libexpat-devel-2.2.5-lp151.3.6.1 4>$  Ap]}/=„b,Y/E UA/%\{>1=8C0Y)uEX4C*t4D ,tW0*=D[,:t!e$?'AV '~u7ė:u3.{B0>3p S <̃Q仕433cef05131f1d8722f5ea4a6ce56a5e89a671c90976c6d95d2b677af21211e7ced6572b59e26a4f75d4bf647f333297da937c03bĉ]}/=„mP'iT_Bu :9gUmBM9j[f5NvT',`}1dKAK[,x `>G{ap&L\edMi{ pk,V$A k,.=ID`le5蛟Vg1d(']WW1]\gϏԑiޭ,ͺ8cH ϥK1]w1q#4xg"lzm2:dԟl肋HwUhcl>p>+D?+4d # Vhltx   $ 8 = Th$(89:uF( G( H(4I(HX(PY(\\(](^(b) c)d*Ae*Ff*Il*Ku*`v*tw*x*y*z****+0Clibexpat-devel2.2.5lp151.3.6.1Development files for expat, an XML parser toolkitExpat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags). This package contains the development headers for the library found in libexpat.]}lamb07!openSUSE Leap 15.1openSUSEMIThttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://libexpat.github.iolinuxx86_64 Ё]}]}]}]}]}279e957814e08b441e2f20a4d0fbbc146abb7eb1c5cbeccd0fafd53947c9fe1af87864e595767e3f1d28a5f10a2704671e779bcd403b10f75ab036a8ed983a88ea1076d7b1f763a5da0f8291003a8bdd9887ff28ceae62a070ade57f3a93a0cfb9bc3e3e125aabfc0ab1a55033d124ec1d8988e66450814a1145d6aba5f33ba1libexpat.so.1.6.7rootrootrootrootrootrootrootrootrootrootexpat-2.2.5-lp151.3.6.1.src.rpmlibexpat-devellibexpat-devel(x86-64)pkgconfig(expat)@    /usr/bin/pkg-configglibc-devellibexpat1rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.2.53.0.4-14.6.0-14.0-15.2-14.14.1]o@]G@Z }Z }ZY@YYdY[@WW~WPedro Monreal Gonzalez jengelh@inai.dempluskal@suse.comaavindraa@gmail.compmonrealgonzalez@suse.comjayvdb@gmail.commpluskal@suse.commeissner@suse.comjengelh@inai.detchvatal@suse.comkstreitova@suse.comcrrodriguez@opensuse.orgidonmez@suse.commpluskal@suse.com- Security fix (CVE-2019-15903, bsc#1149429) * Crafted XML input results in heap-based buffer over-read by fooling the parser into changing from DTD parsing to document parsing * Added patches: - expat-CVE-2019-15903.patch - expat-CVE-2019-15903-tests.patch- Security fix (CVE-2018-20843, bsc#1139937) * Large number of colons in input makes parser consume high amount of resources * Added expat-CVE-2018-20843.patch- Expand description of expat-devel.- Do not generate manpages from docbook - Temporarily disable profiling due to bug in build system- Version update to 2.2.5 Tue October 31 2017 * Bug fixes: - If the parser runs out of memory, make sure its internal state reflects the memory it actually has, not the memory it wanted to have. - The default handler wasn't being called when it should for a SYSTEM or PUBLIC doctype if an entity declaration handler was registered. - Fix a case of mistakenly reported parsing success where XML_StopParser was called from an element handler - Function XML_ErrorString was returning NULL rather than a message for code XML_ERROR_INVALID_ARGUMENT introduced with release 2.2.1 * Other changes: - Add argument -N adding notation declarations - various compiler-specific fixes - Improve docbook2x-man detection - drop expat-docbook.patch * fixed in 0f5186c7b8e503c669e332d944712de010b265f3 - switch to github for release tarballs and website- Version update to 2.2.4 Sat August 19 2017 * Bug fixes: [#115] Fix copying of partial characters for UTF-8 input * Other changes: [#109] Fix "make check" for non-x86 architectures that default to unsigned type char (-128..127 rather than 0..255) [#109] coverage.sh: Cover -funsigned-char Autotools: Introduce --without-xmlwf argument [#65] Autotools: Replace handwritten Makefile with GNU Automake [#43] CMake: Auto-detect high quality entropy extractors, add new option USE_libbsd=ON to use arc4random_buf of libbsd [#74] CMake: Add -fno-strict-aliasing only where supported [#114] CMake: Always honor manually set BUILD_* options [#114] CMake: Compile man page if docbook2x-man is available, only [#117] Include file tests/xmltest.log.expected in source tarball (required for "make run-xmltest") [#111] Fix some typos in documentation Version info bumped from 7:5:6 to 7:6:6 - Release 2.2.3 Wed August 2 2017 * Bug fixes: [#85] Fix a dangling pointer issue related to realloc * Other changes: [#91] Linux: Allow getrandom to fail if nonblocking pool has not yet been initialized and read /dev/urandom then, instead. This is in line with what recent Python does. [#86] Check that a UTF-16 encoding in an XML declaration has the right endianness [#4] #5 #7 Recover correctly when some reallocations fail Repair "./configure && make" for systems without any provider of high quality entropy and try reading /dev/urandom on those Ensure that user-defined character encodings have converter functions when they are needed Fix mis-leading description of argument -c in xmlwf.1 Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) for CloudABI [#100] Fix use of SIPHASH_MAIN in siphash.h [#23] Test suite: Fix memory leaks Version info bumped from 7:4:6 to 7:5:6 - Release 2.2.2 Wed July 12 2017 * Security fixes: [#43] Protect against compilation without any source of high quality entropy enabled, e.g. with CMake build system; * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; resulted in NULL dereference, previously; * Bug fixes: [#69] Fix improper use of unsigned long long integer literals * Other changes: [#73] Start requiring a C99 compiler [#49] Fix "==" Bashism in configure script [#58] Address compile warnings [#68] Fix "./buildconf.sh && ./configure" for some versions of Dash for /bin/sh [#72] CMake: Ease use of Expat in context of a parent project with multiple CMakeLists.txt files [#72] CMake: Resolve mistaken executable permissions [#76] Address compile warning with -DNDEBUG (not recommended!) [#77] Address compile warning about macro redefinition * Added patch expat-docbook.patch to compile the man pages with docbook-to-man * Cleaned spec file with spec-cleaner- Allow building when do_profiling is undefined- Build with profiling when possible- Version update to 2.2.1 Sat June 17 2017 - Security fixes: CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS Details: https://libexpat.github.io/doc/cve-2017-9233/ Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; (Fixed version of existing downstream patches!) - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off longer tag names; [#25] More integer overflow detection (function poolGrow); - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; - [MOX-005] #30 Use high quality entropy for hash initialization: * arc4random_buf on BSD, systems with libbsd (when configured with --with-libbsd), CloudABI * RtlGenRandom on Windows XP / Server 2003 and later * getrandom on Linux 3.17+ In a way, that's still part of CVE-2016-5300. https://github.com/libexpat/libexpat/pull/30/commits - [MOX-005] For the low quality entropy extraction fallback code, the parser instance address can no longer leak, - [MOX-003] Prevent use of uninitialised variable; commit - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b Add missing parameter validation to public API functions and dedicated error code XML_ERROR_INVALID_ARGUMENT: - [MOX-006] * NULL checks; commits * Negative length (XML_Parse); commit - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash to go further with fixing CVE-2012-0876. https://github.com/libexpat/libexpat/pull/39/commits - Bug fixes: [#32] Fix sharing of hash salt across parsers; relevant where XML_ExternalEntityParserCreate is called prior to XML_Parse, in particular (e.g. FBReader) [#28] xmlwf: Auto-disable use of memory-mapping (and parsing as a single chunk) for files larger than ~1 GB (2^30 bytes) rather than failing with error "out of memory" [#3] Fix double free after malloc failure in DTD code; commit 7ae9c3d3af433cd4defe95234eae7dc8ed15637f [#17] Fix memory leak on parser error for unbound XML attribute prefix with new namespaces defined in the same tag; found by Google's OSS-Fuzz; commits xmlwf on Windows: Add missing calls to CloseHandle - New features: [#30] Introduced environment switch EXPAT_ENTROPY_DEBUG=1 for runtime debugging of entropy extraction Bump version info from 7:2:6 to 7:3:6- Remove pointless --with-pic (for static only)- Version update to 2.2.0: * Fixes bnc#983215 CVE-2012-6702 * Fixes bnc#983216 CVE-2016-5300 * Various cmake and autotools script updates * Fix detection of utf8 character boundaries - Remove all patches merged upstream: * expat-2.1.1-avoid_relying_on_undef_behaviour.patch * expat-2.1.1-parser_crashes_on_malformed_input.patch * expat-alloc-size.patch * expat-visibility.patch- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid relying on undefined behavior in the original CVE-2015-1283 fix [bnc#980391], [bnc#983985], [CVE-2016-4472] - add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix Expat XML parser that mishandles certain kinds of malformed input documents [bnc#979441], [CVE-2016-0718] - use spec-cleaner to clean specfile- After simplification of expat-visibility.patch, it became uneffective as no symbols are getting hidden. add - fvisibility=hidden to CFLAGS again. - expat-alloc-size.patch: fix braino, realloc()-like functions should not take __attribute__(malloc)- Update to version 2.1.1 * Fixes CVE-2015-1283 — Multiple integer overflows in the XML_GetBuffer function * Fix potential null pointer dereference * Symbol XML_SetHashSalt was not exported * Output of xmlwf -h was incomplete * Document behavior of calling XML_SetHashSalt with salt 0 * Minor improvements to man page xmlwf(1) - Simplify expat-visibility.patch, refresh expat-alloc-size.patch - Drop config-guess-sub-update.patch, fixed upstream.- Cleanup spec file with spec-cleaner - Remove old ppc obsoletes/provideslamb07 15692261602.2.5-lp151.3.6.12.2.5-lp151.3.6.12.2.5expat.hexpat_config.hexpat_external.hlibexpat.soexpat.pc/usr/include//usr/lib64//usr/lib64/pkgconfig/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:11106/openSUSE_Leap_15.1_Update/d638451bda44bb6ccd8b7bb727d14f6c-expat.openSUSE_Leap_15.1_Updatecpioxz5x86_64-suse-linuxC source, ASCII textASCII textpkgconfig filePR)q-/Őutf-8d7aeef3d95cd93325d194bca4278fc7b82eb11b1e4b8fc3764958dee1e9c3a3d? 7zXZ !t/k36] crv(vX0~*󼛁|bbeg4'-Z[3oLu.J "~D0`c]ޭJjaQQwu>=~$eD XxnFhUh-`;}HEHL7FTt{5v?}5뢊K Шl,>c"7}jţT {"g\?@$b>VADҭU7Fj^7zm~[qh2'"£gߙ[I"D ``n$N*XeC9huI,,(r^%M6hpMD+g7bOpAy$1,*o)8DNg O`ɗ8‚鱂i&cnRgYVﭽ)r0kPcixiI³rqЕP@rZ:>F&v66ehB%}W6gGS[AN~jnL#ʳ08Ce0j]q8_pUz?5-}˯un|䋾Q[.J̾hj2=+lf{W,#W[nc~mfϕ Tamw^2n}*,==28uf[:!>]mgؐh .|.Ą%͆pBZ%]xAe'~VnOQ!KzHˣq*$ERV\ {+enK^Ehi Pm)6YɈjҼ|l{@2GPkȦhy>`B?cQ 4~dyp$g>(-/p&dX 4ڼ4S#>=_61٩))C^sOmnARgD]j~(DrKK>pB_H1W}xD ޶a=d ơTdChҫ1\!׈(qALD11Y鉗:Djb-;6F`7<C$ټmFF@-ja&C7neh<*8]O>gRreYH9G$q4}UOdƹÒ"-Vg9uG\VA}e='',hx%cr_[}YHjB;z7o[ڻ3ܶ?v7G_]9C6WY{aws *>GX-gc(ˉ[^;3LǮ}, B&|5ubO::iNFh,wƸevˁ"4uƗ)N1<Ť7ָx&LE&&7JbitΑ MU>~6*Fnc:kw`LUAe9t>Xܫd!$'?=Sy\~Lj⭧wTv*F:R.a,iɔu'7z9MXg{'V0dt-A@M=STD)-X'H\¦\즬Dlĵcϱcgrf6[_e1S bfWNouIKRU(!•XtU$/ {H!Z4ӠEIdScTj"U(*ӓ z<(>0}JENy-\P6ML#{%1a⟝^8:3ԀʤI -n,LBC|VBܣ_,8ۅ]Q}W8d]+#ݚ6Kg Jvx8a{hȯDy nwO@] R2Z{}Ban ncLj*O"\t.m[zJ☱{:JQ]t0)7HHH͋Lqja4@D"~;Nbv@Ѱ!)qPb1q]' K~ .V}={sooEj9ϻieꂴKOZ}>poz$ m]*TTu]@p?U~=;LIafKޢ+F> S~GOZ f'{K,nX'~Sfթ,3ӭZ lBz@< +WH\YAK 12EO`خ|ƞz *vK"\EZ}s68/иGnPg: 6lNC>X]j.`JOjvjc5@]vLpyf~`aGL蘨P+O]Қouv~W&*RrW4n$6MUph fg и @y qurP YV:7{<4*W!x3OT7d#]H@*Y3׷Va*A5z M4#X!M-p7KC}13(( ipTi\UJs`=Gas 7a1UXX&&|;BIl1wtPk  0P6<{>j 2!-y<9_1Y2X"Z,cѝC<98U$:,gs}$;kpń׉Bͭ-,6*yъ ˫kG DKhM(ok~:?M)J y5$&7Tfta E茌Q/#5sS{ODLA]|a#;iY{ӞQɅKBJI4Ǡ[J?'!aTY2$G`(.6roio<\ wpELom1PI1K)3L d<:"LЍvvVk|RU߀RU%LzG}fsԤ(|w(ǃm3eglt@U˅ 5AL2mq6޳Z]1-4ú|G r-\qVMZE,ό6vRL0ŨD]V7p΍XEIPJ'WJB{'N i-ms!2_g0O 'A@>'Dng>7j%%Gt+t!rq.~A qwDh-|22\Ym[*ae~۪V__g rHoc<|} 2\;Y;dJjSTu&-Pjޝ}̩#)r7B,̀-t^V$eOlAˉ[b]*#ɶ $J3lhmAq4s'6=h>'zHv]B4E"Jo|fUPրoiB_jWR˙i|ylWs" ~dNf?ӽ6G\INCa#"~<߲QgGF.E?Р6)3J#g-!=՗- wD-D- ,#*@w' Ekd$AGqv(%(l-?0d0 o^5w 7ItA3ʤ~п0 *|(̜e+⶷m4}[Aө6^ITJrznJc*M80 n] d<3.r[^ʳd' +gD[̬zoz#hxR9~@ ٓ"SۊS9x.=Pˎ1'^ ]Xx^ԙQ2ҦyNvݼaŁ{=:q^!N:"~s+1ָrIL R[Hߖe>W)h|ji;x7rGMɊ<7ݮ ťO-]b"㯝koD~sR%Z9bܕnzL"@e{]^ -E3|kT&ߞ5޾f\FYuNw"+qS ^ f&ˁQqF$hn72*=cLVfO]_Ĵk4[İv6k BΙz9-*@{#4uN uFSEGprBW}#9 $ :s { Qd;q{N޻4~oL]oq57X[G/,a{1zCS O#y 5ra.١ue5f5[ޝ"_?ĉ+ؕAZz/` أ5evO<3yio:*k9$I db+@oE_yAS›w{q! ?1cw rwB̖nԬ̘4 1~`jhzޞYVgHYęХG*x׶yP24e*s`6 Ft&_3R}pjlhg݀D`.2Fs$#.AF1wغ]ևN|&s9!C}-{2 =QϲT^;Oouy+{V==)7W6g;W 1~-xJD^yY UW08h67 y wywZu݇I[P=V)C/@n8 I2AdZ.S bt:V~O@,#f=FvM&-rt"qYlD[nc_ync6Ǫ<肢'ԇ$Bgk D wQ }oj'!p;-zU݊|9j(;?X괘#jGJt*>8rg[/֓3Ů*[%7(CnQ<;n)ONWLʕ-D?vk (8Ͽ58ꀖe*mLw:Yz8VesoДb`) l@)ߜ'F*Ϝ,[A81 P˺/"!ͼA3AZ1ӗB%ԣ=L|`t8o lĴL~HG[0[+벦 +Xyb@Lrf'Z7v:@">WLwX9T=)Zs2GW A-vrREuhB{u9Z Vȇ-:jwu)~\ݫ`=`/ՙs*_/pJE^jr&2= ;dp lW$UC FuKzf \K=rOMYinS:osW@7+{!Ӻ}' نR^G (LS{# ڜ7=@DVE@7eЩ=*QC^?5zM{D P-e/ .u3?fd8*O` Vܠ4RRXz޳ "M0ؼySBb+ [A!K`N #q`A3ك8EfòWuaP2+gf5 8TeD8sVp<do3KbDdY@$wI1jOrcK=:r_z7Y 6J-o258=k)BewfGuw6N & p#̨,K-_[*5 &ϕ(gi`,=]""xo$9Ll.J-\ C舸~v2eXm@7>>pwBݠgGeW<RAfį,40V7?j-mWHUzcY֔(PDZj&g>6ڥ,uk@Iej|21Ttoo;e,vmC`HbASrya`ZVi6P+usa%DŽ˙_'.ݘyA؝`(nm*ȘR޷Jk5D9gl*EStSC-U7}7GlEA)ClIr@;A-KϽyT$]Y#+";No ldMkE)Ud60kpںZ} q{/S`s e8 d'@ޫ PAçnW'iǂs>Ax{M^i~p2Y2fcO|`CIftGxsdžNV5\40t ˫3gć<0St%m>WPns@DL@ 1rk@r,e~gvH=+u|sxÉA Qժf;_D@W4nYKʙHKFVt(]伩S2۠7{l僐@A]@x4 v8 n߫R=Iad &̱[k33$ޛVg-P/wc9j'BUH٬og[h幼2 φ#krgQP+_4dK(/UL!t#A-`ؽ"U"t hq&` k-qv e/Ɨʎa>& 5`W 56;$( -S! qE>B1AWp3wS| [8Ft +6=_b d>Ur[A$[u-rqAQFWE9RmHN) h{sm} /Ju(y#5:^"aBNb\|?[bN6l-v ƅY~ {GG8lpݤY< z) Z`#F, Pg$Z_sZU -^馅\Uʛ%KºKnjlKҋUXg lڹhcqŗWKJB$}qeGPzjÕFޟ|M!Z]@dkU\m=&tu\v`$+}QJfE:SyaX 8~F3Օ*>; n (7}(%tJ86L#3]ص+$e H|>|!YjML֤&Pc7x.hnKuM{X/- 4׊c)ιs9t&qVrhZxd:~^p,S!ydG<YE׏]\TWUЄXtFTZ4CQJuX|.R}^Ij O`˜d֖4R'8#*O&0N/jEJ*i奈ӒE)j|}]FgeqX(!)T")Djͪla@nآh|sB{Q9.ɆA~co(E6}b!w^cPɑwut<:bª1wPoV96/b)-:gl_l<giS5:G+]5[o5B8- T92W:owf;mIU>bUT=@aLCCYQ=Bht$Pv+Yv}[A{ J\q{#ARo'MrHxu-d9@8%& p+JhKc 'dzD!sE*ʹЎ-Y2/Y?JlJFFKۜرXǬ{UkCO.#G{._g}zbӎ4Y\7'MGsT]eMM 3>7y=_+4 W4=bmD}}ˉSOr^wȲRAX|Lv9me&0}r;Gp["W7G_3iMsPdu8tKn2_){z 2xBneٔ#o^O5OI}3\QvREdWMqfxHg.Tl 5m'T%q w>ksbn,OHCz~_tK>˜o:!e~/5zev k6yO