Releases

From 6657afe83a38278f124ace71dc85f60420beb2d5 Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Fri, 20 Nov 2015 17:55:11 +0800 Subject: Release of libxml2-2.9.3 * configure.ac: updated * doc/*: regenerated --- configure.ac | 2 +- doc/APIfiles.html | 1 + doc/APIsymbols.html | 1 + doc/devhelp/libxml2-tree.html | 3 +- doc/devhelp/libxml2.devhelp | 1 + doc/html/libxml-tree.html | 1 + doc/libxml2-api.xml | 8 +- doc/libxml2-refs.xml | 3 + doc/libxml2.xsa | 253 ++++++++++++++++++++++++++++-------------- doc/news.html | 73 +++++++++++- doc/xml.html | 73 ++++++++++++ python/setup.py | 2 +- testapi.c | 8 +- 13 files changed, 335 insertions(+), 94 deletions(-) diff --git a/configure.ac b/configure.ac index 48e0577b..02602814 100644 --- a/configure.ac +++ b/configure.ac @@ -8,7 +8,7 @@ AC_CANONICAL_HOST LIBXML_MAJOR_VERSION=2 LIBXML_MINOR_VERSION=9 -LIBXML_MICRO_VERSION=2 +LIBXML_MICRO_VERSION=3 LIBXML_MICRO_VERSION_SUFFIX= LIBXML_VERSION=$LIBXML_MAJOR_VERSION.$LIBXML_MINOR_VERSION.$LIBXML_MICRO_VERSION$LIBXML_MICRO_VERSION_SUFFIX LIBXML_VERSION_INFO=`expr $LIBXML_MAJOR_VERSION + $LIBXML_MINOR_VERSION`:$LIBXML_MICRO_VERSION:$LIBXML_MINOR_VERSION diff --git a/doc/APIfiles.html b/doc/APIfiles.html index 65e004be..2252a6b0 100644 --- a/doc/APIfiles.html +++ b/doc/APIfiles.html @@ -1309,6 +1309,7 @@ A:link, A:visited, A:active { text-decoration: underline } XML_ATTRIBUTE_NONE
XML_ATTRIBUTE_NOTATION
XML_ATTRIBUTE_REQUIRED
+XML_BUFFER_ALLOC_BOUNDED
XML_BUFFER_ALLOC_DOUBLEIT
XML_BUFFER_ALLOC_EXACT
XML_BUFFER_ALLOC_HYBRID
diff --git a/doc/APIsymbols.html b/doc/APIsymbols.html index c2b82e7d..cdde358d 100644 --- a/doc/APIsymbols.html +++ b/doc/APIsymbols.html @@ -154,6 +154,7 @@ A:link, A:visited, A:active { text-decoration: underline } XML_ATTRIBUTE_NONE
XML_ATTRIBUTE_NOTATION
XML_ATTRIBUTE_REQUIRED
+XML_BUFFER_ALLOC_BOUNDED
XML_BUFFER_ALLOC_DOUBLEIT
XML_BUFFER_ALLOC_EXACT
XML_BUFFER_ALLOC_HYBRID
diff --git a/doc/devhelp/libxml2-tree.html b/doc/devhelp/libxml2-tree.html index 3cc28c71..5f8d1f28 100644 --- a/doc/devhelp/libxml2-tree.html +++ b/doc/devhelp/libxml2-tree.html @@ -409,7 +409,8 @@ The content of this structure is not made public by the API. XML_BUFFER_ALLOC_EXACT = 2 /* grow only to the minimal size */ XML_BUFFER_ALLOC_IMMUTABLE = 3 /* immutable buffer */ XML_BUFFER_ALLOC_IO = 4 /* special allocation scheme used for I/O */ - XML_BUFFER_ALLOC_HYBRID = 5 /* exact up to a threshold, and doubleit thereafter */ + XML_BUFFER_ALLOC_HYBRID = 5 /* exact up to a threshold, and doubleit thereafter */ + XML_BUFFER_ALLOC_BOUNDED = 6 /* limit the upper size of the buffer */ };

diff --git a/doc/devhelp/libxml2.devhelp b/doc/devhelp/libxml2.devhelp index 282546ab..fbd3ad4a 100644 --- a/doc/devhelp/libxml2.devhelp +++ b/doc/devhelp/libxml2.devhelp @@ -351,6 +351,7 @@ + diff --git a/doc/html/libxml-tree.html b/doc/html/libxml-tree.html index e2081cc5..d1d005f6 100644 --- a/doc/html/libxml-tree.html +++ b/doc/html/libxml-tree.html @@ -305,6 +305,7 @@ The content of this structure is not made public by the API. XML_BUFFER_ALLOC_IMMUTABLE = 3 : immutable buffer XML_BUFFER_ALLOC_IO = 4 : special allocation scheme used for I/O XML_BUFFER_ALLOC_HYBRID = 5 : exact up to a threshold, and doubleit thereafter + XML_BUFFER_ALLOC_BOUNDED = 6 : limit the upper size of the buffer }

Structure xmlDOMWrapCtxt

Structure xmlDOMWrapCtxt
struct _xmlDOMWrapCtxt {
     void *	_private	: * The type of this context, just in case
diff --git a/doc/libxml2-api.xml b/doc/libxml2-api.xml
index f83d14f0..5573f0c5 100644
--- a/doc/libxml2-api.xml
+++ b/doc/libxml2-api.xml
@@ -1441,12 +1441,12 @@
      
      
      
-     
+     
      
      
      
      
-     
+     
      
      
      
@@ -1459,6 +1459,7 @@
      
      
      
+     
      
      
      
@@ -4702,9 +4703,10 @@
     
     
     
+    
     
     
-    
+    
     
     
     
diff --git a/doc/libxml2-refs.xml b/doc/libxml2-refs.xml
index f42fab4e..71586099 100644
--- a/doc/libxml2-refs.xml
+++ b/doc/libxml2-refs.xml
@@ -148,6 +148,7 @@
     
     
     
+    
     
     
     
@@ -3749,6 +3750,7 @@
       
       
       
+      
       
       
       
@@ -12100,6 +12102,7 @@
       
       
       
+      
       
       
       
diff --git a/doc/libxml2.xsa b/doc/libxml2.xsa
index da61d57d..0825d53f 100644
--- a/doc/libxml2.xsa
+++ b/doc/libxml2.xsa
@@ -8,95 +8,182 @@
   
   
     libxml2
-    2.9.1
-     Apr 19 2013
+    2.9.2
+     Oct 16 2014
     http://xmlsoft.org/
-       -  Features:
-    Support for Python3 (Daniel Veillard),
-    Add xmlXPathSetContextNode and xmlXPathNodeEval (Alex Bligh)
+       - Security:
+  Fix for CVE-2014-3660 billion laugh variant (Daniel Veillard),
+  CVE-2014-0191 Do not fetch external parameter entities (Daniel Veillard)
   
-   -  Documentation:
-    Add documentation for xmllint --xpath (Daniel Veillard),
-    Fix the URL of the SAX documentation from James (Daniel Veillard),
-    Fix spelling of "length". (Michael Wood)
+   - Bug Fixes:
+  fix memory leak xml header encoding field with XML_PARSE_IGNORE_ENC (Bart De Schuymer),
+  xmlmemory: handle realloc properly (Yegor Yefremov),
+  Python generator bug raised by the const change (Daniel Veillard),
+  Windows Critical sections not released correctly (Daniel Veillard),
+  Parser error on repeated recursive entity expansion containing &lt; (Daniel Veillard),
+  xpointer : fixing Null Pointers (Gaurav Gupta),
+  Remove Unnecessary Null check in xpointer.c (Gaurav Gupta),
+  parser bug on misformed namespace attributes (Dennis Filder),
+  Pointer dereferenced before null check (Daniel Veillard),
+  Leak of struct addrinfo in xmlNanoFTPConnect() (Gaurav Gupta),
+  Possible overflow in HTMLParser.c (Daniel Veillard),
+  python/tests/sync.py assumes Python dictionaries are ordered (John Beck),
+  Fix Enum check and missing break (Gaurav Gupta),
+  xmlIO: Handle error returns from dup() (Philip Withnall),
+  Fix a problem properly saving URIs (Daniel Veillard),
+  wrong error column in structured error when parsing attribute values (Juergen Keil),
+  wrong error column in structured error when skipping whitespace in xml decl (Juergen Keil),
+  no error column in structured error handler for xml schema validation errors (Juergen Keil),
+  Couple of Missing Null checks (Gaurav Gupta),
+  Add couple of missing Null checks (Daniel Veillard),
+  xmlschemastypes: Fix potential array overflow (Philip Withnall),
+  runtest: Fix a memory leak on parse failure (Philip Withnall),
+  xmlIO: Fix an FD leak on gzdopen() failure (Philip Withnall),
+  xmlcatalog: Fix a memory leak on quit (Philip Withnall),
+  HTMLparser: Correctly initialise a stack allocated structure (Philip Withnall),
+  Check for tmon in _xmlSchemaDateAdd() is incorrect (David Kilzer),
+  Avoid Possible Null Pointer in trio.c (Gaurav Gupta),
+  Fix processing in SAX2 in case of an allocation failure (Daniel Veillard),
+  XML Shell command "cd" does not handle "/" at end of path (Daniel Veillard),
+  Fix various Missing Null checks (Gaurav Gupta),
+  Fix a potential NULL dereference (Daniel Veillard),
+  Add a couple of misisng check in xmlRelaxNGCleanupTree (Gaurav Gupta),
+  Add a missing argument check (Gaurav Gupta),
+  Adding a check in case of allocation error (Gaurav Gupta),
+  xmlSaveUri() incorrectly recomposes URIs with rootless paths (Dennis Filder),
+  Adding some missing NULL checks (Gaurav),
+  Fixes for xmlInitParserCtxt (Daniel Veillard),
+  Fix regressions introduced by CVE-2014-0191 patch (Daniel Veillard),
+  erroneously ignores a validation error if no error callback set (Daniel Veillard),
+  xmllint was not parsing the --c14n11 flag (Sérgio Batista),
+  Avoid Possible null pointer dereference in memory debug mode (Gaurav),
+  Avoid Double Null Check (Gaurav),
+  Restore context size and position after XPATH_OP_ARG (Nick Wellnhofer),
+  Fix xmlParseInNodeContext() if node is not element (Daniel Veillard),
+  Avoid a possible NULL pointer dereference (Gaurav),
+  Fix xmlTextWriterWriteElement when a null content is given (Daniel Veillard),
+  Fix an typo 'onrest' in htmlScriptAttributes (Daniel Veillard),
+  fixing a ptotential uninitialized access (Daniel Veillard),
+  Fix an fd leak in an error case (Daniel Veillard),
+  Missing initialization for the catalog module (Daniel Veillard),
+  Handling of XPath function arguments in error case (Nick Wellnhofer),
+  Fix a couple of missing NULL checks (Gaurav),
+  Avoid a possibility of dangling encoding handler (Gaurav),
+  Fix HTML push parser to accept HTML_PARSE_NODEFDTD (Arnold Hendriks),
+  Fix a bug loading some compressed files (Mike Alexander),
+  Fix XPath node comparison bug (Gaurav),
+  Type mismatch in xmlschemas.c (Gaurav),
+  Type mismatch in xmlschemastypes.c (Gaurav),
+  Avoid a deadcode in catalog.c (Daniel Veillard),
+  run close socket on Solaris, same as we do on other platforms (Denis Pauk),
+  Fix pointer dereferenced before null check (Gaurav),
+  Fix a potential NULL dereference in tree code (Daniel Veillard),
+  Fix potential NULL pointer dereferences in regexp code (Gaurav),
+  xmllint --pretty crashed without following numeric argument (Tim Galeckas),
+  Fix XPath expressions of the form '@ns:*' (Nick Wellnhofer),
+  Fix XPath '//' optimization with predicates (Nick Wellnhofer),
+  Clear up a potential NULL dereference (Daniel Veillard),
+  Fix a possible NULL dereference (Gaurav),
+  Avoid crash if allocation fails (Daniel Veillard),
+  Remove occasional leading space in XPath number formatting (Daniel Veillard),
+  Fix handling of mmap errors (Daniel Veillard),
+  Catch malloc error and exit accordingly (Daniel Veillard),
+  missing else in xlink.c (Ami Fischman),
+  Fix a parsing bug on non-ascii element and CR/LF usage (Daniel Veillard),
+  Fix a regression in xmlGetDocCompressMode() (Daniel Veillard),
+  properly quote the namespace uris written out during c14n (Aleksey Sanin),
+  Remove premature XInclude check on URI being relative (Alexey Neyman),
+  Fix missing break on last() function for attributes (dcb),
+  Do not URI escape in server side includes (Romain Bondue),
+  Fix an error in xmlCleanupParser (Alexander Pastukhov)
   
-   -  Portability:
-    Fix python bindings with versions older than 2.7 (Daniel Veillard),
-    rebuild docs:Makefile.am (Roumen Petrov),
-    elfgcchack.h after rebuild in doc (Roumen Petrov),
-    elfgcchack for buf module (Roumen Petrov),
-    Fix a uneeded and wrong extra link parameter (Daniel Veillard),
-    Few cleanup patches for Windows (Denis Pauk),
-    Fix rpmbuild --nocheck (Mark Salter),
-    Fix for win32/configure.js and WITH_THREAD_ALLOC (Daniel Richard),
-    Fix Broken multi-arch support in xml2-config (Daniel Veillard),
-    Fix a portability issue for GCC < 3.4.0 (Daniel Veillard),
-    Windows build fixes (Daniel Richard),
-    Fix a thread portability problem (Friedrich Haubensak),
-    Downgrade autoconf requirement to 2.63 (Daniel Veillard)
+   - Documentation:
+  typo in error messages "colon are forbidden from..." (Daniel Veillard),
+  Fix a link to James SAX documentation old page (Daniel Veillard),
+  Fix typos in relaxng.c (Jan Pokorný),
+  Fix a doc typo (Daniel Veillard),
+  Fix typos in {tree,xpath}.c (errror) (Jan Pokorný),
+  Add limitations about encoding conversion (Daniel Veillard),
+  Fix typos in xmlschemas{,types}.c (Jan Pokorný),
+  Fix incorrect spelling entites->entities (Jan Pokorný),
+  Forgot to document 2.9.1 release, regenerate docs (Daniel Veillard)
   
-   -  Bug Fixes:
-    Fix a linking error for python bindings (Daniel Veillard),
-    Fix a couple of return without value (Jüri Aedla),
-    Improve the hashing functions (Daniel Franke),
-    Improve handling of xmlStopParser() (Daniel Veillard),
-    Remove risk of lockup in dictionary initialization (Daniel Veillard),
-    Activate detection of encoding in external subset (Daniel Veillard),
-    Fix an output buffer flushing conversion bug (Mikhail Titov),
-    Fix an old bug in xmlSchemaValidateOneElement (Csaba László),
-    Fix configure cannot remove messages (Gilles Espinasse),
-    fix schema validation in combination with xsi:nil (Daniel Veillard),
-    xmlCtxtReadFile doesn't work with literal IPv6 URLs (Steve Wolf),
-    Fix a few problems with setEntityLoader (Alexey Neyman),
-    Detect excessive entities expansion upon replacement (Daniel Veillard),
-    Fix the flushing out of raw buffers on encoding conversions (Daniel,
-Veillard),
-    Fix some buffer conversion issues (Daniel Veillard),
-    When calling xmlNodeDump make sure we grow the buffer quickly (Daniel,
-Veillard),
-    Fix an error in the progressive DTD parsing code (Dan Winship),
-    xmllint should not load DTD by default when using the reader (Daniel,
-Veillard),
-    Try IBM-037 when looking for EBCDIC handlers (Petr Sumbera),
-    Fix potential out of bound access (Daniel Veillard),
-    Fix large parse of file from memory (Daniel Veillard),
-    Fix a bug in the nsclean option of the parser (Daniel Veillard),
-    Fix a regression in 2.9.0 breaking validation while streaming (Daniel,
-Veillard),
-    Remove potential calls to exit() (Daniel Veillard)
+   - Portability:
+  AC_CONFIG_FILES and executable bit (Roumen Petrov),
+  remove HAVE_CONFIG_H dependency in testlimits.c (Roumen Petrov),
+  fix some tabs mixing incompatible with python3 (Roumen Petrov),
+  Visual Studio 14 CTP defines snprintf() (Francis Dupont),
+  OS400: do not try to copy unexisting doc files (Patrick Monnerat),
+  OS400: use either configure.ac or configure.in. (Patrick Monnerat),
+  os400: make-src.sh: create physical file with target CCSID (Patrick Monnerat),
+  OS400: Add some more C macros equivalent procedures. (Patrick Monnerat),
+  OS400: use C macros to implement equivalent RPG support procedures. (Patrick Monnerat),
+  OS400: implement XPath macros as procedures for ILE/RPG support. (Patrick Monnerat),
+  OS400: include in distribution tarball. (Patrick Monnerat),
+  OS400: Add README: compilation directives and OS/400 specific stuff. (Patrick Monnerat),
+  OS400: Add compilation scripts. (Patrick Monnerat),
+  OS400: ILE RPG language header files. (Patrick Monnerat),
+  OS400: implement some macros as functions for ILE/RPG language support (that as no macros). (Patrick Monnerat),
+  OS400: UTF8<-->EBCDIC wrappers for system and external library calls (Patrick Monnerat),
+  OS400: Easy character transcoding support (Patrick Monnerat),
+  OS400: iconv functions compatibility wrappers and table builder. (Patrick Monnerat),
+  OS400: create architecture directory. Implement dlfcn emulation. (Patrick Monnerat),
+  Fix building when configuring without xpath and xptr (Daniel Veillard),
+  configure: Add --with-python-install-dir (Jonas Eriksson),
+  Fix compilation with minimum and xinclude. (Nicolas Le Cam),
+  Compile out use of xmlValidateNCName() when not available. (Nicolas Le Cam),
+  Fix compilation with minimum and schematron. (Nicolas Le Cam),
+  Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement(). (Nicolas Le Cam),
+  Don't use xmlValidateName() when not available. (Nicolas Le Cam),
+  Fix a portability issue on Windows (Longstreth Jon),
+  Various portability patches for OpenVMS (Jacob (Jouk) Jansen),
+  Use specific macros for portability to OS/400 (Patrick Monnerat),
+  Add macros needed for OS/400 portability (Patrick Monnerat),
+  Portability patch for fopen on OS/400 (Patrick Monnerat),
+  Portability fixes for OS/400 (Patrick Monnerat),
+  Improve va_list portability (Patrick Monnerat),
+  Portability fix (Patrick Monnerat),
+  Portability fix (Patrick Monnerat),
+  Generic portability fix (Patrick Monnerat),
+  Shortening lines in headers (Patrick Monnerat),
+  build: Use pkg-config to find liblzma in preference to AC_CHECK_LIB (Philip Withnall),
+  build: Add @LZMA_LIBS@ to libxml’s pkg-config files (Philip Withnall),
+  fix some tabs mixing incompatible with python3 (Daniel Veillard),
+  add additional defines checks for support "./configure --with-minimum" (Denis Pauk),
+  Another round of fixes for older versions of Python (Arfrever Frehtes Taifersar Arahesis),
+  python: fix drv_libxml2.py for python3 compatibility (Alexandre Rostovtsev),
+  python: Fix compiler warnings when building python3 bindings (Armin K),
+  Fix for compilation with python 2.6.8 (Petr Sumbera)
   
-   -  Improvements:
-    Regenerated API, and testapi, rebuild documentation (Daniel Veillard),
-    Fix tree iterators broken by 2to3 script (Daniel Veillard),
-    update all tests for Python3 and Python2 (Daniel Veillard),
-    A few more fixes for python 3 affecting libxml2.py (Daniel Veillard),
-    Fix compilation on Python3 (Daniel Veillard),
-    Converting apibuild.py to python3 (Daniel Veillard),
-    First pass at starting porting to python3 (Daniel Veillard),
-    updated configure.in for python3 (Daniel Veillard),
-    Add support for xpathRegisterVariable in Python (Shaun McCance),
-    Added a regression tests from bug 694228 data (Daniel Veillard),
-    Cache presence of '<' in entities content (Daniel Veillard),
-    Avoid extra processing on entities (Daniel Veillard),
-    Python binding for xmlRegisterInputCallback (Alexey Neyman),
-    Python bindings: DOM casts everything to xmlNode (Alexey Neyman),
-    Define LIBXML_THREAD_ALLOC_ENABLED via xmlversion.h (Tim Starling),
-    Adding streaming validation to runtest checks (Daniel Veillard),
-    Add a --pushsmall option to xmllint (Daniel Veillard)
+   - Improvements:
+  win32/libxml2.def.src after rebuild in doc (Roumen Petrov),
+  elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() (Roumen Petrov),
+  elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode (Roumen Petrov),
+  Provide cmake module (Samuel Martin),
+  Fix a couple of issues raised by make dist (Daniel Veillard),
+  Fix and add const qualifiers (Kurt Roeckx),
+  Preparing for upcoming release of 2.9.2 (Daniel Veillard),
+  Fix zlib and lzma libraries check via command line (Dmitriy),
+  wrong error column in structured error when parsing end tag (Juergen Keil),
+  doc/news.html: small update to avoid line join while generating NEWS. (Patrick Monnerat),
+  Add methods for python3 iterator (Ron Angeles),
+  Support element node traversal in document fragments. (Kyle VanderBeek),
+  xmlNodeSetName: Allow setting the name to a substring of the currently set name (Tristan Van Berkom),
+  Added macros for argument casts (Eric Zurcher),
+  adding init calls to xml and html Read parsing entry points (Daniel Veillard),
+  Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c (Jan Pokorný),
+  Implement choice for name classes on attributes (Shaun McCance),
+  Two small namespace tweaks (Daniel Veillard),
+  xmllint --memory should fail on empty files (Daniel Veillard),
+  Cast encoding name to char pointer to match arg type (Nikolay Sivov)
   
-   -  Cleanups:
-    Switched comment in file to UTF-8 encoding (Daniel Veillard),
-    Extend gitignore (Daniel Veillard),
-    Silent the new python test on input (Alexey Neyman),
-    Cleanup of a duplicate test (Daniel Veillard),
-    Cleanup on duplicate test expressions (Daniel Veillard),
-    Fix compiler warning after 153cf15905cf4ec080612ada6703757d10caba1e (Patrick,
-Gansterer),
-    Spec cleanups and a fix for multiarch support (Daniel Veillard),
-    Silence a clang warning (Daniel Veillard),
-    Cleanup the Copyright to be pure MIT Licence wording (Daniel Veillard),
-    rand_seed should be static in dict.c (Wouter Van Rooy),
-    Fix typos in parser comments (Jan Pokorný)
+   - Cleanups:
+  Removal of old configure.in (Daniel Veillard),
+  Unreachable code in tree.c (Gaurav Gupta),
+  Remove a couple of dead conditions (Gaurav Gupta),
+  Avoid some dead code and cleanup in relaxng.c (Gaurav),
+  Drop not needed checks (Denis Pauk),
+  Fix a wrong test (Daniel Veillard)
   
 
 
diff --git a/doc/news.html b/doc/news.html
index 5c03ba32..e76ef558 100644
--- a/doc/news.html
+++ b/doc/news.html
@@ -8,7 +8,78 @@ H2 {font-family: Verdana,Arial,Helvetica}
 H3 {font-family: Verdana,Arial,Helvetica}
 A:link, A:visited, A:active { text-decoration: underline }
 Releases The XML C parser and toolkit of Gnome
Releases
Main Menu
Home
Reference Manual
Introduction
FAQ
Developer Menu
Reporting bugs and getting help
How to help
Downloads
Releases
XML
XSLT
Validation & DTDs
Encodings support
Catalog support
Namespaces
Contributions
Code Examples
API Menu
XML Guidelines
Recent Changes
Related links
Mail archive
XSLT libxslt
DOM gdome2
XML-DSig xmlsec
FTP
Windows binaries
Solaris binaries
MacOsX binaries
lxml Python bindings
Perl bindings
C++ bindings
PHP bindings
Pascal bindings
Ruby bindings
Tcl bindings
Bug Tracker The change log describes the recents commits
-to the GIT code base.
Here is the list of public releases:
2.9.2: Oct 16 2014

+to the GIT code base.
Here is the list of public releases:
v2.9.3: Nov 20 2015

+  Security:

+  CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport),

+  CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard),

+  CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard),

+  CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard),

+  CVE-2015-5312 Another entity expansion issue (David Drysdale),

+  CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale),

+  CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard),

+  CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard),

+  CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard),

+  CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard),

+  CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard)

+  CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard),

+  CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard),

+  
+
+  Documentation:

+  Correct spelling of "calling" (Alex Henrie),

+  Fix a small error in xmllint --format description (Fabien Degomme),

+  Avoid XSS on the search of xmlsoft.org (Daniel Veillard)

+  
+
+  Portability:

+  threads: use forward declarations only for glibc (Michael Heimpold),

+  Update Win32 configure.js to search for configure.ac (Daniel Veillard)

+  
+
+  Bug Fixes:

+  Bug on creating new stream from entity (Daniel Veillard),

+  Fix some loop issues embedding NEXT (Daniel Veillard),

+  Do not print error context when there is none (Daniel Veillard),

+  Avoid extra processing of MarkupDecl when EOF (Hugh Davenport),

+  Fix parsing short unclosed comment uninitialized access (Daniel Veillard),

+  Add missing Null check in xmlParseExternalEntityPrivate (Gaurav Gupta),

+  Fix a bug in CData error handling in the push parser (Daniel Veillard),

+  Fix a bug on name parsing at the end of current input buffer (Daniel Veillard),

+  Fix the spurious ID already defined error (Daniel Veillard),

+  Fix previous change to node sort order (Nick Wellnhofer),

+  Fix a self assignment issue raised by clang (Scott Graham),

+  Fail parsing early on if encoding conversion failed (Daniel Veillard),

+  Do not process encoding values if the declaration if broken (Daniel Veillard),

+  Silence clang's -Wunknown-attribute (Michael Catanzaro),

+  xmlMemUsed is not thread-safe (Martin von Gagern),

+  Fix support for except in nameclasses (Daniel Veillard),

+  Fix order of root nodes (Nick Wellnhofer),

+  Allow attributes on descendant-or-self axis (Nick Wellnhofer),

+  Fix the fix to Windows locking (Steve Nairn),

+  Fix timsort invariant loop re: Envisage article (Christopher Swenson),

+  Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer),

+  Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer),

+  Remove various unused value assignments (Philip Withnall),

+  Fix missing entities after CVE-2014-3660 fix (Daniel Veillard),

+  Revert "Missing initialization for the catalog module" (Daniel Veillard)

+  
+
+  Improvements:

+  Reuse xmlHaltParser() where it makes sense (Daniel Veillard),

+  xmlStopParser reset errNo (Daniel Veillard),

+  Reenable xz support by default (Daniel Veillard),

+  Recover unescaped less-than character in HTML recovery parsing (Daniel Veillard),

+  Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance),

+  Regression test for bug #695699 (Nick Wellnhofer),

+  Add a couple of XPath tests (Nick Wellnhofer),

+  Add Python 3 rpm subpackage (Tomas Radej),

+  libxml2-config.cmake.in: update include directories (Samuel Martin),

+  Adding example from bugs 738805 to regression tests (Daniel Veillard)

+  
+
+  Cleanups:

+  
+
2.9.2: Oct 16 2014

   Security:

   Fix for CVE-2014-3660 billion laugh variant (Daniel Veillard),

   CVE-2014-0191 Do not fetch external parameter entities (Daniel Veillard)

diff --git a/doc/xml.html b/doc/xml.html
index 373285d2..51dca8c3 100644
--- a/doc/xml.html
+++ b/doc/xml.html
@@ -709,6 +709,79 @@ to the GIT code base.
 
 Here is the list of public releases:
 
+v2.9.3: Nov 20 2015
+
+  Security:

+  CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport),

+  CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard),

+  CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard),

+  CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard),

+  CVE-2015-5312 Another entity expansion issue (David Drysdale),

+  CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale),

+  CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard),

+  CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard),

+  CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard),

+  CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard),

+  CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard)

+  CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard),

+  CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard),

+  
+
+  Documentation:

+  Correct spelling of "calling" (Alex Henrie),

+  Fix a small error in xmllint --format description (Fabien Degomme),

+  Avoid XSS on the search of xmlsoft.org (Daniel Veillard)

+  
+
+  Portability:

+  threads: use forward declarations only for glibc (Michael Heimpold),

+  Update Win32 configure.js to search for configure.ac (Daniel Veillard)

+  
+
+  Bug Fixes:

+  Bug on creating new stream from entity (Daniel Veillard),

+  Fix some loop issues embedding NEXT (Daniel Veillard),

+  Do not print error context when there is none (Daniel Veillard),

+  Avoid extra processing of MarkupDecl when EOF (Hugh Davenport),

+  Fix parsing short unclosed comment uninitialized access (Daniel Veillard),

+  Add missing Null check in xmlParseExternalEntityPrivate (Gaurav Gupta),

+  Fix a bug in CData error handling in the push parser (Daniel Veillard),

+  Fix a bug on name parsing at the end of current input buffer (Daniel Veillard),

+  Fix the spurious ID already defined error (Daniel Veillard),

+  Fix previous change to node sort order (Nick Wellnhofer),

+  Fix a self assignment issue raised by clang (Scott Graham),

+  Fail parsing early on if encoding conversion failed (Daniel Veillard),

+  Do not process encoding values if the declaration if broken (Daniel Veillard),

+  Silence clang's -Wunknown-attribute (Michael Catanzaro),

+  xmlMemUsed is not thread-safe (Martin von Gagern),

+  Fix support for except in nameclasses (Daniel Veillard),

+  Fix order of root nodes (Nick Wellnhofer),

+  Allow attributes on descendant-or-self axis (Nick Wellnhofer),

+  Fix the fix to Windows locking (Steve Nairn),

+  Fix timsort invariant loop re: Envisage article (Christopher Swenson),

+  Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer),

+  Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer),

+  Remove various unused value assignments (Philip Withnall),

+  Fix missing entities after CVE-2014-3660 fix (Daniel Veillard),

+  Revert "Missing initialization for the catalog module" (Daniel Veillard)

+  
+
+  Improvements:

+  Reuse xmlHaltParser() where it makes sense (Daniel Veillard),

+  xmlStopParser reset errNo (Daniel Veillard),

+  Reenable xz support by default (Daniel Veillard),

+  Recover unescaped less-than character in HTML recovery parsing (Daniel Veillard),

+  Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance),

+  Regression test for bug #695699 (Nick Wellnhofer),

+  Add a couple of XPath tests (Nick Wellnhofer),

+  Add Python 3 rpm subpackage (Tomas Radej),

+  libxml2-config.cmake.in: update include directories (Samuel Martin),

+  Adding example from bugs 738805 to regression tests (Daniel Veillard)

+  
+
+  Cleanups:

+  
+
 2.9.2: Oct 16 2014
 
   Security:

diff --git a/python/setup.py b/python/setup.py
index e5043237..6f7c06c7 100755
--- a/python/setup.py
+++ b/python/setup.py
@@ -226,7 +226,7 @@ else:
 setup (name = "libxml2-python",
        # On *nix, the version number is created from setup.py.in
        # On windows, it is set by configure.js
-       version = "2.9.2",
+       version = "2.9.3",
        description = descr,
        author = "Daniel Veillard",
        author_email = "veillard@redhat.com",
diff --git a/testapi.c b/testapi.c
index 0367ffd4..9205e643 100644
--- a/testapi.c
+++ b/testapi.c
@@ -1034,10 +1034,10 @@ static void des_xmlAttributeType(int no ATTRIBUTE_UNUSED, xmlAttributeType val A
 
 #define gen_nb_xmlBufferAllocationScheme 4
 static xmlBufferAllocationScheme gen_xmlBufferAllocationScheme(int no, int nr ATTRIBUTE_UNUSED) {
-    if (no == 1) return(XML_BUFFER_ALLOC_DOUBLEIT);
-    if (no == 2) return(XML_BUFFER_ALLOC_EXACT);
-    if (no == 3) return(XML_BUFFER_ALLOC_HYBRID);
-    if (no == 4) return(XML_BUFFER_ALLOC_IMMUTABLE);
+    if (no == 1) return(XML_BUFFER_ALLOC_BOUNDED);
+    if (no == 2) return(XML_BUFFER_ALLOC_DOUBLEIT);
+    if (no == 3) return(XML_BUFFER_ALLOC_EXACT);
+    if (no == 4) return(XML_BUFFER_ALLOC_HYBRID);
     return(0);
 }
 
-- 
cgit v1.2.1