Now
MAIN commitmail json YAML
pkgsrc/textproc/expat/Makefile@1.35
/
diff
pkgsrc/textproc/expat/PLIST@1.11 / diff
pkgsrc/textproc/expat/distinfo@1.30 / diff
pkgsrc/textproc/expat/patches/patch-configure deleted
pkgsrc/textproc/expat/patches/patch-configure.ac deleted
pkgsrc/textproc/expat/PLIST@1.11 / diff
pkgsrc/textproc/expat/distinfo@1.30 / diff
pkgsrc/textproc/expat/patches/patch-configure deleted
pkgsrc/textproc/expat/patches/patch-configure.ac deleted
Updated expat to 2.2.4.
Release 2.2.4 Sat Auguest 19 2017
Bug fixes:
#115 Fix copying of partial characters for UTF-8 input
Other changes:
#109 Fix "make check" for non-x86 architectures that default
to unsigned type char (-128..127 rather than 0..255)
#109 coverage.sh: Cover -funsigned-char
Autotools: Introduce --without-xmlwf argument
#65 Autotools: Replace handwritten Makefile with GNU Automake
#43 CMake: Auto-detect high quality entropy extractors, add new
option USE_libbsd=ON to use arc4random_buf of libbsd
#74 CMake: Add -fno-strict-aliasing only where supported
#114 CMake: Always honor manually set BUILD_* options
#114 CMake: Compile man page if docbook2x-man is available, only
#117 Include file tests/xmltest.log.expected in source tarball
(required for "make run-xmltest")
#117 Include (existing) Visual Studio 2013 files in source tarball
Improve test suite error output
#111 Fix some typos in documentation
Version info bumped from 7:5:6 to 7:6:6
Special thanks to:
Jakub Wilk
Joe Orton
Lin Tian
Rolf Eike Beer
Release 2.2.3 Wed August 2 2017
Security fixes:
#82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
using Steve Holme's LoadLibrary wrapper for/of cURL
Bug fixes:
#85 Fix a dangling pointer issue related to realloc
Other changes:
Increase code coverage
#91 Linux: Allow getrandom to fail if nonblocking pool has not
yet been initialized and read /dev/urandom then, instead.
This is in line with what recent Python does.
#81 Pre-10.7/Lion macOS: Support entropy from arc4random
#86 Check that a UTF-16 encoding in an XML declaration has the
right endianness
#4 #5 #7 Recover correctly when some reallocations fail
Repair "./configure && make" for systems without any
provider of high quality entropy
and try reading /dev/urandom on those
Ensure that user-defined character encodings have converter
functions when they are needed
Fix mis-leading description of argument -c in xmlwf.1
Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
for CloudABI
#100 Fix use of SIPHASH_MAIN in siphash.h
#23 Test suite: Fix memory leaks
Version info bumped from 7:4:6 to 7:5:6
Special thanks to:
Chanho Park
Joe Orton
Pascal Cuoq
Rhodri James
Simon McVittie
Vadim Zeitlin
Viktor Szakats
and
Core Infrastructure Initiative
Release 2.2.2 Wed July 12 2017
Security fixes:
#43 Protect against compilation without any source of high
quality entropy enabled, e.g. with CMake build system;
commit ff0207e6076e9828e536b8d9cd45c9c92069b895
#60 Windows with _UNICODE:
Unintended use of LoadLibraryW with a non-wide string
resulted in failure to load advapi32.dll and degradation
in quality of used entropy when compiled with _UNICODE for
Windows; you can launch existing binaries with
EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the
quality of entropy used during runtime; commits
* 95b95032f907ef1cd17ee7a9a1768010a825d61d
* 73a5a2e9c081f49f2d775cf7ced864158b68dc80
[MOX-006] Fix non-NULL parser parameter validation in XML_Parse;
resulted in NULL dereference, previously;
commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe
Bug fixes:
#69 Fix improper use of unsigned long long integer literals
Other changes:
#73 Start requiring a C99 compiler
#49 Fix "==" Bashism in configure script
#50 Fix too eager getrandom detection for Debian GNU/kFreeBSD
#52 and macOS
#51 Address lack of stdint.h in Visual Studio 2003 to 2008
#58 Address compile warnings
#68 Fix "./buildconf.sh && ./configure" for some versions
of Dash for /bin/sh
#72 CMake: Ease use of Expat in context of a parent project
with multiple CMakeLists.txt files
#72 CMake: Resolve mistaken executable permissions
#76 Address compile warning with -DNDEBUG (not recommended!)
#77 Address compile warning about macro redefinition
Special thanks to:
Alexander Bluhm
Ben Boeckel
Cătălin Răceanu
Kerin Millar
László Böszörményi
S. P. Zeidler
Segev Finer
Václav Slavík
Victor Stinner
Viktor Szakats
and
Radically Open Security
Release 2.2.4 Sat Auguest 19 2017
Bug fixes:
#115 Fix copying of partial characters for UTF-8 input
Other changes:
#109 Fix "make check" for non-x86 architectures that default
to unsigned type char (-128..127 rather than 0..255)
#109 coverage.sh: Cover -funsigned-char
Autotools: Introduce --without-xmlwf argument
#65 Autotools: Replace handwritten Makefile with GNU Automake
#43 CMake: Auto-detect high quality entropy extractors, add new
option USE_libbsd=ON to use arc4random_buf of libbsd
#74 CMake: Add -fno-strict-aliasing only where supported
#114 CMake: Always honor manually set BUILD_* options
#114 CMake: Compile man page if docbook2x-man is available, only
#117 Include file tests/xmltest.log.expected in source tarball
(required for "make run-xmltest")
#117 Include (existing) Visual Studio 2013 files in source tarball
Improve test suite error output
#111 Fix some typos in documentation
Version info bumped from 7:5:6 to 7:6:6
Special thanks to:
Jakub Wilk
Joe Orton
Lin Tian
Rolf Eike Beer
Release 2.2.3 Wed August 2 2017
Security fixes:
#82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
using Steve Holme's LoadLibrary wrapper for/of cURL
Bug fixes:
#85 Fix a dangling pointer issue related to realloc
Other changes:
Increase code coverage
#91 Linux: Allow getrandom to fail if nonblocking pool has not
yet been initialized and read /dev/urandom then, instead.
This is in line with what recent Python does.
#81 Pre-10.7/Lion macOS: Support entropy from arc4random
#86 Check that a UTF-16 encoding in an XML declaration has the
right endianness
#4 #5 #7 Recover correctly when some reallocations fail
Repair "./configure && make" for systems without any
provider of high quality entropy
and try reading /dev/urandom on those
Ensure that user-defined character encodings have converter
functions when they are needed
Fix mis-leading description of argument -c in xmlwf.1
Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
for CloudABI
#100 Fix use of SIPHASH_MAIN in siphash.h
#23 Test suite: Fix memory leaks
Version info bumped from 7:4:6 to 7:5:6
Special thanks to:
Chanho Park
Joe Orton
Pascal Cuoq
Rhodri James
Simon McVittie
Vadim Zeitlin
Viktor Szakats
and
Core Infrastructure Initiative
Release 2.2.2 Wed July 12 2017
Security fixes:
#43 Protect against compilation without any source of high
quality entropy enabled, e.g. with CMake build system;
commit ff0207e6076e9828e536b8d9cd45c9c92069b895
#60 Windows with _UNICODE:
Unintended use of LoadLibraryW with a non-wide string
resulted in failure to load advapi32.dll and degradation
in quality of used entropy when compiled with _UNICODE for
Windows; you can launch existing binaries with
EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the
quality of entropy used during runtime; commits
* 95b95032f907ef1cd17ee7a9a1768010a825d61d
* 73a5a2e9c081f49f2d775cf7ced864158b68dc80
[MOX-006] Fix non-NULL parser parameter validation in XML_Parse;
resulted in NULL dereference, previously;
commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe
Bug fixes:
#69 Fix improper use of unsigned long long integer literals
Other changes:
#73 Start requiring a C99 compiler
#49 Fix "==" Bashism in configure script
#50 Fix too eager getrandom detection for Debian GNU/kFreeBSD
#52 and macOS
#51 Address lack of stdint.h in Visual Studio 2003 to 2008
#58 Address compile warnings
#68 Fix "./buildconf.sh && ./configure" for some versions
of Dash for /bin/sh
#72 CMake: Ease use of Expat in context of a parent project
with multiple CMakeLists.txt files
#72 CMake: Resolve mistaken executable permissions
#76 Address compile warning with -DNDEBUG (not recommended!)
#77 Address compile warning about macro redefinition
Special thanks to:
Alexander Bluhm
Ben Boeckel
Cătălin Răceanu
Kerin Millar
László Böszörményi
S. P. Zeidler
Segev Finer
Václav Slavík
Victor Stinner
Viktor Szakats
and
Radically Open Security