Changelog for libxml2-2-2.7.8+git20120223-8.14.1.i586.rpm :

* Thu Mar 07 2013 fix for CVE-2013-0338 (bnc#805233) libxml2-CVE-2013-0338-Detect-excessive-entities-expansion-upon-replacement.patch
* Fri Dec 07 2012 fixed CVE-2012-5134 (bnc#793334) / libxml2-CVE-2012-5134.patch
* Thu Jun 28 2012 fixed CVE-2012-2807 (bnc#769184)
* Sun Mar 11 2012 libxml2-2 should not require libxml2-tools. There is no trouble expected, since attempting to install libxml2 will already pull in libxml2-tools due to Provides tags.
* Mon Mar 05 2012 revert the two commits that broke perl-XML-LibXML\'s test case, I hope the two upstreams will figure it out
* Fri Mar 02 2012 update to git to fix some issues
* Fix a logic error in Schemas Component ConstraintsHEADmaster
* Fix a wrong enum type use in Schemas Types
* Thu Mar 01 2012 fixed a 64bit big endian bug in the file reader.
* Sat Feb 25 2012 the fallout of requiring libxml2-tools as explicit buildrequire is just too large, so avoid it for now and create a cycle between libxml2-2 and libxml2-tools
* Sat Feb 25 2012 add provide for the old name to fix packages with explicit library dependency
* Thu Feb 23 2012 update to today\'s GIT snapshot: include XZ support- split libxml2-2 according to shared library policy
* Mon Dec 26 2011 Remove redundant tags/sections
* Wed Dec 21 2011 add autoconf as buildrequire to avoid implicit dependency
* Tue Dec 20 2011 own aclocal directory, there is no other reason to buildrequire automake
* Fri Jul 08 2011 update to libxml-2.7.8+git20110708 - several important bugfixes- drop upstreamed patches:
* libxml2-CVE-2010-4494.patch
* libxml2-CVE-2011-1944.patch
* noxref.patch
* symbol-versioning.patch
* Wed Jun 29 2011 add libxml2-CVE-2011-1944.patch (bnc#697372)
* Sun Jun 05 2011 add symbol-versioning.patch to restore 11.3 versioned symbols
* Mon Jan 03 2011 add libxml2-CVE-2010-4494.patch (bnc#661471)
* Fri Dec 03 2010 update to libxml-2.7.8 - number of bufixes, documentation and portability fixes - update language ID parser to RFC 5646 - sort python generated stubs - add an HTML parser option to avoid a default doctype - see for exact details- drop libxml2-xpath-ns-attr-axis.patch (in upstream)- clean up specfile
* Mon Nov 01 2010 add libxml2-xpath-ns-attr-axis.patch (bnc#648277)
* Sat Oct 30 2010 Use --disable-static
* Mon Sep 20 2010 drop libxml2-largefile64.patch (revert last change) - the issue is fixed in zlib
* Fri Sep 17 2010 add libxml2-largefile64.patch (fixes build) - debian bug#439843
* Wed Jul 14 2010 added noxref.patch, this implements a new --noxref option, which turns validation errors about missing xrefs into warnings. Upstreamed as
* Sat Apr 24 2010 buildrequire pkg-config to fix provides
* Tue Mar 23 2010 update to 2.7.7- add extra options to ./configure for scribus features and avoid a crash- updates from 2.7.3 > 2.7.7 include a number of portability, correctness memory leaks and build fixes including some CVE- see for exact details
* Mon Feb 22 2010 add sax parser option compiled in
* Mon Dec 14 2009 add baselibs.conf as a source- package documentation as noarch
* Sun Aug 02 2009 Disable the check for ARM as qemu-arm can\'t keep up atm.
* Thu Mar 19 2009 updated to 2.7.2
* Portability fix: fix solaris compilation problem, fix compilation if XPath is not configured in
* Bug fixes: nasty entity bug introduced in 2.7.0, restore old behaviour when saving an HTML doc with an xml dump function, HTML UTF-8 parsing bug, fix reader custom error handlers (Riccardo Scussat)
* Improvement: xmlSave options for more flexibility to save as XML/HTML/XHTML, handle leading BOM in HTML documents- updated to 2.7.3
* Build fix: fix build when HTML support is not included.
* Bug fixes: avoid memory overflow in gigantic text nodes, indentation problem on the writed (Rob Richards), xmlAddChildList pointer problem (Rob Richards and Kevin Milburn), xmlAddChild problem with attribute (Rob Richards and Kris Breuker), avoid a memory leak in an edge case (Daniel Zimmermann), deallocate some pthread data (Alex Ott).
* Improvements: configure option to avoid rebuilding docs (Adrian Bunk), limit text nodes to 10MB max by default, add element traversal APIs, add a parser option to enable pre 2.7 SAX behavior (Rob Richards), add gcc malloc checking (Marcus Meissner), add gcc printf like functions parameters checking (Marcus Meissner).- dropped obsoleted patches:
* alloc_size.patch (mainline)
* CVE-2008-4225.patch (mainline)
* CVE-2008-4226.patch (mainline)
* CVE-2008-4409.patch (mainline)
* oldsax.patch (mainline)
* pritnf.patch (mainline)
* xmlsave.patch (mainline)