Release libxml2-2.9.3, fixes 10 CVEs

2015-11-20 20:37:13 +08:00 · 2015-11-20 20:37:13 +08:00 · f3a675da7b
commit f3a675da7b
parent 31fbc2b827
4 changed files with 11 additions and 36 deletions
--- a/.gitignore
+++ b/.gitignore
@ -32,3 +32,4 @@ libxml2-2.7.7.tar.gz
 /libxml2-2.9.0.tar.gz
 /libxml2-2.9.1.tar.gz
 /libxml2-2.9.2.tar.gz
+/libxml2-2.9.3.tar.gz
--- a/libxml2-2.9.2-catalog-revert.patch
+++ b/libxml2-2.9.2-catalog-revert.patch
@ -1,31 +0,0 @@
-From 0e6659ec960734b0b01aad196d4bdb4a3800b493 Mon Sep 17 00:00:00 2001
-From: Lubomir Rintel <lkundrak@v3.sk>
-Date: Thu, 16 Oct 2014 19:10:59 +0200
-Subject: [PATCH] Revert "Missing initialization for the catalog module"
-
-It's not correct to always load the default catalog.
-https://bugzilla.redhat.com/show_bug.cgi?id=1153753
-
-This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7.
-
---
- parser.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/parser.c b/parser.c
-index 1d93967..67c9dfd 100644
--- a/parser.c
-+++ b/parser.c
-@@ -14830,9 +14830,6 @@ xmlInitParser(void) {
- #ifdef LIBXML_XPATH_ENABLED
- 	xmlXPathInit();
- #endif
-#ifdef LIBXML_CATALOG_ENABLED
-        xmlInitializeCatalog();
-#endif
- 	xmlParserInitialized = 1;
- #ifdef LIBXML_THREAD_ENABLED
-     }
-- 
-1.9.3
-
--- a/libxml2.spec
+++ b/libxml2.spec
@ -2,8 +2,8 @@

 Summary: Library providing XML and HTML support
 Name: libxml2
-Version: 2.9.2
-Release: 9%{?dist}%{?extra_release}
+Version: 2.9.3
+Release: 1%{?dist}%{?extra_release}
 License: MIT
 Group: Development/Libraries
 Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
@ -18,7 +18,6 @@ BuildRequires: xz-devel
 URL: http://xmlsoft.org/
 Patch0: libxml2-multilib.patch
 Patch1: libxml2-2.9.0-do-not-check-crc.patch
-Patch2: libxml2-2.9.2-catalog-revert.patch

 %description
 This library allows to manipulate XML files. It includes support
@ -101,7 +100,6 @@ at parse time or later once the document has been modified.
 %patch0 -p1
 # workaround for #877567 - Very weird bug gzip decompression bug in "recent" libxml2 versions
 %patch1 -p1 -b .do-not-check-crc
-%patch2 -p1 -b .catalog-revert

 mkdir py3doc
 cp doc/*.py py3doc
@ -213,6 +211,13 @@ rm -fr %{buildroot}


 %changelog
+* Fri Nov 20 2015 Daniel Veillard <veillard@redhat.com> - 2.9.2-1
+- upstream release of 2.9.3
+- Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819
+  CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500
+  and CVE-2015-8242
+- many other bug fixes
+
 * Fri Nov 06 2015 Robert Kuska <rkuska@redhat.com> - 2.9.2-9
 - Rebuilt for Python3.5 rebuild
 - Python3.5 has new naming convention for byte compiled files
--- a/2
+++ b/2
@ -1 +1 @@
-9e6a9aca9d155737868b3dc5fd82f788  libxml2-2.9.2.tar.gz
+daece17e045f1c107610e137ab50c179  libxml2-2.9.3.tar.gz