libexpat-devel-2.2.5-lp151.3.3.1 4>$  Ap](渋/=„9 .Q 8>6&r1*Rn0 A;sp+/)KeVԼ@:QҳvH4Af cX"ѕҁԸƨCB>Bٖ ݀ S9o59gp:Vx ppj`z~bUU[1f@lO2 Wl@ >U!&GF\:Ү\Ɠ9-sq oh5f00c7fccfb22a32ac280115dbaaf328689b3967a106432c49ae45a01feb9e4fe61422d62891db4d520468b1ad03022d73d8f205a](渋/=„pK:+Qvsws 0j0inaʀ%Єٟv57oMjW6Ni9ȃNqvnfV ƤzW `]Hs%ȁn2ye#Y=c?W?|mb9ʙeh8x6]S).\YhvC?h08j)(Sʺ1#&)6sX eBSܬp<`d^e]_ }{XD*rR-d>p>*?)d # Vhltx      4 9 Pd} (89::F&G&H&I'X'Y'\'@]'T^'b'c({d) e)f)l)u)$v)8w)hx)|y)z)))))Clibexpat-devel2.2.5lp151.3.3.1Development files for expat, an XML parser toolkitExpat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags). This package contains the development headers for the library found in libexpat.](lamb24openSUSE Leap 15.1openSUSEMIThttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://libexpat.github.iolinuxi586 ΁](](](](](279e957814e08b441e2f20a4d0fbbc146abb7eb1c5cbeccd0fafd53947c9fe1af87864e595767e3f1d28a5f10a2704671e779bcd403b10f75ab036a8ed983a88ea1076d7b1f763a5da0f8291003a8bdd9887ff28ceae62a070ade57f3a93a0cf3cd2771eee4500c6acb364c572a0b06b5d59c31375833439512d29bc4676dbf5libexpat.so.1.6.7rootrootrootrootrootrootrootrootrootrootexpat-2.2.5-lp151.3.3.1.src.rpmlibexpat-devellibexpat-devel(x86-32)pkgconfig(expat)@    /usr/bin/pkg-configglibc-devellibexpat1rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.2.53.0.4-14.6.0-14.0-15.2-14.14.1]G@Z }Z }ZY@YYdY[@WW~Wjengelh@inai.dempluskal@suse.comaavindraa@gmail.compmonrealgonzalez@suse.comjayvdb@gmail.commpluskal@suse.commeissner@suse.comjengelh@inai.detchvatal@suse.comkstreitova@suse.comcrrodriguez@opensuse.orgidonmez@suse.commpluskal@suse.com- Security fix (CVE-2018-20843, bsc#1139937) * Large number of colons in input makes parser consume high amount of resources * Added expat-CVE-2018-20843.patch- Expand description of expat-devel.- Do not generate manpages from docbook - Temporarily disable profiling due to bug in build system- Version update to 2.2.5 Tue October 31 2017 * Bug fixes: - If the parser runs out of memory, make sure its internal state reflects the memory it actually has, not the memory it wanted to have. - The default handler wasn't being called when it should for a SYSTEM or PUBLIC doctype if an entity declaration handler was registered. - Fix a case of mistakenly reported parsing success where XML_StopParser was called from an element handler - Function XML_ErrorString was returning NULL rather than a message for code XML_ERROR_INVALID_ARGUMENT introduced with release 2.2.1 * Other changes: - Add argument -N adding notation declarations - various compiler-specific fixes - Improve docbook2x-man detection - drop expat-docbook.patch * fixed in 0f5186c7b8e503c669e332d944712de010b265f3 - switch to github for release tarballs and website- Version update to 2.2.4 Sat August 19 2017 * Bug fixes: [#115] Fix copying of partial characters for UTF-8 input * Other changes: [#109] Fix "make check" for non-x86 architectures that default to unsigned type char (-128..127 rather than 0..255) [#109] coverage.sh: Cover -funsigned-char Autotools: Introduce --without-xmlwf argument [#65] Autotools: Replace handwritten Makefile with GNU Automake [#43] CMake: Auto-detect high quality entropy extractors, add new option USE_libbsd=ON to use arc4random_buf of libbsd [#74] CMake: Add -fno-strict-aliasing only where supported [#114] CMake: Always honor manually set BUILD_* options [#114] CMake: Compile man page if docbook2x-man is available, only [#117] Include file tests/xmltest.log.expected in source tarball (required for "make run-xmltest") [#111] Fix some typos in documentation Version info bumped from 7:5:6 to 7:6:6 - Release 2.2.3 Wed August 2 2017 * Bug fixes: [#85] Fix a dangling pointer issue related to realloc * Other changes: [#91] Linux: Allow getrandom to fail if nonblocking pool has not yet been initialized and read /dev/urandom then, instead. This is in line with what recent Python does. [#86] Check that a UTF-16 encoding in an XML declaration has the right endianness [#4] #5 #7 Recover correctly when some reallocations fail Repair "./configure && make" for systems without any provider of high quality entropy and try reading /dev/urandom on those Ensure that user-defined character encodings have converter functions when they are needed Fix mis-leading description of argument -c in xmlwf.1 Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) for CloudABI [#100] Fix use of SIPHASH_MAIN in siphash.h [#23] Test suite: Fix memory leaks Version info bumped from 7:4:6 to 7:5:6 - Release 2.2.2 Wed July 12 2017 * Security fixes: [#43] Protect against compilation without any source of high quality entropy enabled, e.g. with CMake build system; * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; resulted in NULL dereference, previously; * Bug fixes: [#69] Fix improper use of unsigned long long integer literals * Other changes: [#73] Start requiring a C99 compiler [#49] Fix "==" Bashism in configure script [#58] Address compile warnings [#68] Fix "./buildconf.sh && ./configure" for some versions of Dash for /bin/sh [#72] CMake: Ease use of Expat in context of a parent project with multiple CMakeLists.txt files [#72] CMake: Resolve mistaken executable permissions [#76] Address compile warning with -DNDEBUG (not recommended!) [#77] Address compile warning about macro redefinition * Added patch expat-docbook.patch to compile the man pages with docbook-to-man * Cleaned spec file with spec-cleaner- Allow building when do_profiling is undefined- Build with profiling when possible- Version update to 2.2.1 Sat June 17 2017 - Security fixes: CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS Details: https://libexpat.github.io/doc/cve-2017-9233/ Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; (Fixed version of existing downstream patches!) - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off longer tag names; [#25] More integer overflow detection (function poolGrow); - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; - [MOX-005] #30 Use high quality entropy for hash initialization: * arc4random_buf on BSD, systems with libbsd (when configured with --with-libbsd), CloudABI * RtlGenRandom on Windows XP / Server 2003 and later * getrandom on Linux 3.17+ In a way, that's still part of CVE-2016-5300. https://github.com/libexpat/libexpat/pull/30/commits - [MOX-005] For the low quality entropy extraction fallback code, the parser instance address can no longer leak, - [MOX-003] Prevent use of uninitialised variable; commit - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b Add missing parameter validation to public API functions and dedicated error code XML_ERROR_INVALID_ARGUMENT: - [MOX-006] * NULL checks; commits * Negative length (XML_Parse); commit - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash to go further with fixing CVE-2012-0876. https://github.com/libexpat/libexpat/pull/39/commits - Bug fixes: [#32] Fix sharing of hash salt across parsers; relevant where XML_ExternalEntityParserCreate is called prior to XML_Parse, in particular (e.g. FBReader) [#28] xmlwf: Auto-disable use of memory-mapping (and parsing as a single chunk) for files larger than ~1 GB (2^30 bytes) rather than failing with error "out of memory" [#3] Fix double free after malloc failure in DTD code; commit 7ae9c3d3af433cd4defe95234eae7dc8ed15637f [#17] Fix memory leak on parser error for unbound XML attribute prefix with new namespaces defined in the same tag; found by Google's OSS-Fuzz; commits xmlwf on Windows: Add missing calls to CloseHandle - New features: [#30] Introduced environment switch EXPAT_ENTROPY_DEBUG=1 for runtime debugging of entropy extraction Bump version info from 7:2:6 to 7:3:6- Remove pointless --with-pic (for static only)- Version update to 2.2.0: * Fixes bnc#983215 CVE-2012-6702 * Fixes bnc#983216 CVE-2016-5300 * Various cmake and autotools script updates * Fix detection of utf8 character boundaries - Remove all patches merged upstream: * expat-2.1.1-avoid_relying_on_undef_behaviour.patch * expat-2.1.1-parser_crashes_on_malformed_input.patch * expat-alloc-size.patch * expat-visibility.patch- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid relying on undefined behavior in the original CVE-2015-1283 fix [bnc#980391], [bnc#983985], [CVE-2016-4472] - add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix Expat XML parser that mishandles certain kinds of malformed input documents [bnc#979441], [CVE-2016-0718] - use spec-cleaner to clean specfile- After simplification of expat-visibility.patch, it became uneffective as no symbols are getting hidden. add - fvisibility=hidden to CFLAGS again. - expat-alloc-size.patch: fix braino, realloc()-like functions should not take __attribute__(malloc)- Update to version 2.1.1 * Fixes CVE-2015-1283 — Multiple integer overflows in the XML_GetBuffer function * Fix potential null pointer dereference * Symbol XML_SetHashSalt was not exported * Output of xmlwf -h was incomplete * Document behavior of calling XML_SetHashSalt with salt 0 * Minor improvements to man page xmlwf(1) - Simplify expat-visibility.patch, refresh expat-alloc-size.patch - Drop config-guess-sub-update.patch, fixed upstream.- Cleanup spec file with spec-cleaner - Remove old ppc obsoletes/provideslamb24 15629549732.2.5-lp151.3.3.12.2.5-lp151.3.3.12.2.5expat.hexpat_config.hexpat_external.hlibexpat.soexpat.pc/usr/include//usr/lib//usr/lib/pkgconfig/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:10587/openSUSE_Leap_15.1_Update/53a6821bf9345391ed6524133480fe68-expat.openSUSE_Leap_15.1_Updatecpioxz5i586-suse-linuxC source, ASCII textASCII textpkgconfig filePRho|L_ۦutf-8be0ee82659f1f71307fba68fe3d1ef6da2a4983f89f708f9535b761b99ae5d25? 7zXZ !t/c35] crv(vX0~؉"vMXZ/B}TB6L ZMJ.a\qy Z}dJ6'K3fWZ^w-+~lâxg?PsUYr6'ͳ(FTŐ4bNѝ c^tB8`OvO]% :UQ"ͪ\s$SZe$I Rj́i|$ FI Wɧjxg,]47Aa@RYŢ%_kC"oG =:ZHIT3ztrRӷK4X6 f qM#b.\AǠšv$񓫡0f%0@o.QɂYf1`W7h-(/d } oPWQ }h;%0-;YF˒Ԝ*JB]/\rDa=F'dCCc?V;+SszUO׻j$3 kL~!XO}OAjs+xO/LbHkX>0ثKZe5(JesZ%'bX ^tR\]uhWT*E}AD rR7KXU4UCRX̜*Fex^Tα:]6SŋlȺi3A_C,[ZSЬ(rDd!ꇞ,O\!y=p.z&xtM֔5x_{,.Jϩi!` qn]`ǖ~Mwބᖴ*)܀P4 1g%qR";m}I$/e4 _,<À;> ՚byw %Q?O7DLFnͩ. aƴ7B8ft>Gకv>JC/|z,)sS7lӟ7bѫh;D\lK@^LU/ ;,>_MK5[֋r8 !0RzXr&Ocqrdvd>{H6$[\T-nl8,1E KE1díO4@}Gi!愨q 3#(w(U2>U1 %f*+: t6"Ԇf,W|D'KhLs[z)MZ}JYᒱTD̩g8@]`iT+V (IpGDţD nVD~r_oZ+8$Ϳ-%<|ȹQm7 OC!ǀ$-k4&lۣ^k#š,G=5_=}N$d(G?|wSCrNϵYNK~(sy );qpnS!BpXBe066'tDnKȾ7*7 C( )8?}).1]{*PM;sÌ3ij4MaH  @+v+5X ZDlLod˚4! qEV2W*QGS\z36BM⾴\+O*;,_:D\ƴwʮ@4؍q8}Mc<Ծ)T%/Jdȡ{zΙ[#ѯ[zS Oj2o$̃oes wvpQyŃCPbƭs#fQ&5;X8IV 6 !My" TcS[0(הXD= yhM.a_ڊ¬N|_]QW#'a'vtuF;>]d:*+b8gP@EKup*iM{C9 E>(f#3;)?+qcȳ%^w rWj|-/kגD-ofUp뷺/" g[ױtTfjȒMZU\0Sw. +I|c4 Y:*N ՂywyAPswR?aabB]SתM△U#Ӂe6L #'3V@7~xif=v~6$n+iqj5{'Y0jj>a_:Pw 1PJ\[J{m x$j9R@9=d7YdfkO\ RUcZBBMޛ]Ji }툫ܰ0z vP] -͔5J{}:~FyU 3!zӡ\ʣ{x"?9<[+-4V2;x^K,s R) n#}O[!w]"|TTc3^oX:>6퓺d@4rP9Vi6=c3{SܝKЉ@)x6Q }@I5:KC)wXWrǺ/ZNmp̈́O_W5j ٤ZhC! FN,OkcGazWt\ý+rm, e &fxE)gܦ})օ hS+yfW`ÒϬn D\]4ޝebo>{Pa̰ 9^E!6&} 4BmsэNIe Z7o\y)j%OI4?cʰ^R/*a,i@ڦe z(n/Y\t8 CN;.xƂd4*- !IA"7_MڸX@^6 ?ZKӔ~"e+Q ۿ^r0MGf!1YO\%Ծrˤ˾1'6Wը Cg*cgo, BI'2*v7/97`eD<q\yYswoCa*t8D>ȓIi ̽P0:2{:UrqHMtWI3%.5J/&gP_Vg"c>8zlG$wMLo /&;&rK HQ@>Y"]ҧ{+ۘ H t<&ߒR'.h=DvqFZNYBb+G Qi EGy@'2u!^G+ AloWD9̨WGjWpiF^kXZ^5AP2,E빃u*HN^ R&ut1mt]ׯ?ۖ6%ȏJz:\İ{H ڷ>KI 篊M`jͰ|D')w%&Z@.[L%1^owj9IсzIg4͂][񰺮bmGzkZh<b Z+rgw>Jْo`R@̱E,?Eu8c\\ůa# ,Ջk&cCSj@ q؝:1Zڰf ylhϾ- h99V̆1a#coc hdL▲Θ8 t?cv:_S.YM,q|5 Ӫ\:֭tElC +8O/_I4BVW|xp]b,9lbXYI>:u%LR9Najl9?&^bP̤hz|/Ӹf']`,Q)ßM1ϙFPPrJiɷB)bjK*RmI$КZ_YiL8:?"'5V/2 P"m|$e@~&Rs<jh&;EAF9myK:ji=C;m : >A(a'72saW+ cì3h[qF o/w0@ 7CX5(P K_w;+<,r5؅2]17ڵCkr] @d, F%8Uyb~WHd=Lhْ:Ao1?R%Esb0%IM@4)ܲFCW깋.ԝZS= I.LPweiwފσz|σeqऔ]/q=Daaz&m Ko;m8o[[.¼Ƌ$ <vMa6!sdb~g}9-60SeM7ciՅN-+X w7{_=k b]suIxCANzyн]YK{,4z_x<{G a8L$Q@0:} a!U}v)-~qĥq ;K&uBc#/B2j$)$D/Agau6S9^>Gс;&, < Y]O%)`kNky,>[ ] B{O?X5Et l^zB0l.?H/Bcw{6g@'6X a._vHD{\b "1Q~:l#QY٘;(&?};S>r}wS>0g~0E@yn`a;"la)ԺA7?4 e4Xڣ?ywVRA uig-[db;n``xf GR33]q $wU)]@cjZ!iPxACI,KH%_iWmM1o*`E' ذlߛk݆@!Ĝ,/FqȹLF}fK5Ю, Ұf= D17| ߊTdra7\ .UU(j"?2Oa.$DܫgZdbt䭯/>,##.@e8`~tsMVB9>&~C(A:48D_$dž.+yhx㕏˧Y ;V5nPMUA43]"o#Em?׫yҫy^ՂƂe߻`?"C |/J2|6^:I]FI\7#_QQi0^&ld>Kkba}mCid<&fn/.rb~N?M O 1v'{M/fVD"SjȞ%kf hsfx,ߵ$?7Y2;cK  e63x'|HCRإc;݃ k>gr2ҝ?uKaaPjLq*zR-XHx,UH3;!oV(VYd[ VMSO~ed}&x) }IQ5F0Xqkh㸭2+B6R=voٝ]?+=< D٠۶ ;dAR#3mVTu7 tcLk.V(jN to='Viѣ*?D0O!*$X(D4蕨x ssm$&4!U̓~4hgn}لN{@dMQwuҹb3wY$ +3zE-R~; p9sቃwI SVb-j MRIx3 ԽJ34),Cf=!Õ¥xq`5bB.W.9TJs')$q \\)}7j*V ?\8 T8r>);e<BXpihR=od1)o *΢'Y|FbBa}G5x-)zҿӟ$rutvJn@.-r%mux<޾Bgz6޾:7 BtߝKf3y2'l $VrI 'd`+ڂpLؠ/9| 8'2u4qPF(B S ~wU^3!UXR %;̠ Ap.P 2 }|r˸$ ;J)DՑ?A}Jދ͞ ZTh1|?hLWev}>r9@%Q,؍DWօ/d|+D=:s7\gI35Y l,ivIjrE/ط0.]Tɛf݀©L$&_AՊ(f:żht4?-kF6K_xէi@S$C k}d=L@D*"|듟a%TƧkw^^aBhU{a,j@ fZef-![D)nY{yUy{9ѸO-`/ҡƎݯX\sp%*M抲EXv;Uv~u3(2[elĒ$kL}z:,i4^lV%o`KgV^9NJ_!0핏@PvND!)KP5Cj$l}AHk75P<>ĺfYkAyrC_×vH~u!)'ZpiMV9an\H}³isurӷ ).X%q0SM?#{ՄOIx]}@ H&/lH M<$觨XAIĴfX{jJ>8uͪ>nrcb,oR&|ё㫳dWI ,F'{ <ź('|'eq`$.aw_A'qpD*T7$* <5F9Br&'kW{* 嗫ۧQE .pd:Yup,Q?<+U3}elq1>6_t5# 5IeA&yԘ b{ʨ#h}M/ FɏI,ks8+-aed8 `@f޲ai\,(5!Kt^ ׵P#c*4AԎLQt 28v Ļ!_p cSF9^x,jv&] }7}2O~q'{C%~i?6$)m$Pgnp?r $Mlȑ-s|T#QpO#_ZN.z߼Ƨ랑'7P7KD-&\+}7@ 8mRS-m/_ j,q/ c{k6 ͧx"BgUMH}.ͪ_HK&ΏB\v '" QL-%_ư:z\zr@S8Nc 89Nts #|Z;#煕;ȁo27"¤' @t =4P8!+U C(ҁg6͈y&ĕ?! .,~B.#JߺkQ>=ߎKz@Uј tf.#wm*>zY1;w%J`m%S ♥I4}(5ȡG(jD7gkDYk%%פ.XyGZS O趢}P2~WE|)uE=SKן_ڊe /(U&v\֥ lsu q5:@$Da<.,j\w̚9a\2\rdt H֝":F#3{8L7hxLѬ ^L.22&m"_,!_u:/rD7GBMh sje&d ֘~|VmM+{ Q jBF#$ BfX\Sc(@|=De̮.CPnxX?"E\"hm#ʜqɳ߸;)tQJ<1>)ڨԍtL4A6 w'E@U:|l412gVt҄!~Gf+`NtLlgCA]MMD|, h'.ܱKkr|Қ,zJU_ ¥@ K8%}Sg71`5 1 }"7+? W+4I&P'I`!OMUiC[v$3b5BS&tb@4}Wt /t" Er]<0Xa9kRXmb1:;1M ?auSԮ}- jŊ}`8S®?)79gX .v7I iB8p#wq$zGkHZOKN*wN|?e@LHt+.G91r+Q d&hNG%T&ҐmƱ~lN;0Hpk jUB$m_ھk2  g?YȘ$}3&ĠMdҤ|]^cc@GqDPL͌:̟5IR6 bt|]WdOoC޴ :+xVgLhDMB"Lp(*2V@g,hPm4ρ7U%1ʾ xRBd2 ϑ1Xքų' D?*\^ߦIo/:u\y;?Y)ciM]&@ 2 dnNXUjGY:ӥу(~ǰxM9ٓ39f()DCH 5ȸ>E&(9즁 ޡ̰MYŊqu\JN5\)hZLS֗Hm~(06iP;+ux7T+YvWd}e_Y}Y!!XRxޙwt\ˈk%JtqͯjLw})ͺ]4ٛm>3oHzx,ɜގE =\]3ZcItvyNieUߊƤDzwwWOGrnTFm`Ț6}gQlGUv/f)ay[Q3<jj/P Q$!ݠퟫoLCEUr*x/{ZfL YZ