- Update to 1.1.34: Oct 30 2019
  * Documentation:
    - Fix EXSLT web pages, Regenerate web pages
    - Fix Git link in news.html
    - Minor documentation fixes after recent changes
    - Regenerate symbols and API docs
    - Regenerate EXSLT website
  * Portability:
    - Remove stubs when compiling without debugger or profiler
    - configure.ac: Invoke PKG_CHECK_MODULES for building shared libraries
    - configure.ac: Conditionally determine whether xml2-config should pass
      shared libraries or static libraries
    - xslt-config.in: Fix broken --prefix=DIR support
    - libexslt.pc.in: Do not expose private library dependencies unless invoked
    - libxslt.pc.in: Do not expose private library dependencies unless invoked
    - Fix -Wformat-overflow warning (GCC 9)
    - Stop including ansidecl.h
    - Remove WIN32_EXTRA_* variables
    - Build without winsock
  * Bug Fixes:
    - xsl:template without name and match attributes should not be allowed
    - Make sure that Python tests exit with error code
    - Improve handling of invalid UTF-8 in format-number
    - Fix dangling pointer in xsltCopyText
    - Fix memory leak in pattern compilation error path
    - Fix uninitialized read with UTF-8 grouping chars
    - Fix integer overflow in FORMAT_GYEAR
    - Fix performance regression with xsl:number
    - Backup XPath context node in xsltInitCtxtKey
    - Fix unsigned integer overflow in date.c

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Security fix [bsc#1154609, CVE-2019-18197]
  * Fix dangling pointer in xsltCopyText
  * Add libxslt-CVE-2019-18197.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

  * Drop now unused libxslt-1.1.24-linkflags.patch and
    libxslt-do_not_build_doc_nor_xsltproc.patch

• Files Changed
• Browse Source

  * Drop now unused libxslt-1.1.24-linkflags.patch

• Files Changed
• Browse Source

- Drop out lilbxslt-python package as it is just py2 based and
  upstream yet didn't bother to port it to python3.
  When there is python3 compatible code it should be enabled as
  multibuild here

• Files Changed
• Browse Source

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Security fix: [bsc#1140101, CVE-2019-13118]
  * Fix uninitialized read with UTF-8 grouping chars. Read of
    uninitialized stack data due to too narrow xsl:number
    instruction and an invalid character
  * Added libxslt-CVE-2019-13118.patch

- Security fix: [bsc#1140095, CVE-2019-13117]
  * Fix uninitialized read of xsl:number token. An xsl number with
    certain format strings could lead to a uninitialized read in
    xsltNumberFormatInsertNumbers
  * Added libxslt-CVE-2019-13117.patch

- Security fix: [bsc#1140101, CVE-2019-13118]
  * Fix uninitialized read with UTF-8 grouping chars. Read of
    uninitialized stack data due to too narrow xsl:number
    instruction and an invalid character
  * Added libxslt-CVE-2019-13118.patch

- Security fix: [bsc#1140095, CVE-2019-13117]
  * Fix uninitialized read of xsl:number token. An xsl number with
    certain format strings could lead to a uninitialized read in
    xsltNumberFormatInsertNumbers
  * Added libxslt-CVE-2019-13117.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Security fix: [bsc#1132160, CVE-2019-11068]
  * Bypass of a protection mechanism because callers of xsltCheckRead
    and xsltCheckWrite permit access even upon receiving a -1 error
    code. xsltCheckRead can return -1 for a crafted URL that is not
    actually invalid and is subsequently loaded.
  * Added libxslt-CVE-2019-11068.patch

- Security fix: [bsc#1132160, CVE-2019-11068]
  * Bypass of a protection mechanism because callers of xsltCheckRead
    and xsltCheckWrite permit access even upon receiving a -1 error
    code. xsltCheckRead can return -1 for a crafted URL that is not
    actually invalid and is subsequently loaded.
  * Added libxslt-CVE-2019-11068.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to version 1.1.33
  * Portability:
    - Variables need 'extern' in static lib on Cygwin
    - Really declare dllexport/dllimport for Cygwin
    - Fix callback signatures in Python bindings
    - Fix transform callback signatures
    - Fix extension callback signatures
    - Fix deallocator signatures
    - Fix XPath callback signatures
    - Fix hash callback signatures
  * Bug Fixes:
    - Don't cache direct evaluation of patterns with variables
    - Move function result RVTs to context variable
    - Fix EXSLT functions returning RVTs from outer scopes
    - Fix handling of RVTs returned from nested EXSLT functions
    - Fix typos
  * Improvements:
    - Run Travis ASan tests with "sudo: required"
  * Cleanups:
    - Remove doc/libxslt-decl.txt
    - Docs for 1.1.32 release
- Cleaned with spec-cleaner

- Update to version 1.1.33
  * Portability:
    - Variables need 'extern' in static lib on Cygwin
    - Really declare dllexport/dllimport for Cygwin
    - Fix callback signatures in Python bindings
    - Fix transform callback signatures
    - Fix extension callback signatures

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to version 1.1.32
  * fixes xml-config detection regression (boo#1066525)

- Update to version 1.1.32
  * fixes xml-config detection regression (boo#1066525)

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to version 1.1.30 [bsc#1063934]
  * Documentation:
    - Misc doc fixes
  * Portability:
    - Look for libxml2 via pkg-config first
  * Bug Fixes:
    - Also fix memory hazards in exsltFuncResultElem
    - Fix NULL deref in xsltDefaultSortFunction
    - Fix memory hazards in exsltFuncFunctionFunction
    - Fix memory leaks in EXSLT error paths
    - Fix memory leak in str:concat with empty node-set
    - Fix memory leaks in error paths
    - Switch to xmlUTF8Strsize in numbers.c
    - Fix NULL pointer deref in xsltFormatNumberFunction
    - Fix UTF-8 check in str:padding
    - Fix xmlStrPrintf argument
    - Check for overflow in _exsltDateParseGYear
    - Fix double to int conversion
    - Check for overflow in exsltDateParseDuration
    - Change version of xsltMaxVars back to 1.0.24
    - Disable xsltCopyTextString optimization for extensions
    - Create DOCTYPE for HTML version 5
    - Make xsl:decimal-format work with namespaces
    - Remove norm:localTime extension function
    - Check for integer overflow in xsltAddTextString
    - Detect infinite recursion when evaluating function arguments
    - Fix memory leak in xsltElementAvailableFunction
    - Fix for pattern predicates calling functions
    - Fix cmd.exe invocations in Makefile.mingw
    - Don't try to install index.sgml

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Fix RPM groups. Drop ineffective --with-pic.
  Trim conjecture from description.

• Files Changed
• Browse Source