TinyXML-2 is a simple, small, efficient, C++ XML parser that can be easily
integrated into other programs.
In brief, TinyXML-2 parses an XML document, and builds from that a Document
Object Model (DOM) that can be read, modified, and saved.
tweak + ok sthen@
pugixml is a portable and light-weight C++ XML processing library.
It features:
- DOM-like interface with rich traversal/modification capabilities
- Extremely fast non-validating XML parser which constructs the DOM tree
from an XML file/buffer
- XPath 1.0 implementation for complex data-driven tree queries
- Full Unicode support with Unicode interface variants and automatic
encoding conversions
CVE-2015-8242 Buffer overead with HTML parser in push mode
CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
CVE-2015-7499-2 Detect incoherency on GROW
CVE-2015-7499-1 Add xmlHaltParser() to stop the parser
CVE-2015-5312 Another entity expansion issue
CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
CVE-2015-7498 Avoid processing entities after encoding conversion failures
CVE-2015-8035 Fix XZ compression support loop
CVE-2015-7942-2 Fix an error in previous Conditional section patch
CVE-2015-7942 Another variation of overflow in Conditional sections
CVE-2015-1819 Enforce the reader to run in constant memory
CVE-2015-7941_2 Cleanup conditional section error handling
CVE-2015-7941_1 Stop parsing on entities boundaries errors
Note that there's a new libxml release out, but it's in a bulk currently...
NB: please update your configuration with 'sysmerge -p'; there have been
many changes to the default elasticsearch.yml: e.g. the default configuration
will bind to 127.0.0.1 and will no longer automatically form a cluster.
please refer to https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html
for more information; adding @ask-update to prevent broken clusters
- many fixes and improvements to EPUB support
- mudraw moves to the multi-purpose mutool binary
- add new OpenGL-based viewer, mupdf-gl
- add an optional flavour to enable the javascript support (wasn't
on by default before in our package, and still isn't)
