A Validating XML Parser
Xerces-C is a validating XML parser written in a portable subset of
C++. Xerces-C makes it easy to give your application the ability to
read and write XML data. A shared library is provided for parsing,
generating, manipulating, and validating XML documents. Xerces-C is
faithful to the XML 1.0 recommendation and associated standards ( DOM
1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces).
- Developed at devel:libraries:c_c++
- Sources inherited from project openSUSE:Factory
-
3
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:zSystems/xerces-c && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| baselibs.conf | 0000000016 16 Bytes | |
| xerces-c-3.1.4.tar.gz | 0006992545 6.67 MB | |
| xerces-c-3.1.4.tar.gz.asc | 0000000819 819 Bytes | |
| xerces-c.changes | 0000013957 13.6 KB | |
| xerces-c.keyring | 0000006264 6.12 KB | |
| xerces-c.spec | 0000004599 4.49 KB |
Revision 21 (latest revision is 26)
Dominique Leuenberger (dimstar_suse)
accepted
request 406725
from
Tomáš Chvátal (scarabeus_iv)
(revision 21)
- Version update to 3.1.4:
* Fixes bnc#985860 CVE-2016-4463
* xerces-c-CVE-2016-2099.patch removed as it was included upstream
- Use pkgconfig requires
- Disable "pretty" make to make it bit faster
- Fix the selfobsoleting provides/requires to silence rpmlint
- Use valid group for the docs
- Resolve rpmlint warnings of type "version-control-internal-file"
- Update to 3.1.3
* bug fixes
+ memcpy used on overlapping memory regions causes sanity test failure
+ Typo in XMLUni::fgUnknownURIName constant
+ Buffer overruns in prolog parsing and error handling
- Dropped xerces-c-CVE-2016-0729.patch, fixed upstream.
- added xerces-c-CVE-2016-2099.patch
Exception handling mistake causing use after free
(bsc#979208, CVE-2016-2099)
- xerces-c-CVE-2016-0729.patch
Fix for mishandling certain kinds of malformed input documents,
resulting in buffer overlows during processing and error reporting.
The overflows can manifest as a segmentation fault or as memory
corruption during a parse operation. (bsc#966822, CVE-2016-0729)
Comments 0