to public interfaces of the library get resolved directly, rather than go
through the plt, when libxml is build as a shared library.
This is similar to what is done in libc and a few other libraries.
This logic is made conditional and currently only enabled under linux when
building with a compiler advertizing itself as gcc >= 3.3..
By enabling it on OpenBSD, the number of relocations in libxml2.so.16.1 (as
computed from objdump -R /usr/local/lib/libxml2.so.16.1 | wc -l) decreases from
4350 (4357 lines of output) to 3484 (3491 lines of output).
from Miod, thanks++
survived a bulk
runtime tested with a full blown GNOME Desktop, Libreoffice, Chromium...
ok jasper@
it unbreak py-lxml testsuite (specially test_thread_error_log).
the --without-threads was used long time ago before we got rthreads. it should be fine now.
I checked that the distfiles still fetched from their alternative
source.
There still remains two issues with converters/xlhtml (no other source
for the oooooold version we have in tree) and the gentoo patch in
x11/qt3.
CVE-2015-8242 Buffer overead with HTML parser in push mode
CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
CVE-2015-7499-2 Detect incoherency on GROW
CVE-2015-7499-1 Add xmlHaltParser() to stop the parser
CVE-2015-5312 Another entity expansion issue
CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
CVE-2015-7498 Avoid processing entities after encoding conversion failures
CVE-2015-8035 Fix XZ compression support loop
CVE-2015-7942-2 Fix an error in previous Conditional section patch
CVE-2015-7942 Another variation of overflow in Conditional sections
CVE-2015-1819 Enforce the reader to run in constant memory
CVE-2015-7941_2 Cleanup conditional section error handling
CVE-2015-7941_1 Stop parsing on entities boundaries errors
Note that there's a new libxml release out, but it's in a bulk currently...
"certain XML parsers/servers are affected by the same, or similar,
flaw as the hash table collisions CPU usage denial of service.
Sending a specially crafted message to an XML service can result
in longer processing time, which could lead to a denial of service.
It is reported that this attack on XML can be applied on different
XML nodes (such as entities, element attributes, namespaces, various
elements in the XML security, etc.)."
