Merge remote-tracking branch 'goog/upstream-master' into mymerge
BUG: 29834751
Change-Id: I88fc1d4f86bcbd0ac0fe9acdbe764f3d738c5f32
(cherry picked from commit e3d78e1fe0669e9c7083a4de19f1e06171849b28)
diff --git a/doc/libxml2.xsa b/doc/libxml2.xsa
index 0825d53..0d4b8fe 100644
--- a/doc/libxml2.xsa
+++ b/doc/libxml2.xsa
@@ -8,182 +8,73 @@
</vendor>
<product id="libxml2">
<name>libxml2</name>
- <version>2.9.2</version>
- <last-release> Oct 16 2014</last-release>
+ <version>v2.9.3</version>
+ <last-release> Nov 20 2015</last-release>
<info-url>http://xmlsoft.org/</info-url>
<changes> - Security:
- Fix for CVE-2014-3660 billion laugh variant (Daniel Veillard),
- CVE-2014-0191 Do not fetch external parameter entities (Daniel Veillard)
-
- - Bug Fixes:
- fix memory leak xml header encoding field with XML_PARSE_IGNORE_ENC (Bart De Schuymer),
- xmlmemory: handle realloc properly (Yegor Yefremov),
- Python generator bug raised by the const change (Daniel Veillard),
- Windows Critical sections not released correctly (Daniel Veillard),
- Parser error on repeated recursive entity expansion containing &lt; (Daniel Veillard),
- xpointer : fixing Null Pointers (Gaurav Gupta),
- Remove Unnecessary Null check in xpointer.c (Gaurav Gupta),
- parser bug on misformed namespace attributes (Dennis Filder),
- Pointer dereferenced before null check (Daniel Veillard),
- Leak of struct addrinfo in xmlNanoFTPConnect() (Gaurav Gupta),
- Possible overflow in HTMLParser.c (Daniel Veillard),
- python/tests/sync.py assumes Python dictionaries are ordered (John Beck),
- Fix Enum check and missing break (Gaurav Gupta),
- xmlIO: Handle error returns from dup() (Philip Withnall),
- Fix a problem properly saving URIs (Daniel Veillard),
- wrong error column in structured error when parsing attribute values (Juergen Keil),
- wrong error column in structured error when skipping whitespace in xml decl (Juergen Keil),
- no error column in structured error handler for xml schema validation errors (Juergen Keil),
- Couple of Missing Null checks (Gaurav Gupta),
- Add couple of missing Null checks (Daniel Veillard),
- xmlschemastypes: Fix potential array overflow (Philip Withnall),
- runtest: Fix a memory leak on parse failure (Philip Withnall),
- xmlIO: Fix an FD leak on gzdopen() failure (Philip Withnall),
- xmlcatalog: Fix a memory leak on quit (Philip Withnall),
- HTMLparser: Correctly initialise a stack allocated structure (Philip Withnall),
- Check for tmon in _xmlSchemaDateAdd() is incorrect (David Kilzer),
- Avoid Possible Null Pointer in trio.c (Gaurav Gupta),
- Fix processing in SAX2 in case of an allocation failure (Daniel Veillard),
- XML Shell command "cd" does not handle "/" at end of path (Daniel Veillard),
- Fix various Missing Null checks (Gaurav Gupta),
- Fix a potential NULL dereference (Daniel Veillard),
- Add a couple of misisng check in xmlRelaxNGCleanupTree (Gaurav Gupta),
- Add a missing argument check (Gaurav Gupta),
- Adding a check in case of allocation error (Gaurav Gupta),
- xmlSaveUri() incorrectly recomposes URIs with rootless paths (Dennis Filder),
- Adding some missing NULL checks (Gaurav),
- Fixes for xmlInitParserCtxt (Daniel Veillard),
- Fix regressions introduced by CVE-2014-0191 patch (Daniel Veillard),
- erroneously ignores a validation error if no error callback set (Daniel Veillard),
- xmllint was not parsing the --c14n11 flag (Sérgio Batista),
- Avoid Possible null pointer dereference in memory debug mode (Gaurav),
- Avoid Double Null Check (Gaurav),
- Restore context size and position after XPATH_OP_ARG (Nick Wellnhofer),
- Fix xmlParseInNodeContext() if node is not element (Daniel Veillard),
- Avoid a possible NULL pointer dereference (Gaurav),
- Fix xmlTextWriterWriteElement when a null content is given (Daniel Veillard),
- Fix an typo 'onrest' in htmlScriptAttributes (Daniel Veillard),
- fixing a ptotential uninitialized access (Daniel Veillard),
- Fix an fd leak in an error case (Daniel Veillard),
- Missing initialization for the catalog module (Daniel Veillard),
- Handling of XPath function arguments in error case (Nick Wellnhofer),
- Fix a couple of missing NULL checks (Gaurav),
- Avoid a possibility of dangling encoding handler (Gaurav),
- Fix HTML push parser to accept HTML_PARSE_NODEFDTD (Arnold Hendriks),
- Fix a bug loading some compressed files (Mike Alexander),
- Fix XPath node comparison bug (Gaurav),
- Type mismatch in xmlschemas.c (Gaurav),
- Type mismatch in xmlschemastypes.c (Gaurav),
- Avoid a deadcode in catalog.c (Daniel Veillard),
- run close socket on Solaris, same as we do on other platforms (Denis Pauk),
- Fix pointer dereferenced before null check (Gaurav),
- Fix a potential NULL dereference in tree code (Daniel Veillard),
- Fix potential NULL pointer dereferences in regexp code (Gaurav),
- xmllint --pretty crashed without following numeric argument (Tim Galeckas),
- Fix XPath expressions of the form '@ns:*' (Nick Wellnhofer),
- Fix XPath '//' optimization with predicates (Nick Wellnhofer),
- Clear up a potential NULL dereference (Daniel Veillard),
- Fix a possible NULL dereference (Gaurav),
- Avoid crash if allocation fails (Daniel Veillard),
- Remove occasional leading space in XPath number formatting (Daniel Veillard),
- Fix handling of mmap errors (Daniel Veillard),
- Catch malloc error and exit accordingly (Daniel Veillard),
- missing else in xlink.c (Ami Fischman),
- Fix a parsing bug on non-ascii element and CR/LF usage (Daniel Veillard),
- Fix a regression in xmlGetDocCompressMode() (Daniel Veillard),
- properly quote the namespace uris written out during c14n (Aleksey Sanin),
- Remove premature XInclude check on URI being relative (Alexey Neyman),
- Fix missing break on last() function for attributes (dcb),
- Do not URI escape in server side includes (Romain Bondue),
- Fix an error in xmlCleanupParser (Alexander Pastukhov)
+ CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport),
+ CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard),
+ CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard),
+ CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard),
+ CVE-2015-5312 Another entity expansion issue (David Drysdale),
+ CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale),
+ CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard),
+ CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard),
+ CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard),
+ CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard),
+ CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard)
+ CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard),
+ CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard),
- Documentation:
- typo in error messages "colon are forbidden from..." (Daniel Veillard),
- Fix a link to James SAX documentation old page (Daniel Veillard),
- Fix typos in relaxng.c (Jan Pokorný),
- Fix a doc typo (Daniel Veillard),
- Fix typos in {tree,xpath}.c (errror) (Jan Pokorný),
- Add limitations about encoding conversion (Daniel Veillard),
- Fix typos in xmlschemas{,types}.c (Jan Pokorný),
- Fix incorrect spelling entites->entities (Jan Pokorný),
- Forgot to document 2.9.1 release, regenerate docs (Daniel Veillard)
+ Correct spelling of "calling" (Alex Henrie),
+ Fix a small error in xmllint --format description (Fabien Degomme),
+ Avoid XSS on the search of xmlsoft.org (Daniel Veillard)
- Portability:
- AC_CONFIG_FILES and executable bit (Roumen Petrov),
- remove HAVE_CONFIG_H dependency in testlimits.c (Roumen Petrov),
- fix some tabs mixing incompatible with python3 (Roumen Petrov),
- Visual Studio 14 CTP defines snprintf() (Francis Dupont),
- OS400: do not try to copy unexisting doc files (Patrick Monnerat),
- OS400: use either configure.ac or configure.in. (Patrick Monnerat),
- os400: make-src.sh: create physical file with target CCSID (Patrick Monnerat),
- OS400: Add some more C macros equivalent procedures. (Patrick Monnerat),
- OS400: use C macros to implement equivalent RPG support procedures. (Patrick Monnerat),
- OS400: implement XPath macros as procedures for ILE/RPG support. (Patrick Monnerat),
- OS400: include in distribution tarball. (Patrick Monnerat),
- OS400: Add README: compilation directives and OS/400 specific stuff. (Patrick Monnerat),
- OS400: Add compilation scripts. (Patrick Monnerat),
- OS400: ILE RPG language header files. (Patrick Monnerat),
- OS400: implement some macros as functions for ILE/RPG language support (that as no macros). (Patrick Monnerat),
- OS400: UTF8<-->EBCDIC wrappers for system and external library calls (Patrick Monnerat),
- OS400: Easy character transcoding support (Patrick Monnerat),
- OS400: iconv functions compatibility wrappers and table builder. (Patrick Monnerat),
- OS400: create architecture directory. Implement dlfcn emulation. (Patrick Monnerat),
- Fix building when configuring without xpath and xptr (Daniel Veillard),
- configure: Add --with-python-install-dir (Jonas Eriksson),
- Fix compilation with minimum and xinclude. (Nicolas Le Cam),
- Compile out use of xmlValidateNCName() when not available. (Nicolas Le Cam),
- Fix compilation with minimum and schematron. (Nicolas Le Cam),
- Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement(). (Nicolas Le Cam),
- Don't use xmlValidateName() when not available. (Nicolas Le Cam),
- Fix a portability issue on Windows (Longstreth Jon),
- Various portability patches for OpenVMS (Jacob (Jouk) Jansen),
- Use specific macros for portability to OS/400 (Patrick Monnerat),
- Add macros needed for OS/400 portability (Patrick Monnerat),
- Portability patch for fopen on OS/400 (Patrick Monnerat),
- Portability fixes for OS/400 (Patrick Monnerat),
- Improve va_list portability (Patrick Monnerat),
- Portability fix (Patrick Monnerat),
- Portability fix (Patrick Monnerat),
- Generic portability fix (Patrick Monnerat),
- Shortening lines in headers (Patrick Monnerat),
- build: Use pkg-config to find liblzma in preference to AC_CHECK_LIB (Philip Withnall),
- build: Add @LZMA_LIBS@ to libxml’s pkg-config files (Philip Withnall),
- fix some tabs mixing incompatible with python3 (Daniel Veillard),
- add additional defines checks for support "./configure --with-minimum" (Denis Pauk),
- Another round of fixes for older versions of Python (Arfrever Frehtes Taifersar Arahesis),
- python: fix drv_libxml2.py for python3 compatibility (Alexandre Rostovtsev),
- python: Fix compiler warnings when building python3 bindings (Armin K),
- Fix for compilation with python 2.6.8 (Petr Sumbera)
+ threads: use forward declarations only for glibc (Michael Heimpold),
+ Update Win32 configure.js to search for configure.ac (Daniel Veillard)
+
+ - Bug Fixes:
+ Bug on creating new stream from entity (Daniel Veillard),
+ Fix some loop issues embedding NEXT (Daniel Veillard),
+ Do not print error context when there is none (Daniel Veillard),
+ Avoid extra processing of MarkupDecl when EOF (Hugh Davenport),
+ Fix parsing short unclosed comment uninitialized access (Daniel Veillard),
+ Add missing Null check in xmlParseExternalEntityPrivate (Gaurav Gupta),
+ Fix a bug in CData error handling in the push parser (Daniel Veillard),
+ Fix a bug on name parsing at the end of current input buffer (Daniel Veillard),
+ Fix the spurious ID already defined error (Daniel Veillard),
+ Fix previous change to node sort order (Nick Wellnhofer),
+ Fix a self assignment issue raised by clang (Scott Graham),
+ Fail parsing early on if encoding conversion failed (Daniel Veillard),
+ Do not process encoding values if the declaration if broken (Daniel Veillard),
+ Silence clang's -Wunknown-attribute (Michael Catanzaro),
+ xmlMemUsed is not thread-safe (Martin von Gagern),
+ Fix support for except in nameclasses (Daniel Veillard),
+ Fix order of root nodes (Nick Wellnhofer),
+ Allow attributes on descendant-or-self axis (Nick Wellnhofer),
+ Fix the fix to Windows locking (Steve Nairn),
+ Fix timsort invariant loop re: Envisage article (Christopher Swenson),
+ Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer),
+ Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer),
+ Remove various unused value assignments (Philip Withnall),
+ Fix missing entities after CVE-2014-3660 fix (Daniel Veillard),
+ Revert "Missing initialization for the catalog module" (Daniel Veillard)
- Improvements:
- win32/libxml2.def.src after rebuild in doc (Roumen Petrov),
- elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() (Roumen Petrov),
- elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode (Roumen Petrov),
- Provide cmake module (Samuel Martin),
- Fix a couple of issues raised by make dist (Daniel Veillard),
- Fix and add const qualifiers (Kurt Roeckx),
- Preparing for upcoming release of 2.9.2 (Daniel Veillard),
- Fix zlib and lzma libraries check via command line (Dmitriy),
- wrong error column in structured error when parsing end tag (Juergen Keil),
- doc/news.html: small update to avoid line join while generating NEWS. (Patrick Monnerat),
- Add methods for python3 iterator (Ron Angeles),
- Support element node traversal in document fragments. (Kyle VanderBeek),
- xmlNodeSetName: Allow setting the name to a substring of the currently set name (Tristan Van Berkom),
- Added macros for argument casts (Eric Zurcher),
- adding init calls to xml and html Read parsing entry points (Daniel Veillard),
- Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c (Jan Pokorný),
- Implement choice for name classes on attributes (Shaun McCance),
- Two small namespace tweaks (Daniel Veillard),
- xmllint --memory should fail on empty files (Daniel Veillard),
- Cast encoding name to char pointer to match arg type (Nikolay Sivov)
+ Reuse xmlHaltParser() where it makes sense (Daniel Veillard),
+ xmlStopParser reset errNo (Daniel Veillard),
+ Reenable xz support by default (Daniel Veillard),
+ Recover unescaped less-than character in HTML recovery parsing (Daniel Veillard),
+ Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance),
+ Regression test for bug #695699 (Nick Wellnhofer),
+ Add a couple of XPath tests (Nick Wellnhofer),
+ Add Python 3 rpm subpackage (Tomas Radej),
+ libxml2-config.cmake.in: update include directories (Samuel Martin),
+ Adding example from bugs 738805 to regression tests (Daniel Veillard)
- Cleanups:
- Removal of old configure.in (Daniel Veillard),
- Unreachable code in tree.c (Gaurav Gupta),
- Remove a couple of dead conditions (Gaurav Gupta),
- Avoid some dead code and cleanup in relaxng.c (Gaurav),
- Drop not needed checks (Denis Pauk),
- Fix a wrong test (Daniel Veillard)
</changes>