsl:number token. An xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers * Added libxslt-CVE-2019-13117.patch * Thu Apr 11 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix: [bsc#1132160, CVE-2019-11068] * Bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. * Added libxslt-CVE-2019-11068.patch * Wed Nov 08 2017 vcizek@suse.com - Update to version 1.1.32 * fixes xml-config detection regression (boo#1066525) * Thu Oct 19 2017 pmonrealgonzalez@suse.com - Update to version 1.1.30 [bsc#1063934] * Documentation: - Misc doc fixes * Portability: - Look for libxml2 via pkg-config first * Bug Fixes: - Also fix memory hazards in exsltFuncResultElem - Fix NULL deref in xsltDefaultSortFunction - Fix memory hazards in exsltFuncFunctionFunction - Fix memory leaks in EXSLT error paths - Fix memory leak in str:concat with empty node-set - Fix memory leaks in error paths - Switch to xmlUTF8Strsize in numbers.c - Fix NULL pointer deref in xsltFormatNumberFunction - Fix UTF-8 check in str:padding - Fix xmlStrPrintf argument - Check for overflow in _exsltDateParseGYear - Fix double to int conversion - Check for overflow in exsltDateParseDuration - Change version of xsltMaxVars back to 1.0.24 - Disable xsltCopyTextString optimization for extensions - Create DOCTYPE for HTML version 5 - Make xsl:decimal-format work with namespaces - Remove norm:localTime extension function - Check for integer overflow in xsltAddTextString - Detect infinite recursion when evaluating function arguments - Fix memory leak in xsltElementAvailableFunction - Fix for pattern predicates calling functions - Fix cmd.exe invocations in Makefile.mingw - Don't try to install index.sgml - Fix symbols.xml - Fix heap overread in xsltFormatNumberConversion - Fix <xsl:number level="any"/> for non-element nodes - Fix unreachable code in xsltAddChild - Change version number in xsl:version warning - Avoid infinite recursion after failed param evaluation - Stop if potential recursion is detected - Consider built-in templates in apply-imports - Fix precedence with multiple attribute sets - Rework attribute set resolution * Improvements: - Silence tests a little - Set LIBXML_SRC to absolute path - Add missing #include - Adjust expected error messages in tests - Make xsltDebug more quiet - New-line terminate error message that missed this convention - Use xmlBuffers in EXSLT string functions - Switch to xmlUTF8Strsize in EXSLT string functions - Check for return value of xmlUTF8Strlen - Avoid double/long round trip in FORMAT_ITEM - Separate date and duration structs - Check for overflow in _exsltDateDifference - Clamp seconds field of durations - Change _exsltDateAddDurCalc parameter types - Fix date:difference with time zones - Rework division/remainder arithmetic in date.c - Remove exsltDateCastDateToNumber - Change internal representation of years - Optimize IS_LEAP - Link libraries with libm - Rename xsltCopyTreeInternal to xsltCopyTree - Update linker version script - Add local wildcard to version script - Make some symbols static - Remove redundant NULL check in xsltNumberComp - Fix forwards compatibility for imported stylesheets - Reduce warnings in forwards-compatible mode - Precompute XSLT elements after preprocessing - Fix whitespace in xsltParseStylesheetTop - Consolidate recursion checks - Treat XSLT_STATE_STOPPED same as errors - Make sure that XSLT_STATE_STOPPED isn't overwritten - Add comment regarding built-in templates and params - Rewrite memory management of local RVTs - Validate QNames of attribute sets - Add xsl:attribute-set regression tests - Ignore imported stylesheets in xsltApplyAttributeSet - Dropped patches fixed upstream * libxslt-CVE-2016-4738.patch * libxslt-1.1.28-CVE-2017-5029.patch * Mon Sep 11 2017 jengelh@inai.de - Fix RPM groups. Drop ineffective --with-pic. Trim conjecture from description. * Fri Jul 28 2017 mpluskal@suse.com - Add gpg signature - Cleanup spec file with spec-cleaner * Tue Apr 25 2017 pmonrealgonzalez@suse.com - Fixed CVE-2017-5029 bcs#1035905 * Limit buffer size in xsltAddTextString to INT_MAX - Added patch libxslt-1.1.28-CVE-2017-5029.patch * Wed Apr 05 2017 pgajdos@suse.com - security update: initialize random generator, CVE-2015-9019 [bsc#934119] + libxslt-random-seed.patch * Mon Mar 13 2017 pmonrealgonzalez@suse.com - Added patch libxslt-CVE-2016-4738.patch * Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string. * bsc#1005591 CVE-2016-4738 * Sat Jun 11 2016 tchvatal@suse.com - Update to 1.1.29: * new release after 4 years with few bugfies all around - Refresh patch 0009-Make-generate-id-deterministic.patch to apply - Remove cve patch that was integrated upstream: libxslt-1.1.28-type_confusion_preprocess_attr.patch - Unpack the manpage as the compression is set by buildbot not always gz * Fri May 20 2016 kstreitova@suse.com - add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix type confusion in preprocessing attributes [bnc#952474], [CVE-2015-7995] * Thu Apr 09 2015 suse@microstep-mis.com - fix package with "soname" should obsolete libxslt package on suse < 12.2 (SLE11) * Sun Feb 01 2015 coolo@suse.com - add 0009-Make-generate-id-deterministic.patch from debian's reproducible builds project to avoid randomness in generated IDs
/usr/bin/xsltproc /usr/share/doc/packages/libxslt-tools /usr/share/doc/packages/libxslt-tools/AUTHORS /usr/share/doc/packages/libxslt-tools/Copyright /usr/share/doc/packages/libxslt-tools/FEATURES /usr/share/doc/packages/libxslt-tools/NEWS /usr/share/doc/packages/libxslt-tools/README /usr/share/doc/packages/libxslt-tools/TODO /usr/share/licenses/libxslt-tools /usr/share/licenses/libxslt-tools/COPYING /usr/share/man/man1/xsltproc.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu May 9 11:49:56 2024