libxml2-tools-2.9.4-18.1<>,S[}/=„kǯ22wW1st_Qrx$-i+P F+@qm[sd^.aSL`= Q 51Ywv. X_:?_`=vӨkEL OyJzzOv"MBbj4=KD?K4d  .x|     $  <k(8A9A: ABFRFFZGFpHFIFXFYFZF[F\F]F^GbG3cGdHeeHjfHolHquHvHwJxJyJzK$Clibxml2-tools2.9.418.1Tools using libxmlThis package contains xmllint, a very useful tool proving libxml's power.[}build85VropenSUSE Leap 42.3openSUSEMIThttp://bugs.opensuse.orgSystem/Librarieshttp://xmlsoft.orglinuxx86_649 y!큤[}[}[}[}77f2377759b31c3a4c4936626ae59adc36d1861deadfbc6e8c53013d9aa8202ec59ef1d32702b18572ee86d7e5e62a7d95cdd3e2592bf2b063f11768a5a4ebf1rootrootrootrootrootrootrootrootlibxml2-2.9.4-18.1.src.rpmlibxml2libxml2-toolslibxml2-tools(x86-64)@@@@@@@@@@@@@@@@@@@@   libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libreadline.so.6()(64bit)libxml2.so.2()(64bit)libxml2.so.2(LIBXML2_2.4.30)(64bit)libxml2.so.2(LIBXML2_2.5.0)(64bit)libxml2.so.2(LIBXML2_2.5.2)(64bit)libxml2.so.2(LIBXML2_2.5.6)(64bit)libxml2.so.2(LIBXML2_2.5.7)(64bit)libxml2.so.2(LIBXML2_2.5.8)(64bit)libxml2.so.2(LIBXML2_2.6.0)(64bit)libxml2.so.2(LIBXML2_2.6.18)(64bit)libxml2.so.2(LIBXML2_2.6.20)(64bit)libxml2.so.2(LIBXML2_2.6.21)(64bit)libxml2.so.2(LIBXML2_2.6.3)(64bit)libxml2.so.2(LIBXML2_2.6.8)(64bit)libxml2.so.2(LIBXML2_2.9.0)(64bit)rpmlib(CompressedFileNames)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsLzma)3.0.4-14.0-14.4.6-14.11.2[@[@ZUZtRZtRZo YyYMYI@YI@YBvYA%@Y;@Xs{@XQ4@WXWH6W(WVVjVTQ@TLTWn@TWn@TSyTASSS8@Q@Qo@Q8@Pf@P@P^P^P\VO/@O\OTOP@OOdOH@OH@OF*@NaN@NxN@N MoM!@LLΫLLLLX@L=K@K@KqK&(JuI3pmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comsflees@suse.desflees@suse.dekstreitova@suse.compsimons@suse.comsflees@suse.demgorse@suse.comkstreitova@suse.comkstreitova@suse.comrpm@fthiessen.devcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comfcrozat@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comp.drouand@gmail.comvcizek@suse.comdimstar@opensuse.orgcoolo@suse.comjengelh@inai.dechris@computersalat.dejengelh@medozas.decoolo@suse.comcoolo@suse.commeissner@suse.decoolo@suse.comcoolo@suse.comcoolo@suse.comjengelh@medozas.decoolo@suse.comcoolo@suse.comsaschpe@suse.depuzel@novell.comcshorler@googlemail.compuzel@novell.compuzel@novell.compuzel@novell.comcristian.rodriguez@opensuse.orgpuzel@novell.compuzel@novell.comjw@novell.comcoolo@novell.commrdocs@opensuse.orgmrdocs@opensuse.orgjengelh@medozas.dejansimon.moeller@opensuse.orgprusnak@suse.cz- Security fix: [bsc#1088279, CVE-2018-9251][bsc#1105166, CVE-2018-14567] * Infinite loop in LZMA decompression * Fixes CVE-2018-9251 introduced by CVE-2017-18258 * Added libxml2-CVE-2018-14567.patch- Security fix [bsc#1102046, CVE-2018-14404] * NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service * Added libxml2-CVE-2018-14404.patch- Security fix: [bsc#1088601, CVE-2017-18258][bsc#1088279, CVE-2018-9251] * Set memory limit for LZMA decompression. The xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file. * Added libxml2-CVE-2017-18258.patch- Security fix [bsc#1078813, CVE-2016-5131] * Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. * Added patches: - libxml2-2.9.4-CVE-2016-5131.patch - libxml2-xmlXPathCmpNodes.patch- Security fix [bsc#1078806, CVE-2017-5130] * Remote buffer overflow in function xmlMemoryStrdup() * Added patch libxml2-2.9.4-CVE-2017-5130.patch- Security fix [bsc#1077993, CVE-2017-15412] * Fixed use-after-free in xmlXPathCompOpEvalPositionalPredicate * Added patch libxml2-2.9.4-CVE-2017-15412.patch- Security fix [CVE-2017-8872, bsc#1038444] * global-buffer-overflow in htmlParseTryOrFinish * Added patch libxml2-2.9.4-CVE-2017-8872.patch- Security fix: * libxml2-CVE-2017-7376.patch [bsc#1044887, CVE-2017-7376] * Increase buffer space for port in HTTP redirect support- Security fix: * libxml2-CVE-2017-7375.patch [bsc#1044894, CVE-2017-7375] * Prevent unwanted external entity reference- Upstream patches updated and with tests: * libxml2-CVE-2017-9047.patch and libxml2-CVE-2017-9048.patch merged into libxml2-CVE-2017-9047.patch [bsc#1039066, bsc#1039661] * libxml2-CVE-2017-9049.patch and libxml2-CVE-2017-9050.patch merged into libxml2-CVE-2017-9049.patch [bsc#1039063, bsc#1039064]- Security fix: * libxml2-CVE-2017-0663.patch [bsc#1044337, CVE-2017-0663] * Fix Heap buffer overflow in xmlAddID- Security fix: * libxml2-CVE-2017-5969.patch [bsc#1024989, CVE-2017-5969] * Fix NULL pointer deref in xmlDumpElementContent * Deleted patch libxml2-NULL-deref-xmlDumpElementContent.patch- Security fixes: * libxml2-CVE-2017-9050.patch [bsc#1039069, bsc#1039661] * heap-based buffer overflow (xmlDictAddString func) * libxml2-CVE-2017-9049.patch [bsc#1039066] * heap-based buffer overflow (xmlDictComputeFastKey func) * libxml2-CVE-2017-9048.patch [bsc#1039063] * stack overflow vulnerability (xmlSnprintfElementContent func) * libxml2-CVE-2017-9047.patch [bsc#1039064] * stack overflow vulnerability (xmlSnprintfElementContent func)- Security fix * libxml2-CVE-2016-9597.patch * Stack overflow before detecting invalid XML file * [bnc#1017497, CVE-2016-9597]- Security fix * libxml2-CVE-2016-9318.patch * XML External Entity vulnerability, as this would be an invasive fix, a new flag has been added to disable the feature if not need. * [bnc#1010675,bnc#1013930] * libxml2-2.9.4-CVE-2016-4658.patch * use-after-free error * [bnc#1005544] - Fix NULL dereference in xpointer.c when in recovery mode * libxml2-NULL-deref-xpointer.patch * [bnc#1014873] - Fix NULL dereference in xmlDumpElementContent when in recovery mode * libxml2-NULL-deref-xmlDumpElementContent.patch * [bnc#1014873] - Fix infinite recursion in xmlParseConditionalSections when in recovery mode * libxml2-inf-rec-xmlParseConditionalSections.patch * [bnc#1014873]- add libxml2-2.9.4-fix_attribute_decoding.patch to fix attribute decoding during XML schema validation [bnc#983288]- Update libxml2 to version libxml2-2.9.4. The new version is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835, CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838, CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and CVE-2016-1762. - Remove obsolete patches libxml2-2.9.1-CVE-2016-3627.patch and 0001-Add-missing-increments-of-recursion-depth-counter-to.patch.- Add libxml2-2.9.1-CVE-2016-3627.patch to fix stack exhaustion while parsing certain XML files in recovery mode (CVE-2016-3627, bnc#972335). - Add 0001-Add-missing-increments-of-recursion-depth-counter-to.patch to improve protection against Billion Laughs Attack (bnc#975947).- Update to GNOME 3.20 Fate#318572 - Drop 0001-Fix-a-regression-in-xmlGetDocCompressMode.patch, libxml2-2.9.1-CVE-2015-1819.patch, libxml2-2.9.1-CVE-2015-5312.patch, libxml2-2.9.1-CVE-2015-7497.patch, libxml2-2.9.1-CVE-2015-7498.patch, libxml2-2.9.1-CVE-2015-7499.patch, libxml2-2.9.1-CVE-2015-7500.patch, libxml2-2.9.1-CVE-2015-7941.patch, libxml2-2.9.1-CVE-2015-7942.patch, libxml2-2.9.1-CVE-2015-8035.patch, libxml2-2.9.1-CVE-2015-8241.patch, libxml2-2.9.1-CVE-2015-8242.patch, libxml2-2.9.1-CVE-2015-8317.patch, libxml2-2.9.1-CVE-2015-8710.patch: fixed upstream.- add libxml2-2.9.1-CVE-2015-8710.patch to fix parsing short unclosed comment uninitialized access [bnc#960674], [CVE-2015-8710]- security update: * libxml2-2.9.1-CVE-2015-1819.patch * enforce the reader to run in constant memory * [CVE-2015-1819], [bnc#928193] * libxml2-2.9.1-CVE-2015-7941.patch * fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors * [CVE-2015-7941], [bnc#951734] * libxml2-2.9.1-CVE-2015-7942.patch * fix another variation of overflow in Conditional sections * [CVE-2015-7942], [bnc#951735] * libxml2-2.9.1-CVE-2015-8035.patch * fix DoS when parsing specially crafted XML document if XZ support is compiled in * [CVE-2015-8035], [bnc#954429] * libxml2-2.9.1-CVE-2015-8241.patch * avoid extra processing of MarkupDecl when EOF * [CVE-2015-8241], [bnc#956018] * libxml2-2.9.1-CVE-2015-8242.patch * buffer overead with HTML parser in push mode * [CVE-2015-8242], [bnc#956021] * libxml2-2.9.1-CVE-2015-8317.patch * return if the encoding declaration is broken or encoding conversion failed * [CVE-2015-8317], [bnc#956260] * libxml2-2.9.1-CVE-2015-5312.patch * fix another entity expansion issue * [CVE-2015-5312], [bnc#957105] * libxml2-2.9.1-CVE-2015-7497.patch * avoid an heap buffer overflow in xmlDictComputeFastQKey * [CVE-2015-7497], [bnc#957106] * libxml2-2.9.1-CVE-2015-7498.patch * avoid processing entities after encoding conversion failures * [CVE-2015-7498], [bnc#957107] * libxml2-2.9.1-CVE-2015-7499.patch * add xmlHaltParser() to stop the parser / detect incoherency on GROW * [CVE-2015-7499], [bnc#957109] * libxml2-2.9.1-CVE-2015-7500.patch * fix memory access error due to incorrect entities boundaries * [CVE-2015-7500], [bnc#957110]- Update to new upstream release 2.9.3 (bsc#954429): * Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819, CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500 and CVE-2015-8242 * And other bugfixes - Removed upstream fixed patches: * libxml2-dont_initialize_catalog.patch * 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch * 0002-Adding-example-from-bugs-738805-to-regression-tests.patch- fix a regression in xzlib compression support (bnc#908376) * added 0001-Fix-a-regression-in-xmlGetDocCompressMode.patch - fix a regression caused by CVE-2014-3660 patch (bgo#738805) * added 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch * added 0002-Adding-example-from-bugs-738805-to-regression-tests.patch- fix a missing entities after CVE-2014-3660 fix (https://bugzilla.gnome.org/show_bug.cgi?id=738805) * added patches: 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch 0002-Adding-example-from-bugs-738805-to-regression-tests.patch- fix a regression in libxml2 2.9.2 * https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - add libxml2-dont_initialize_catalog.patch- update to 2.9.2 * drop libxml2-CVE-2014-3660.patch (upstream) * add keyring to verify tarball Security: Fix for CVE-2014-3660 billion laugh variant CVE-2014-0191 Do not fetch external parameter entities Improvements: win32/libxml2.def.src after rebuild in doc elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode Provide cmake module Fix a couple of issues raised by make dist Fix and add const qualifiers Preparing for upcoming release of 2.9.2 Fix zlib and lzma libraries check via command line wrong error column in structured error when parsing end tag doc/news.html: small update to avoid line join while generating NEWS. Add methods for python3 iterator Support element node traversal in document fragments xmlNodeSetName: Allow setting the name to a substring of the currently set name Added macros for argument casts adding init calls to xml and html Read parsing entry points Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c Implement choice for name classes on attributes Two small namespace tweaks xmllint --memory should fail on empty files Cast encoding name to char pointer to match arg type- fix for CVE-2014-3660 (bnc#901546) * denial of service via recursive entity expansion (related to billion laughs) * added libxml2-CVE-2014-3660.patch- Add obsoletes/provides to baselibs.conf.- removed libxml2-CVE-2014-0191.patch since it causes existing applications to break- fix for CVE-2014-0191 (bnc#876652) * libxml2: external parameter entity loaded when entity substitution is disabled * added libxml2-CVE-2014-0191.patch- update to 2.9.1 dropped patches (in upstream): * libxml2-2.9.0-CVE-2012-5134.patch * libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch * libxml2-CVE-2013-1969.patch New features: * Support for Python3 * Add xmlXPathSetContextNode and xmlXPathNodeEval- fix for CVE-2013-1969 (bnc#815665) * libxml2-CVE-2013-1969.patch- fix for CVE-2013-0338 (bnc#805233) libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch- update to 2.9.0 version: * please see the Changelog - Updated patchs to get working with new version: * libxml2-2.9.0-CVE-2012-5134.patch ( libxml2-CVE-2012-5134.patch ) * fix-perl.diff- Add libxml2-CVE-2012-5134.patch to fix CVE-2012-5134 (bnc#793334)- Add a comment next to libxml2.la to make sure that anybody removing it knows why it's there and reconsiders.- readd .la file, python-libxml2 needs it- Remove .la files; make sure installation succeeds for Fedora_17 target- update to 2.8.0 * please se ChangeLog for more info - remove obsolete bigendian64 patch - rebase fix-perl patch- libxml2-2 should not require libxml2-tools. There is no trouble expected, since attempting to install libxml2 will already pull in libxml2-tools due to Provides tags.- revert the two commits that broke perl-XML-LibXML's test case, I hope the two upstreams will figure it out- update to git to fix some issues * Fix a logic error in Schemas Component ConstraintsHEADmaster * Fix a wrong enum type use in Schemas Types- fixed a 64bit big endian bug in the file reader.- the fallout of requiring libxml2-tools as explicit buildrequire is just too large, so avoid it for now and create a cycle between libxml2-2 and libxml2-tools- add provide for the old name to fix packages with explicit library dependency- update to today's GIT snapshot: include XZ support - split libxml2-2 according to shared library policy- Remove redundant tags/sections- add autoconf as buildrequire to avoid implicit dependency- own aclocal directory, there is no other reason to buildrequire automake- update to libxml-2.7.8+git20110708 - several important bugfixes - drop upstreamed patches: * libxml2-CVE-2010-4494.patch * libxml2-CVE-2011-1944.patch * noxref.patch * symbol-versioning.patch- add libxml2-CVE-2011-1944.patch (bnc#697372)- add symbol-versioning.patch to restore 11.3 versioned symbols- add libxml2-CVE-2010-4494.patch (bnc#661471)- update to libxml-2.7.8 - number of bufixes, documentation and portability fixes - update language ID parser to RFC 5646 - sort python generated stubs - add an HTML parser option to avoid a default doctype - see http://xmlsoft.org/news.html for exact details - drop libxml2-xpath-ns-attr-axis.patch (in upstream) - clean up specfile- add libxml2-xpath-ns-attr-axis.patch (bnc#648277)- Use --disable-static- drop libxml2-largefile64.patch (revert last change) - the issue is fixed in zlib- add libxml2-largefile64.patch (fixes build) - debian bug#439843- added noxref.patch, this implements a new --noxref option, which turns validation errors about missing xrefs into warnings. Upstreamed as https://bugzilla.gnome.org/show_bug.cgi?id=624386- buildrequire pkg-config to fix provides- update to 2.7.7 - add extra options to ./configure for scribus features and avoid a crash - updates from 2.7.3 > 2.7.7 include a number of portability, correctness memory leaks and build fixes including some CVE - see http://xmlsoft.org/news.html for exact details- add sax parser option compiled in- add baselibs.conf as a source - package documentation as noarch- Disable the check for ARM as qemu-arm can't keep up atm.- updated to 2.7.2 * Portability fix: fix solaris compilation problem, fix compilation if XPath is not configured in * Bug fixes: nasty entity bug introduced in 2.7.0, restore old behaviour when saving an HTML doc with an xml dump function, HTML UTF-8 parsing bug, fix reader custom error handlers (Riccardo Scussat) * Improvement: xmlSave options for more flexibility to save as XML/HTML/XHTML, handle leading BOM in HTML documents - updated to 2.7.3 * Build fix: fix build when HTML support is not included. * Bug fixes: avoid memory overflow in gigantic text nodes, indentation problem on the writed (Rob Richards), xmlAddChildList pointer problem (Rob Richards and Kevin Milburn), xmlAddChild problem with attribute (Rob Richards and Kris Breuker), avoid a memory leak in an edge case (Daniel Zimmermann), deallocate some pthread data (Alex Ott). * Improvements: configure option to avoid rebuilding docs (Adrian Bunk), limit text nodes to 10MB max by default, add element traversal APIs, add a parser option to enable pre 2.7 SAX behavior (Rob Richards), add gcc malloc checking (Marcus Meissner), add gcc printf like functions parameters checking (Marcus Meissner). - dropped obsoleted patches: * alloc_size.patch (mainline) * CVE-2008-4225.patch (mainline) * CVE-2008-4226.patch (mainline) * CVE-2008-4409.patch (mainline) * oldsax.patch (mainline) * pritnf.patch (mainline) * xmlsave.patch (mainline)libxml2build85 15390795662.9.4-18.12.9.4-18.12.9.4-18.12.9.4-18.1xmlcatalogxmllintxmlcatalog.1.gzxmllint.1.gz/usr/bin//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:8894/openSUSE_Leap_42.3_Update/7ae633b1c7f4a8afb4f403a319f1348d-libxml2.openSUSE_Leap_42.3_Updatedrpmlzma5x86_64-suse-linuxELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.0.0, BuildID[sha1]=81dd86a70f98427d7da4010c046c4e584cfe0048, strippedELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.0.0, BuildID[sha1]=28fed5ab7463d2684cef1f13da8fd71307febf9d, strippedtroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)RRRRRRRRRRRRR RRRR RRRR R R RRRRc~U6$?0]"k%ndNG{pmlҏ42 F/ҭ"RLn! YÆ5 Jx۳P$ce|{VpH%를L‘d)|  *:|7dCS|"#/(ɪe~tB2:FrOaZhKH˹ 8@2-r.)RϾMj&HɲP6):w>lZs4@e*R$FnaDQ+~˨lRH%VlK#@)oJ2M 9zzI"K,-8Hy 773zA5>@ȭRD:3\FFCL8^5Ѯƃ C+&R-e]XĐ1Y (&6af旬"Ic'<:NDKe)mӰӾ&H0vC4~m|Th߄+Ny5V]>ZU뇙.k.tlM0G.K%9i"7OBc*>7Z9ltP uKH}0qϒ,>tey])a2{Hj0R,m3~P MVw,#?B1)x@b{i tQYWèuZ0sD@z&&틊F!2ԏuoG/\<}܎G7ٌ}]؆գ61k0*a1CfX 0^K!+k z|~tZt`rpAG40j~rrVY{Տ!6#s=X Z`(OXά*r)./g#)0lkOԬ`>ͲyBQ+LVEh!%4Z*ࡘoZ{iq Zx"DZ}fuZRu