Hello community,
here is the log from the commit of package libxml2
checked in at Mon Nov 17 17:20:01 CET 2008.
--------
--- libxml2/libxml2.changes 2008-10-30 11:36:40.000000000 +0100
+++ /mounts/work_src_done/STABLE/libxml2/libxml2.changes 2008-11-06 12:02:45.000000000 +0100
@@ -1,0 +2,5 @@
+Thu Nov 6 12:02:25 CET 2008 - prusnak@suse.cz
+
+- fixed CVE-2008-4226 [bnc#441368]
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
libxml2-2.7.1-CVE-2008-4226.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libxml2-python.spec ++++++
--- /var/tmp/diff_new_pack.O25073/_old 2008-11-17 17:19:37.000000000 +0100
+++ /var/tmp/diff_new_pack.O25073/_new 2008-11-17 17:19:37.000000000 +0100
@@ -25,7 +25,7 @@
AutoReqProv: on
Summary: Python Bindings for libxml2
Version: 2.7.1
-Release: 5
+Release: 6
Source: libxml2-%{version}.tar.bz2
Source1: libxml2-python-rpmlintrc
%py_requires
++++++ libxml2.spec ++++++
--- /var/tmp/diff_new_pack.O25073/_old 2008-11-17 17:19:37.000000000 +0100
+++ /var/tmp/diff_new_pack.O25073/_new 2008-11-17 17:19:37.000000000 +0100
@@ -24,7 +24,7 @@
Group: System/Libraries
Summary: A Library to Manipulate XML Files
Version: 2.7.1
-Release: 5
+Release: 6
# bug437293
%ifarch ppc64
Obsoletes: libxml2-64bit
@@ -40,6 +40,8 @@
Patch1: %{name}-%{version}-alloc_size.patch
# PATCH-FIX-UPSTREAM libxml2-2.7.1-CVE-2008-4409.patch [bgo#554660] [bnc#432486]
Patch2: %{name}-%{version}-CVE-2008-4409.patch
+# PATCH-FIX-UPSTREAM libxml2-2.7.1-CVE-2008-4226.patch [bnc#441368]
+Patch3: %{name}-%{version}-CVE-2008-4226.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Url: http://xmlsoft.org
@@ -158,6 +160,7 @@
%patch0
%patch1
%patch2
+%patch3
%build
%configure \
@@ -216,6 +219,8 @@
%dir %{_datadir}/gtk-doc/html
%changelog
+* Thu Nov 06 2008 prusnak@suse.cz
+- fixed CVE-2008-4226 [bnc#441368]
* Thu Oct 30 2008 olh@suse.de
- obsolete old -XXbit packages (bnc#437293)
* Mon Oct 06 2008 prusnak@suse.cz
@@ -923,7 +928,7 @@
- revert catalog separator change, accepting ":" again.
libxml2 is using anyway ":" internal, even when a " " separator
is given
-* Thu Oct 31 2002 ro@suse.de
+* Wed Oct 30 2002 ro@suse.de
- removed patch call for removed patch
* Wed Oct 30 2002 ke@suse.de
- Drop libxml2-2.4.19-xml2-config.dif to avoid header file conflicts
++++++ libxml2-2.7.1-CVE-2008-4226.patch ++++++
--- SAX2.c
+++ SAX2.c
@@ -11,6 +11,7 @@
#include "libxml.h"
#include