/expat, XML parser library written in C
2.1.0, Package name:
expat-2.1.0, Maintainer: drochner
This is James Clark's expat XML parser library in C. It is a stream oriented
parser that requires setting handlers to deal with the structure that the
parser discovers in the document.
Master sites: SHA1:
Version history: (Expand)
- (2012-04-01) Updated to version: expat-2.1.0
- (2010-01-26) Updated to version: expat-2.0.1nb2
- (2009-09-10) Updated to version: expat-2.0.1nb1
- (2007-06-18) Updated to version: expat-2.0.1
- (2007-06-08) Updated to version: expat-2.0.1
- (2006-02-06) Updated to version: expat-2.0.0nb1
CVS history: (Expand)
| 2014-10-09 16:07:17 by Thomas Klausner | Files touched by this commit (1163) |
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
| 2013-11-23 13:36:34 by OBATA Akio | Files touched by this commit (1) |
Use find-headers instead of find-files to detect builtin header files.
| 2012-10-25 08:57:09 by Aleksej Saushev | Files touched by this commit (587) |
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
| 2012-04-01 10:52:43 by OBATA Akio | Files touched by this commit (5) | |
Update expat to 2.1.0, contains security fixes.
Release 2.1.0 Sat March 24 2012
- Bug Fixes:
#1742315: Harmful XML_ParserCreateNS suggestion.
#2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
#1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
#1983953, 2517952, 2517962, 2649838:
Build modifications using autoreconf instead of buildconf.sh.
#2815947, #2884086: OBJEXT and EXEEXT support while building.
#1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
#2517938: xmlwf should return non-zero exit status if not well-formed.
#2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
#2855609: Dangling positionPtr after error.
#2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
#2958794: CVE-2012-1148 - Memory leak in poolGrow.
#2990652: CMake support.
#3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
#3206497: Unitialized memory returned from XML_Parse.
#3287849: make check fails on mingw-w64.
#3496608: CVE-2012-0876 - Hash DOS attack.
#1749198: pkg-config support.
#3010222: Fix for bug #3010819.
#3312568: CMake support.
#3446384: Report byte offsets for attr names and values.
- New Features / API changes:
Added new API member XML_SetHashSalt() that allows setting an intial
value (salt) for hash calculations. This is part of the fix for
bug #3496608 to randomize hash parameters.
When compiled with XML_ATTR_INFO defined, adds new API member
XML_GetAttributeInfo() that allows retrieving the byte
offsets for attribute names and values (patch #3446384).
Added CMake build system.
See bug #2990652 and patch #3312568.
Added run-benchmark target to Makefile.in - relies on testdata module
present in the same relative location as in the repository.
| 2012-03-19 13:34:25 by Joerg Sonnenberger | Files touched by this commit (23) |
Drop imake-check logic from X11 components' builtin.mk.
Always use xorg-cf-files and imake from pkgsrc, replacing xpkgwedge.
Always install man pages, not cat pages when using imake.
Unify the various imake PLIST variables in preparation for dropping.
Adjust xbattbar for the new expectations.
| 2010-07-04 18:34:46 by OBATA Akio | Files touched by this commit (1) |
Support buitin expat for Haiku.
| 2010-01-26 19:37:02 by Matthias Drochner | Files touched by this commit (3) | |
add patch from upstream CVS to fix CVE-2009-3560
(possible DOS due to crash on bad input)
| 2009-11-08 09:34:32 by OBATA Akio | Files touched by this commit (2) |
Note that patch-aa is for CVE-2009-3720.