- Tue Nov 18 2014 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.25.el5
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1161841)
- Wed Jul 24 2013 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.24.el5
- fixed one regexp bug and added a (rhbz#922450)
- Another small change on the algorithm for the elimination of epsilon (rhbz#922450) - Wed Feb 20 2013 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.23.el5
- detect and stop excessive entities expansion upon replacement (rhbz#912573)
- Tue Jan 29 2013 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.22.el5
- fix validation issues with some XSD (rhbz#877348)
- xmlDOMWrapCloneNode discards namespace of the node parameter (rhbz#884707) - Fri Nov 30 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.21.el5
- fix out of range heap access (CVE-2012-5134)
- Thu Sep 6 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.20.el5
- Implement some default limits in the XPath module (CVE-2011-1944)
- Change the XPath code to percolate allocation errors (CVE-2011-1944) - Thu Aug 23 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.19.el5
- Fix an off by one pointer access (CVE-2011-3102)
- Wed Aug 22 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.18.el5
- Fix parser local buffers size problems (rhbz#843740)
- Fix entities local buffers size problems (rhbz#843740)
- Fix an error in previous commit (rhbz#843740) - Tue Feb 14 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.17.el5
- fix previous build to force compilation of randomization code
- Resolves: rhbz#788844 - Sat Feb 11 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.16.el5
- adds randomization to hash and dict structures CVE-2012-0841
- Resolves: rhbz#788844 - Sat Jan 7 2012 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.15.el5
- Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008
- Fix an off by one error in encoding CVE-2011-0216
- Fix some potential problems on reallocation failures CVE-2011-1944
- Fix missing error status in XPath evaluation CVE-2011-2834
- Make sure the parser returns when getting a Stop order CVE-2011-3905
- Fix an allocation error when copying entities CVE-2011-3919.patch
- Resolves: rhbz#771907 - Sat Oct 22 2011 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.14
- fix schemas validation of empty integer values (rhbz#743737)
- Wed Jun 29 2011 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.13
- Fix a potential crasher in XPath or XSLT, CVE-2011-1944
- Resolves: rhbz#710395 - Fri Apr 22 2011 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.12
- fix various problems with XSD validation
- Resolves: rhbz#644312 - Tue Oct 5 2010 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.11
- missing an initialization in an XPath internal structure
- Resolves: rhbz#613860 - Wed Aug 5 2009 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.10
- Fix a couple of crash CVE-2009-2414 and CVE-2009-2416
- Resolves: rhbz#515237 - Thu Nov 13 2008 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.9
- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226
- Resolves: rhbz#470475 - Sat Sep 6 2008 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.8
- Patch to fix an entity name copy buffer overflow CVE-2008-3529
- Resolves: rhbz#461024 - Fri Aug 29 2008 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.7
- Patch to fix recursive entities handling CVE-2008-3281 in a better way
- Resolves: rhbz#458096 - Sun Aug 24 2008 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.6
- Patch to fix recursive entities handling CVE-2008-3281
- Resolves: rhbz#458096 - Tue Dec 18 2007 Daniel Veillard <veillard@redhat.com> - 2.6.26-2.1.3
- Patch to fix UTF-8 decoding problem CVE-2007-6284
- Resolves: rhbz#425934 - Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> - 2.6.26-2.1.2
- fixing an i386/x86_64 parallel install problem of -devel
- Resolves: rhbz#222735 - Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> - 2.6.26-2.1.1
- rebuild
- Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> - 2.6.26-2.1
- rebuild
- Thu Jun 8 2006 Daniel Veillard <veillard@redhat.com> 2.6.26-2
- fix bug #192873
- Wed Jun 7 2006 Daniel Veillard <veillard@redhat.com> 2.6.26-1
- upstream release 2.6.26 see http://xmlsoft.org/news.html
- Wed Jun 7 2006 Daniel Veillard <veillard@redhat.com>
- upstream release 2.6.25 broken, do not ship !