[xml] Release of libxml2-2.9.5



  It's out ! I tagged the release in git and pushed the signed tarball
and rpms to the usual place:

    ftp://xmlsoft.org/libxml2/

This is mostly a a security and bug fixes, most of the credit goes to Nick
who wrote or reviewed most of the patches. There is a significant set of
changes, but users are invited to upgrade if only to get the security fixes !
There is also portability fixes for those ever special OSes :-)


Security:
- Detect infinite recursion in parameter entities (Nick Wellnhofer)
- Fix handling of parameter-entity references (Nick Wellnhofer)
- Disallow namespace nodes in XPointer ranges (Nick Wellnhofer)
- Fix XPointer paths beginning with range-to (Nick Wellnhofer)
Documentation:
- Documentation fixes (Nick Wellnhofer)
- Spelling and grammar fixes (Nick Wellnhofer)
Portability:
- Adding README.zOS to list of extra files for the release (Daniel Veillard)
- Description of work needed to compile on zOS (St├ęphane Michaut)
- Porting libxml2 on zOS encoding of code (St├ęphane Michaut)
- small changes for OS/400 (Patrick Monnerat)
- relaxng.c, xmlschemas.c: Fix build on pre-C99 compilers (Chun-wei Fan)
Bug Fixes:
- Problem resolving relative URIs (Daniel Veillard)
- Fix unwanted warnings when switching encodings (Nick Wellnhofer)
- Fix signature of xmlSchemaAugmentImportedIDC (Daniel Veillard)
- Heap-buffer-overflow read of size 1 in xmlFAParsePosCharGroup (David Kilzer)
- Fix NULL pointer deref in xmlFAParseCharClassEsc (Nick Wellnhofer)
- Fix infinite loops with push parser in recovery mode (Nick Wellnhofer)
- Send xmllint usage error to stderr (Nick Wellnhofer)
- Fix NULL deref in xmlParseExternalEntityPrivate (Nick Wellnhofer)
- Make sure not to call IS_BLANK_CH when parsing the DTD (Nick Wellnhofer)
- Fix xmlHaltParser (Nick Wellnhofer)
- Fix pathological performance when outputting charrefs (Nick Wellnhofer)
- Fix invalid-source-encoding warnings in testWriter.c (Nick Wellnhofer)
- Fix duplicate SAX callbacks for entity content (David Kilzer)
- Treat URIs with scheme as absolute in C14N (Nick Wellnhofer)
- Fix copy-paste errors in error messages (Nick Wellnhofer)
- Fix sanity check in htmlParseNameComplex (Nick Wellnhofer)
- Fix potential infinite loop in xmlStringLenDecodeEntities (Nick Wellnhofer)
- Reset parser input pointers on encoding failure (Nick Wellnhofer)
- Fix memory leak in xmlParseEntityDecl error path (Nick Wellnhofer)
- Fix xmlBuildRelativeURI for URIs starting with './' (Nick Wellnhofer)
- Fix type confusion in xmlValidateOneNamespace (Nick Wellnhofer)
- Fix memory leak in xmlStringLenGetNodeList (Nick Wellnhofer)
- Fix NULL pointer deref in xmlDumpElementContent (Daniel Veillard)
- Fix memory leak in xmlBufAttrSerializeTxtContent (Nick Wellnhofer)
- Stop parser on unsupported encodings (Nick Wellnhofer)
- Check for integer overflow in memory debug code (Nick Wellnhofer)
- Fix buffer size checks in xmlSnprintfElementContent (Nick Wellnhofer)
- Avoid reparsing in xmlParseStartTag2 (Nick Wellnhofer)
- Fix undefined behavior in xmlRegExecPushStringInternal (Nick Wellnhofer)
- Check XPath exponents for overflow (Nick Wellnhofer)
- Check for overflow in xmlXPathIsPositionalPredicate (Nick Wellnhofer)
- Fix spurious error message (Nick Wellnhofer)
- Fix memory leak in xmlCanonicPath (Nick Wellnhofer)
- Fix memory leak in xmlXPathCompareNodeSetValue (Nick Wellnhofer)
- Fix memory leak in pattern error path (Nick Wellnhofer)
- Fix memory leak in parser error path (Nick Wellnhofer)
- Fix memory leaks in XPointer error paths (Nick Wellnhofer)
- Fix memory leak in xmlXPathNodeSetMergeAndClear (Nick Wellnhofer)
- Fix memory leak in XPath filter optimizations (Nick Wellnhofer)
- Fix memory leaks in XPath error paths (Nick Wellnhofer)
- Do not leak the new CData node if adding fails (David Tardon)
- Prevent unwanted external entity reference (Neel Mehta)
- Increase buffer space for port in HTTP redirect support (Daniel Veillard)
- Fix more NULL pointer derefs in xpointer.c (Nick Wellnhofer)
- Avoid function/data pointer conversion in xpath.c (Nick Wellnhofer)
- Fix format string warnings (Nick Wellnhofer)
- Disallow namespace nodes in XPointer points (Nick Wellnhofer)
- Fix comparison with root node in xmlXPathCmpNodes (Nick Wellnhofer)
- Fix attribute decoding during XML schema validation (Alex Henrie)
- Fix NULL pointer deref in XPointer range-to (Nick Wellnhofer)

Improvements:
- Updating the spec file to reflect Fedora 24 (Daniel Veillard)
- Add const in five places to move 1 KiB to .rdata (Bruce Dawson)
- Fix missing part of comment for function xmlXPathEvalExpression() (Daniel Veillard)
- Get rid of "blanks wrapper" for parameter entities (Nick Wellnhofer)
- Simplify handling of parameter entity references (Nick Wellnhofer)
- Deduplicate code in encoding.c (Nick Wellnhofer)
- Make HTML parser functions take const pointers (Nick Wellnhofer)
- Build test programs only when needed (Nick Wellnhofer)
- Fix doc/examples/index.py (Nick Wellnhofer)
- Fix compiler warnings in threads.c (Nick Wellnhofer)
- Fix empty-body warning in nanohttp.c (Nick Wellnhofer)
- Fix cast-align warnings (Nick Wellnhofer)
- Fix unused-parameter warnings (Nick Wellnhofer)
- Rework entity boundary checks (Nick Wellnhofer)
- Don't switch encoding for internal parameter entities (Nick Wellnhofer)
- Merge duplicate code paths handling PE references (Nick Wellnhofer)
- Test SAX2 callbacks with entity substitution (Nick Wellnhofer)
- Support catalog and threads tests under --without-sax1 (Nick Wellnhofer)
- Misc fixes for 'make tests' (Nick Wellnhofer)
- Initialize keepBlanks in HTML parser (Nick Wellnhofer)
- Add test cases for bug 758518 (David Kilzer)
- Fix compiler warning in htmlParseElementInternal (Nick Wellnhofer)
- Print error messages for truncated UTF-8 sequences (Nick Wellnhofer)
- Remove useless check in xmlParseAttributeListDecl (Nick Wellnhofer)
- Allow zero sized memory input buffers (Nick Wellnhofer)
- Add TODO comment in xmlSwitchEncoding (Nick Wellnhofer)
- Check for integer overflow in xmlXPathFormatNumber (Nick Wellnhofer)
- Make Travis print UBSan stacktraces (Nick Wellnhofer)
- Add .travis.yml (Nick Wellnhofer)
- Fix expected error output in Python tests (Nick Wellnhofer)
- Simplify control flow in xmlParseStartTag2 (Nick Wellnhofer)
- Disable LeakSanitizer when running API tests (Nick Wellnhofer)
- Avoid out-of-bound array access in API tests (Nick Wellnhofer)
- Avoid spurious UBSan errors in parser.c (Nick Wellnhofer)
- Parse small XPath numbers more accurately (Nick Wellnhofer)
- Rework XPath rounding functions (Nick Wellnhofer)
- Fix white space in test output (Nick Wellnhofer)
- Fix axis traversal from attribute and namespace nodes (Nick Wellnhofer)
- Check for trailing characters in XPath expressions earlier (Nick Wellnhofer)
- Rework final handling of XPath results (Nick Wellnhofer)
- Make xmlXPathEvalExpression call xmlXPathEval (Nick Wellnhofer)
- Remove unused variables (Nick Wellnhofer)
- Don't print generic error messages in XPath tests (Nick Wellnhofer)
Cleanups:
- Fix a couple of misleading indentation errors (Daniel Veillard)
- Remove unnecessary calls to xmlPopInput (Nick Wellnhofer)

 Thanks everybody and especially Nick who contributed to this release
with bug reports, patches, docs, etc ...

   Enjoy the release!

 I really expect to have a new release a month from now with whatever
will have been fixed/commited in git in the meantime so give feedback quickly
if you have issues with 2.9.5

   thanks,

Daniel

-- 
Daniel Veillard      | Red Hat Developers Tools http://developer.redhat.com/
veillard redhat com  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | virtualization library  http://libvirt.org/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]