Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 30551A66BA for ; Sun, 22 Nov 2015 23:49:06 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 87FB914A28C; Sun, 22 Nov 2015 23:49:05 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id CC84314A288 for ; Sun, 22 Nov 2015 23:49:04 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id tEbblcNL0oEJ for ; Sun, 22 Nov 2015 23:49:04 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 1730514A287 for ; Sun, 22 Nov 2015 23:49:04 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 0B96498; Sun, 22 Nov 2015 23:49:04 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Sun, 22 Nov 2015 23:49:04 +0000 From: "Thomas Klausner" Subject: CVS commit: pkgsrc/textproc/libxml2 To: pkgsrc-changes@NetBSD.org Reply-To: wiz@netbsd.org X-Mailer: log_accum Message-Id: <20151122234904.0B96498@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: wiz Date: Sun Nov 22 23:49:03 UTC 2015 Modified Files: pkgsrc/textproc/libxml2: Makefile distinfo Removed Files: pkgsrc/textproc/libxml2/patches: patch-HTMLparser.c patch-aj patch-ba patch-buf.c patch-include_libxml_tree.h patch-threads.c patch-xmlreader.c Log Message: Update libxml2 to 2.9.3. v2.9.3: Nov 20 2015 Security: CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport), CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard), CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard), CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard), CVE-2015-5312 Another entity expansion issue (David Drysdale), CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale), CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard), CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard), CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard), CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard), CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard) CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard), CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard), Documentation: Correct spelling of "calling" (Alex Henrie), Fix a small error in xmllint --format description (Fabien Degomme), Avoid XSS on the search of xmlsoft.org (Daniel Veillard) Portability: threads: use forward declarations only for glibc (Michael Heimpold), Update Win32 configure.js to search for configure.ac (Daniel Veillard) Bug Fixes: Bug on creating new stream from entity (Daniel Veillard), Fix some loop issues embedding NEXT (Daniel Veillard), Do not print error context when there is none (Daniel Veillard), Avoid extra processing of MarkupDecl when EOF (Hugh Davenport), Fix parsing short unclosed comment uninitialized access (Daniel Veillard), Add missing Null check in xmlParseExternalEntityPrivate (Gaurav Gupta), Fix a bug in CData error handling in the push parser (Daniel Veillard), Fix a bug on name parsing at the end of current input buffer (Daniel Veillard), Fix the spurious ID already defined error (Daniel Veillard), Fix previous change to node sort order (Nick Wellnhofer), Fix a self assignment issue raised by clang (Scott Graham), Fail parsing early on if encoding conversion failed (Daniel Veillard), Do not process encoding values if the declaration if broken (Daniel Veillard), Silence clang's -Wunknown-attribute (Michael Catanzaro), xmlMemUsed is not thread-safe (Martin von Gagern), Fix support for except in nameclasses (Daniel Veillard), Fix order of root nodes (Nick Wellnhofer), Allow attributes on descendant-or-self axis (Nick Wellnhofer), Fix the fix to Windows locking (Steve Nairn), Fix timsort invariant loop re: Envisage article (Christopher Swenson), Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer), Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer), Remove various unused value assignments (Philip Withnall), Fix missing entities after CVE-2014-3660 fix (Daniel Veillard), Revert "Missing initialization for the catalog module" (Daniel Veillard) Improvements: Reuse xmlHaltParser() where it makes sense (Daniel Veillard), xmlStopParser reset errNo (Daniel Veillard), Reenable xz support by default (Daniel Veillard), Recover unescaped less-than character in HTML recovery parsing (Daniel Veillard), Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance), Regression test for bug #695699 (Nick Wellnhofer), Add a couple of XPath tests (Nick Wellnhofer), Add Python 3 rpm subpackage (Tomas Radej), libxml2-config.cmake.in: update include directories (Samuel Martin), Adding example from bugs 738805 to regression tests (Daniel Veillard) To generate a diff of this commit: cvs rdiff -u -r1.138 -r1.139 pkgsrc/textproc/libxml2/Makefile cvs rdiff -u -r1.108 -r1.109 pkgsrc/textproc/libxml2/distinfo cvs rdiff -u -r1.1 -r0 pkgsrc/textproc/libxml2/patches/patch-HTMLparser.c \ pkgsrc/textproc/libxml2/patches/patch-buf.c \ pkgsrc/textproc/libxml2/patches/patch-include_libxml_tree.h \ pkgsrc/textproc/libxml2/patches/patch-xmlreader.c cvs rdiff -u -r1.4 -r0 pkgsrc/textproc/libxml2/patches/patch-aj cvs rdiff -u -r1.3 -r0 pkgsrc/textproc/libxml2/patches/patch-ba cvs rdiff -u -r1.5 -r0 pkgsrc/textproc/libxml2/patches/patch-threads.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.