Revision tags: AOO420-Dev5-m5, AOO4115-GA, AOO4114-GA, AOO420-Dev4-m4, AOO4113-GA, AOO4112-GA, AOO4111-GA, AOO420-Dev3-m3, AOO4110-GA, AOO419-GA, AOO418-GA |
|
93fd6e3d | 30-Sep-2020 |
Don Lewis |
libxml2 bug fixes from upstream From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Thu, 12 Dec 2019 17:30:55 +0800 Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities
libxml2 bug fixes from upstream From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Thu, 12 Dec 2019 17:30:55 +0800 Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef return NULL which cause a infinite loop in xmlStringLenDecodeEntities Found with libFuzzer. From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Fri, 7 Aug 2020 21:54:27 +0200 Subject: [PATCH] Fix out-of-bounds read with 'xmllint --htmlout' Make sure that truncated UTF-8 sequences don't cause an out-of-bounds array access. Thanks to @SuhwanSong and the Agency for Defense Development (ADD) for the report. Fixes #178. From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Tue, 20 Aug 2019 16:33:06 +0800 Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun alloc a new schema for ctxt->schema and set vctxt->xsiAssemble to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize vctxt->xsiAssemble to 0 again which cause the alloced schema can not be freed anymore. Found with libFuzzer. Patch by: Zhipeng Xie <xiezhipeng1@huawei.com> via gnome.org Patch by: Nick Wellnhofer <wellnhofer@aevum.de> via gnome.org
show more ...
|
Revision tags: 420-Dev2-m2 |
|
f3525e2f | 13-Nov-2019 |
Don Lewis |
Upgrade libxslt to version 1.1.34 and libxml2 to version 2.9.10. This version of libxslt contains the bugfix and three CVE patches that we had cherry picked from upstream. |
3f3f2619 | 08-Oct-2019 |
Don Lewis
|
Upgrade libxml2 to version 2.9.9 and libxslt to version 1.1.33. libxml2-nan-inf-fix.patch has been incorporated upstream. Cherry-pick four upstream post 1.1.33 libxslt commits to ad
Upgrade libxml2 to version 2.9.9 and libxslt to version 1.1.33. libxml2-nan-inf-fix.patch has been incorporated upstream. Cherry-pick four upstream post 1.1.33 libxslt commits to address three CVEs and one functionality regression. Without the latter fix, xsltproc generates bad code for the writerfilter module causing a build failure.
show more ...
|
Revision tags: AOO417, AOO420-Dev-m1, AOO416, AOO416-RC1 |
|
d095bc29 | 25-Aug-2018 |
Don Lewis |
Upgrade bundled libxml2 to version 2.9.8 and libxslt to version 1.1.32. Some of the patches for the previous version of libxml2 have been picked up upstream and are no longer needed. One ne
Upgrade bundled libxml2 to version 2.9.8 and libxslt to version 1.1.32. Some of the patches for the previous version of libxml2 have been picked up upstream and are no longer needed. One new patch is needed for clean builds on Windows, so cherrypick it from upstream. git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1839130 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
Revision tags: AOO415, AOO414, AOO413 |
|
8aefc987 | 28-Aug-2016 |
truckman |
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4449 CVE-2016-4483 It is not known whether any of these affect OpenOffice. Import a post-2.9.4 patch from the upstream git repo to fix a build problem on systems with pre-C99 compilers. git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758150 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
Revision tags: AOO4121 |
|
4a0a8088 | 15-Jun-2016 |
truckman |
#i126893#: Upgrade bundled libxml2 version to 2.9.3 and libxslt to 1.1.28 These security vulnerabilities have been fixed since the release of libxml2-2.7.8 which is bundled with OpenOffi
#i126893#: Upgrade bundled libxml2 version to 2.9.3 and libxslt to 1.1.28 These security vulnerabilities have been fixed since the release of libxml2-2.7.8 which is bundled with OpenOffice: CVE-2011-3202 CVE-2011-3919 CVE-2013-0338 CVE-2013-0339 CVE-2013-2877 CVE-2014-0191 CVE-2014-3660 CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 This vulnerability has been fixed since the release of libxslt-1.1.26: CVE-2015-7995 Upgrade libxml2 to version 2.9.3 which has no publicly disclosed vulnerabilities at this time. Rebase libxml2-configure.patch to the new version of libxml2. The freebsd-elf change to ltmain.sh is no longer necessary and is eliminated from the patch. The fixes in libxml2-fixes.patch were either fixed upstream or don't seem to apply anymore, so this patch file was deleted. The fixes in libxml2-testapi.patch and libxml2-runtest.patch are in now in the upstream source, so these patch files have been deleted. The libxml2-mingw.patch and Solaris-specific libxml2-global-symbols.patch were not updated and are disconnected from the build. Several of the fixes in libxml2-long-path.patch are now fixed upstream. Upgrade libxslt to version 1.1.28 and add libxslt-CVE-2015-7995.patch, which is imported from the FreeBSD port and which appears to have been cherry picked from upstream. Rebase libxslt-configure.patch to the new version of libxslt, with the libtool-related changes coming from the libxslt port to FreeBSD. The fixes in libxslt-bsd.patch are now present in the upstream source, so this patch was deleted. Tested by: kschenk git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1748497 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
Revision tags: AOO412, SNAPSHOT, AOO411 |
|
a893be29 | 29-Apr-2014 |
Pedro Giffuni |
Many spelling fixes: directories h* - p*. Attempt to clean up most but certainly not all the spelling mistakes that found home in OpenOffice through decades. We could probably blame
Many spelling fixes: directories h* - p*. Attempt to clean up most but certainly not all the spelling mistakes that found home in OpenOffice through decades. We could probably blame the international nature of the code but it is somewhat shameful that this wasn't done before. git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1591060 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
Revision tags: AOO410, AOO410_Beta, AOO401, AOO400 |
|
9bf6e6d5 | 21-Dec-2012 |
Pedro Giffuni |
i121528 - fix win build. Add upstream patch by Rob Richards. git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1424811 13f79535-47bb-0310-9956-ffa450edef68 |
887c5134 | 20-Dec-2012 |
Pedro Giffuni |
i121528 - Update internal libxml2 to version 2.7.8. Despite not being the latest version, 2.7.8 has been relatively well tested and introduces no API changes. The last update to
i121528 - Update internal libxml2 to version 2.7.8. Despite not being the latest version, 2.7.8 has been relatively well tested and introduces no API changes. The last update to our internal XML C parser was done in Oct 6 2009, so the list of enhancements is quite big: http://xmlsoft.org/news.html In addition to the normal updates we include a couple of vulnerability fixes from FreeBSD. git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1424721 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
Revision tags: AOO340 |
|
c6c5eeba | 31-May-2012 |
Jian Fang Zhang |
Restore the incorrectly removed message in libxml2 makefile.mk git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1344546 13f79535-47bb-0310-9956-ffa450edef68 |
00bc49ba | 31-May-2012 |
Jian Fang Zhang |
Fix issue #93433: build breaks in libxml2 on Korean Windows due to special character * /libmxl2/libxml2-testapi.patch : replaced '\248' encoded in ISO-8859-1 with '\xf8' * /libmxl2/libxm
Fix issue #93433: build breaks in libxml2 on Korean Windows due to special character * /libmxl2/libxml2-testapi.patch : replaced '\248' encoded in ISO-8859-1 with '\xf8' * /libmxl2/libxml2-runtest.patch : replaced 'e' encoded in ISO-8859-1 as in 'resume' with \xe9 Patch by: tora3@nichoume.com git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1344534 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
4ee0f98c | 16-Feb-2012 |
Herbert Dürr |
remove svn:executable properties from many more non-exec files git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1244909 13f79535-47bb-0310-9956-ffa450edef68 |
752c0af7 | 15-Feb-2012 |
Herbert Dürr |
remove svn:executable properties from make and pack files git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1244512 13f79535-47bb-0310-9956-ffa450edef68 |
7871dc3e | 11-Jan-2012 |
Andrew Rist |
Update headers to Alv2 headers git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1229815 13f79535-47bb-0310-9956-ffa450edef68 |
cdf0e10c | 16-Aug-2011 |
rcweir |
Initial import of the old OOo hg repository tip revision. .../trunk/main is a copy of (currently tip-most) http://hg.services.openoffice.org/OOO340/rev/c904c1944462 .../trunk/
Initial import of the old OOo hg repository tip revision. .../trunk/main is a copy of (currently tip-most) http://hg.services.openoffice.org/OOO340/rev/c904c1944462 .../trunk/extras/l10n is a copy of (currently tip-most) http://hg.services.openoffice.org/master_l10n/OOO340/rev/af6bc9467af5 Note that the following files with line-end and/or encoding anomalies were left out (they will need to be to be checked in separately): /ooo/trunk/core/dictionaries/de_DE/README_hyph_de_DE.txt /ooo/trunk/core/dictionaries/de_CH/README_hyph_de_CH.txt /ooo/trunk/core/dictionaries/de_AT/README_hyph_de_AT.txt /ooo/trunk/core/gettext/gettext-0.18.1.1.patch /ooo/trunk/core/apache-commons/patches/codec.patch /ooo/trunk/core/libcroco/libcroco-0.6.2.patch /ooo/trunk/core/testautomation/writer/optional/input/import/mactext.txt /ooo/trunk/core/graphite/graphite-2.3.1.patch /ooo/trunk/core/hwpfilter/source/hwpeq.cpp /ooo/trunk/core/solenv/bin/cwstouched.pl /ooo/trunk/core/readlicense_oo/html/THIRDPARTYLICENSEREADME.html /ooo/trunk/core/writerfilter/source/doctok/escher.html /ooo/trunk/core/writerfilter/source/odiapi/qname/resource/office2003/WordprocessingML Schemas/xsdlib.xsd /ooo/trunk/core/writerfilter/source/odiapi/qname/resource/office2003/WordprocessingML Schemas/wordnetaux.xsd /ooo/trunk/core/filter/source/xslt/odf2xhtml/export/common/body.xsl /ooo/trunk/core/filter/source/xslt/odf2xhtml/export/common/styles/style_mapping_css.xsl Also: Repository.mk from the l10n toplevel git-svn-id: https://svn.apache.org/repos/asf/incubator/ooo/trunk@1162288 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|