From bdec2183f34b37ee89ae1d330c6ad2bb4d76605f Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Mon, 23 May 2016 16:04:52 +0800 Subject: [PATCH] Release of libxml2-2.9.4 * doc/xml.html libxml.spec.in: updated for the release * doc/*: regenerated but no API additions --- doc/APIchunk26.html | 1 + doc/APIfunctions.html | 2 - doc/devhelp/libxml2-xmlmemory.html | 2 +- doc/devhelp/libxml2-xmlstring.html | 8 +- doc/html/libxml-xmlmemory.html | 2 +- doc/html/libxml-xmlstring.html | 8 +- doc/libxml2-api.xml | 6 +- doc/libxml2-refs.xml | 3 +- doc/libxml2.xsa | 223 ++++++++--------------------- doc/news.html | 92 +++++++++++- doc/xml.html | 92 ++++++++++++ libxml.spec.in | 4 +- 12 files changed, 257 insertions(+), 186 deletions(-) diff --git a/doc/APIchunk26.html b/doc/APIchunk26.html index c68ae92b..af3b1a5d 100644 --- a/doc/APIchunk26.html +++ b/doc/APIchunk26.html @@ -143,6 +143,7 @@ A:link, A:visited, A:active { text-decoration: underline } xmlXPathRegisterVariableNS
unsafe
xmlSprintfElementContent
unsigned
c
+xmlMallocAtomicLoc
xmlURIUnescapeString
unsupported
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
diff --git a/doc/APIfunctions.html b/doc/APIfunctions.html index 9027afe0..f9ac249b 100644 --- a/doc/APIfunctions.html +++ b/doc/APIfunctions.html @@ -368,9 +368,7 @@ A:link, A:visited, A:active { text-decoration: underline } xmlSplitQName2
xmlSplitQName3
xmlStrEqual
-xmlStrPrintf
xmlStrQEqual
-xmlStrVPrintf
xmlStrcasecmp
xmlStrcasestr
xmlStrcat
diff --git a/doc/devhelp/libxml2-xmlmemory.html b/doc/devhelp/libxml2-xmlmemory.html index 8610538f..bf400d0d 100644 --- a/doc/devhelp/libxml2-xmlmemory.html +++ b/doc/devhelp/libxml2-xmlmemory.html @@ -118,7 +118,7 @@ char * xmlMemStrdupLoc (const char * str,

xmlMallocAtomicLoc ()

void *	xmlMallocAtomicLoc		(size_t size, 
					 const char * file, 
					 int line)

a malloc() equivalent, with logging of the allocation info.

-
size:an int specifying the size in byte to allocate.
file:the file name or NULL
line:the line number
Returns:a pointer to the allocated area or NULL in case of lack of memory.
+
size:an unsigned int specifying the size in byte to allocate.
file:the file name or NULL
line:the line number
Returns:a pointer to the allocated area or NULL in case of lack of memory.

xmlMallocLoc ()

void *	xmlMallocLoc			(size_t size, 
					 const char * file, 
					 int line)

a malloc() equivalent, with logging of the allocation info.

diff --git a/doc/devhelp/libxml2-xmlstring.html b/doc/devhelp/libxml2-xmlstring.html index 6dfc70b4..ca90ed44 100644 --- a/doc/devhelp/libxml2-xmlstring.html +++ b/doc/devhelp/libxml2-xmlstring.html @@ -49,7 +49,7 @@ int xmlStrcmp (const xmlChar * xmlCharStrndup (const char * cur,
int len); const xmlChar * xmlStrcasestr (const xmlChar * str,
const xmlChar * val); xmlChar * xmlStrcat (xmlChar * cur,
const xmlChar * add); -int xmlStrPrintf (xmlChar * buf,
int len,
const xmlChar * msg,
... ...); +int xmlStrPrintf (xmlChar * buf,
int len,
const char * msg,
... ...); const xmlChar * xmlStrstr (const xmlChar * str,
const xmlChar * val); int xmlUTF8Size (const xmlChar * utf); int xmlStrQEqual (const xmlChar * pref,
const xmlChar * name,
const xmlChar * str); @@ -65,7 +65,7 @@ int xmlStrncmp (const xmlGetUTF8Char (const unsigned char * utf,
int * len); int xmlStrcasecmp (const xmlChar * str1,
const xmlChar * str2); xmlChar * xmlStrndup (const xmlChar * cur,
int len); -int xmlStrVPrintf (xmlChar * buf,
int len,
const xmlChar * msg,
va_list ap); +int xmlStrVPrintf (xmlChar * buf,
int len,
const char * msg,
va_list ap); int xmlUTF8Strsize (const xmlChar * utf,
int len); int xmlCheckUTF8 (const unsigned char * utf); int xmlStrncasecmp (const xmlChar * str1,
const xmlChar * str2,
int len); @@ -111,7 +111,7 @@ int xmlUTF8Strloc (const
str1:the first xmlChar *
str2:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
-

xmlStrPrintf ()

int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 ... ...)

+        
xmlStrPrintf ()
int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 ... ...)

 
Formats @msg and places result into @buf.

 
buf:the result buffer.
len:the result buffer length.
msg:the message with printf formatting.
...:extra parameters for the message.
Returns:the number of characters written to @buf or -1 if an error occurs.

         

@@ -119,7 +119,7 @@ int	xmlUTF8Strloc			(const 
pref:the prefix of the QName
name:the localname of the QName
str:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
-

xmlStrVPrintf ()

int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 va_list ap)

+        
xmlStrVPrintf ()
int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 va_list ap)

 
Formats @msg and places result into @buf.

 
buf:the result buffer.
len:the result buffer length.
msg:the message with printf formatting.
ap:extra parameters for the message.
Returns:the number of characters written to @buf or -1 if an error occurs.

         

diff --git a/doc/html/libxml-xmlmemory.html b/doc/html/libxml-xmlmemory.html
index d6537758..3406e098 100644
--- a/doc/html/libxml-xmlmemory.html
+++ b/doc/html/libxml-xmlmemory.html
@@ -65,7 +65,7 @@ void	xmlFreeFunc			(void * mem)

Initialize the memory layer.

Returns:0 on success

Function: xmlMallocAtomicLoc

void *	xmlMallocAtomicLoc		(size_t size, 
					 const char * file, 
					 int line)

a malloc() equivalent, with logging of the allocation info.

-
size:an int specifying the size in byte to allocate.
file:the file name or NULL
line:the line number
Returns:a pointer to the allocated area or NULL in case of lack of memory.

Function type: xmlMallocFunc

Function type: xmlMallocFunc
+
size:an unsigned int specifying the size in byte to allocate.
file:the file name or NULL
line:the line number
Returns:a pointer to the allocated area or NULL in case of lack of memory.
Function type: xmlMallocFunc
Function type: xmlMallocFunc
 void *	xmlMallocFunc			(size_t size)
 
Signature for a malloc() implementation.
size:the size requested in bytes
Returns:a pointer to the newly allocated block or NULL in case of error.


 
Function: xmlMallocLoc
void *	xmlMallocLoc			(size_t size, 
					 const char * file, 
					 int line)

diff --git a/doc/html/libxml-xmlstring.html b/doc/html/libxml-xmlstring.html
index 4f12cc75..89e98099 100644
--- a/doc/html/libxml-xmlstring.html
+++ b/doc/html/libxml-xmlstring.html
@@ -16,9 +16,9 @@ A:link, A:visited, A:active { text-decoration: underline }
 
int	xmlCheckUTF8			(const unsigned char * utf)

 
int	xmlGetUTF8Char			(const unsigned char * utf, 
					 int * len)

 
int	xmlStrEqual			(const xmlChar * str1, 
					 const xmlChar * str2)

-
int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 ... ...)

+
int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 ... ...)

 
int	xmlStrQEqual			(const xmlChar * pref, 
					 const xmlChar * name, 
					 const xmlChar * str)

-
int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 va_list ap)

+
int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 va_list ap)

 
int	xmlStrcasecmp			(const xmlChar * str1, 
					 const xmlChar * str2)

 
const xmlChar *	xmlStrcasestr		(const xmlChar * str, 
					 const xmlChar * val)

 
xmlChar *	xmlStrcat		(xmlChar * cur, 
					 const xmlChar * add)

@@ -55,11 +55,11 @@ A:link, A:visited, A:active { text-decoration: underline }
 
Read the first UTF8 character from @utf

 
utf:a sequence of UTF-8 encoded bytes
len:a pointer to the minimum number of bytes present in the sequence. This is used to assure the next character is completely contained within the sequence.
Returns:the char value or -1 in case of error, and sets *len to the actual number of bytes consumed (0 in case of error)
Function: xmlStrEqual
int	xmlStrEqual			(const xmlChar * str1, 
					 const xmlChar * str2)

 
Check if both strings are equal of have same content. Should be a bit more readable and faster than xmlStrcmp()

-
str1:the first xmlChar *
str2:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
Function: xmlStrPrintf
int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 ... ...)

+
str1:the first xmlChar *
str2:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
Function: xmlStrPrintf
int	xmlStrPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 ... ...)

 
Formats @msg and places result into @buf.

 
buf:the result buffer.
len:the result buffer length.
msg:the message with printf formatting.
...:extra parameters for the message.
Returns:the number of characters written to @buf or -1 if an error occurs.
Function: xmlStrQEqual
int	xmlStrQEqual			(const xmlChar * pref, 
					 const xmlChar * name, 
					 const xmlChar * str)

 
Check if a QName is Equal to a given string

-
pref:the prefix of the QName
name:the localname of the QName
str:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
Function: xmlStrVPrintf
int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const xmlChar * msg, 
					 va_list ap)

+
pref:the prefix of the QName
name:the localname of the QName
str:the second xmlChar *
Returns:1 if they are equal, 0 if they are different
Function: xmlStrVPrintf
int	xmlStrVPrintf			(xmlChar * buf, 
					 int len, 
					 const char * msg, 
					 va_list ap)

 
Formats @msg and places result into @buf.

 
buf:the result buffer.
len:the result buffer length.
msg:the message with printf formatting.
ap:extra parameters for the message.
Returns:the number of characters written to @buf or -1 if an error occurs.
Function: xmlStrcasecmp
int	xmlStrcasecmp			(const xmlChar * str1, 
					 const xmlChar * str2)

 
a strcasecmp for xmlChar's

diff --git a/doc/libxml2-api.xml b/doc/libxml2-api.xml
index 7680a1bb..a0a01178 100644
--- a/doc/libxml2-api.xml
+++ b/doc/libxml2-api.xml
@@ -10985,7 +10985,7 @@ Could we use @subtypes for this?'/>
     
       a malloc() equivalent, with logging of the allocation info.
       
-      
+      
       
       
     
@@ -14487,7 +14487,7 @@ Could we use @subtypes for this?'/>
       
       
       
-      
+      
       
     
     
@@ -14502,7 +14502,7 @@ Could we use @subtypes for this?'/>
       
       
       
-      
+      
       
     
     
diff --git a/doc/libxml2-refs.xml b/doc/libxml2-refs.xml
index 07a608f2..6dce37f0 100644
--- a/doc/libxml2-refs.xml
+++ b/doc/libxml2-refs.xml
@@ -8406,9 +8406,7 @@
       
       
       
-      
       
-      
       
       
       
@@ -30349,6 +30347,7 @@
         
         
           
+          
           
         
         
diff --git a/doc/libxml2.xsa b/doc/libxml2.xsa
index 0825d53f..0d4b8fe9 100644
--- a/doc/libxml2.xsa
+++ b/doc/libxml2.xsa
@@ -8,182 +8,73 @@
   
   
     libxml2
-    2.9.2
-     Oct 16 2014
+    v2.9.3
+     Nov 20 2015
     http://xmlsoft.org/
        - Security:
-  Fix for CVE-2014-3660 billion laugh variant (Daniel Veillard),
-  CVE-2014-0191 Do not fetch external parameter entities (Daniel Veillard)
-  
-   - Bug Fixes:
-  fix memory leak xml header encoding field with XML_PARSE_IGNORE_ENC (Bart De Schuymer),
-  xmlmemory: handle realloc properly (Yegor Yefremov),
-  Python generator bug raised by the const change (Daniel Veillard),
-  Windows Critical sections not released correctly (Daniel Veillard),
-  Parser error on repeated recursive entity expansion containing < (Daniel Veillard),
-  xpointer : fixing Null Pointers (Gaurav Gupta),
-  Remove Unnecessary Null check in xpointer.c (Gaurav Gupta),
-  parser bug on misformed namespace attributes (Dennis Filder),
-  Pointer dereferenced before null check (Daniel Veillard),
-  Leak of struct addrinfo in xmlNanoFTPConnect() (Gaurav Gupta),
-  Possible overflow in HTMLParser.c (Daniel Veillard),
-  python/tests/sync.py assumes Python dictionaries are ordered (John Beck),
-  Fix Enum check and missing break (Gaurav Gupta),
-  xmlIO: Handle error returns from dup() (Philip Withnall),
-  Fix a problem properly saving URIs (Daniel Veillard),
-  wrong error column in structured error when parsing attribute values (Juergen Keil),
-  wrong error column in structured error when skipping whitespace in xml decl (Juergen Keil),
-  no error column in structured error handler for xml schema validation errors (Juergen Keil),
-  Couple of Missing Null checks (Gaurav Gupta),
-  Add couple of missing Null checks (Daniel Veillard),
-  xmlschemastypes: Fix potential array overflow (Philip Withnall),
-  runtest: Fix a memory leak on parse failure (Philip Withnall),
-  xmlIO: Fix an FD leak on gzdopen() failure (Philip Withnall),
-  xmlcatalog: Fix a memory leak on quit (Philip Withnall),
-  HTMLparser: Correctly initialise a stack allocated structure (Philip Withnall),
-  Check for tmon in _xmlSchemaDateAdd() is incorrect (David Kilzer),
-  Avoid Possible Null Pointer in trio.c (Gaurav Gupta),
-  Fix processing in SAX2 in case of an allocation failure (Daniel Veillard),
-  XML Shell command "cd" does not handle "/" at end of path (Daniel Veillard),
-  Fix various Missing Null checks (Gaurav Gupta),
-  Fix a potential NULL dereference (Daniel Veillard),
-  Add a couple of misisng check in xmlRelaxNGCleanupTree (Gaurav Gupta),
-  Add a missing argument check (Gaurav Gupta),
-  Adding a check in case of allocation error (Gaurav Gupta),
-  xmlSaveUri() incorrectly recomposes URIs with rootless paths (Dennis Filder),
-  Adding some missing NULL checks (Gaurav),
-  Fixes for xmlInitParserCtxt (Daniel Veillard),
-  Fix regressions introduced by CVE-2014-0191 patch (Daniel Veillard),
-  erroneously ignores a validation error if no error callback set (Daniel Veillard),
-  xmllint was not parsing the --c14n11 flag (Sérgio Batista),
-  Avoid Possible null pointer dereference in memory debug mode (Gaurav),
-  Avoid Double Null Check (Gaurav),
-  Restore context size and position after XPATH_OP_ARG (Nick Wellnhofer),
-  Fix xmlParseInNodeContext() if node is not element (Daniel Veillard),
-  Avoid a possible NULL pointer dereference (Gaurav),
-  Fix xmlTextWriterWriteElement when a null content is given (Daniel Veillard),
-  Fix an typo 'onrest' in htmlScriptAttributes (Daniel Veillard),
-  fixing a ptotential uninitialized access (Daniel Veillard),
-  Fix an fd leak in an error case (Daniel Veillard),
-  Missing initialization for the catalog module (Daniel Veillard),
-  Handling of XPath function arguments in error case (Nick Wellnhofer),
-  Fix a couple of missing NULL checks (Gaurav),
-  Avoid a possibility of dangling encoding handler (Gaurav),
-  Fix HTML push parser to accept HTML_PARSE_NODEFDTD (Arnold Hendriks),
-  Fix a bug loading some compressed files (Mike Alexander),
-  Fix XPath node comparison bug (Gaurav),
-  Type mismatch in xmlschemas.c (Gaurav),
-  Type mismatch in xmlschemastypes.c (Gaurav),
-  Avoid a deadcode in catalog.c (Daniel Veillard),
-  run close socket on Solaris, same as we do on other platforms (Denis Pauk),
-  Fix pointer dereferenced before null check (Gaurav),
-  Fix a potential NULL dereference in tree code (Daniel Veillard),
-  Fix potential NULL pointer dereferences in regexp code (Gaurav),
-  xmllint --pretty crashed without following numeric argument (Tim Galeckas),
-  Fix XPath expressions of the form '@ns:*' (Nick Wellnhofer),
-  Fix XPath '//' optimization with predicates (Nick Wellnhofer),
-  Clear up a potential NULL dereference (Daniel Veillard),
-  Fix a possible NULL dereference (Gaurav),
-  Avoid crash if allocation fails (Daniel Veillard),
-  Remove occasional leading space in XPath number formatting (Daniel Veillard),
-  Fix handling of mmap errors (Daniel Veillard),
-  Catch malloc error and exit accordingly (Daniel Veillard),
-  missing else in xlink.c (Ami Fischman),
-  Fix a parsing bug on non-ascii element and CR/LF usage (Daniel Veillard),
-  Fix a regression in xmlGetDocCompressMode() (Daniel Veillard),
-  properly quote the namespace uris written out during c14n (Aleksey Sanin),
-  Remove premature XInclude check on URI being relative (Alexey Neyman),
-  Fix missing break on last() function for attributes (dcb),
-  Do not URI escape in server side includes (Romain Bondue),
-  Fix an error in xmlCleanupParser (Alexander Pastukhov)
+  CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport),
+  CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard),
+  CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard),
+  CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard),
+  CVE-2015-5312 Another entity expansion issue (David Drysdale),
+  CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale),
+  CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard),
+  CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard),
+  CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard),
+  CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard),
+  CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard)
+  CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard),
+  CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard),
   
    - Documentation:
-  typo in error messages "colon are forbidden from..." (Daniel Veillard),
-  Fix a link to James SAX documentation old page (Daniel Veillard),
-  Fix typos in relaxng.c (Jan Pokorný),
-  Fix a doc typo (Daniel Veillard),
-  Fix typos in {tree,xpath}.c (errror) (Jan Pokorný),
-  Add limitations about encoding conversion (Daniel Veillard),
-  Fix typos in xmlschemas{,types}.c (Jan Pokorný),
-  Fix incorrect spelling entites->entities (Jan Pokorný),
-  Forgot to document 2.9.1 release, regenerate docs (Daniel Veillard)
+  Correct spelling of "calling" (Alex Henrie),
+  Fix a small error in xmllint --format description (Fabien Degomme),
+  Avoid XSS on the search of xmlsoft.org (Daniel Veillard)
   
    - Portability:
-  AC_CONFIG_FILES and executable bit (Roumen Petrov),
-  remove HAVE_CONFIG_H dependency in testlimits.c (Roumen Petrov),
-  fix some tabs mixing incompatible with python3 (Roumen Petrov),
-  Visual Studio 14 CTP defines snprintf() (Francis Dupont),
-  OS400: do not try to copy unexisting doc files (Patrick Monnerat),
-  OS400: use either configure.ac or configure.in. (Patrick Monnerat),
-  os400: make-src.sh: create physical file with target CCSID (Patrick Monnerat),
-  OS400: Add some more C macros equivalent procedures. (Patrick Monnerat),
-  OS400: use C macros to implement equivalent RPG support procedures. (Patrick Monnerat),
-  OS400: implement XPath macros as procedures for ILE/RPG support. (Patrick Monnerat),
-  OS400: include in distribution tarball. (Patrick Monnerat),
-  OS400: Add README: compilation directives and OS/400 specific stuff. (Patrick Monnerat),
-  OS400: Add compilation scripts. (Patrick Monnerat),
-  OS400: ILE RPG language header files. (Patrick Monnerat),
-  OS400: implement some macros as functions for ILE/RPG language support (that as no macros). (Patrick Monnerat),
-  OS400: UTF8<-->EBCDIC wrappers for system and external library calls (Patrick Monnerat),
-  OS400: Easy character transcoding support (Patrick Monnerat),
-  OS400: iconv functions compatibility wrappers and table builder. (Patrick Monnerat),
-  OS400: create architecture directory. Implement dlfcn emulation. (Patrick Monnerat),
-  Fix building when configuring without xpath and xptr (Daniel Veillard),
-  configure: Add --with-python-install-dir (Jonas Eriksson),
-  Fix compilation with minimum and xinclude. (Nicolas Le Cam),
-  Compile out use of xmlValidateNCName() when not available. (Nicolas Le Cam),
-  Fix compilation with minimum and schematron. (Nicolas Le Cam),
-  Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement(). (Nicolas Le Cam),
-  Don't use xmlValidateName() when not available. (Nicolas Le Cam),
-  Fix a portability issue on Windows (Longstreth Jon),
-  Various portability patches for OpenVMS (Jacob (Jouk) Jansen),
-  Use specific macros for portability to OS/400 (Patrick Monnerat),
-  Add macros needed for OS/400 portability (Patrick Monnerat),
-  Portability patch for fopen on OS/400 (Patrick Monnerat),
-  Portability fixes for OS/400 (Patrick Monnerat),
-  Improve va_list portability (Patrick Monnerat),
-  Portability fix (Patrick Monnerat),
-  Portability fix (Patrick Monnerat),
-  Generic portability fix (Patrick Monnerat),
-  Shortening lines in headers (Patrick Monnerat),
-  build: Use pkg-config to find liblzma in preference to AC_CHECK_LIB (Philip Withnall),
-  build: Add @LZMA_LIBS@ to libxml’s pkg-config files (Philip Withnall),
-  fix some tabs mixing incompatible with python3 (Daniel Veillard),
-  add additional defines checks for support "./configure --with-minimum" (Denis Pauk),
-  Another round of fixes for older versions of Python (Arfrever Frehtes Taifersar Arahesis),
-  python: fix drv_libxml2.py for python3 compatibility (Alexandre Rostovtsev),
-  python: Fix compiler warnings when building python3 bindings (Armin K),
-  Fix for compilation with python 2.6.8 (Petr Sumbera)
+  threads: use forward declarations only for glibc (Michael Heimpold),
+  Update Win32 configure.js to search for configure.ac (Daniel Veillard)
+  
+   - Bug Fixes:
+  Bug on creating new stream from entity (Daniel Veillard),
+  Fix some loop issues embedding NEXT (Daniel Veillard),
+  Do not print error context when there is none (Daniel Veillard),
+  Avoid extra processing of MarkupDecl when EOF (Hugh Davenport),
+  Fix parsing short unclosed comment uninitialized access (Daniel Veillard),
+  Add missing Null check in xmlParseExternalEntityPrivate (Gaurav Gupta),
+  Fix a bug in CData error handling in the push parser (Daniel Veillard),
+  Fix a bug on name parsing at the end of current input buffer (Daniel Veillard),
+  Fix the spurious ID already defined error (Daniel Veillard),
+  Fix previous change to node sort order (Nick Wellnhofer),
+  Fix a self assignment issue raised by clang (Scott Graham),
+  Fail parsing early on if encoding conversion failed (Daniel Veillard),
+  Do not process encoding values if the declaration if broken (Daniel Veillard),
+  Silence clang's -Wunknown-attribute (Michael Catanzaro),
+  xmlMemUsed is not thread-safe (Martin von Gagern),
+  Fix support for except in nameclasses (Daniel Veillard),
+  Fix order of root nodes (Nick Wellnhofer),
+  Allow attributes on descendant-or-self axis (Nick Wellnhofer),
+  Fix the fix to Windows locking (Steve Nairn),
+  Fix timsort invariant loop re: Envisage article (Christopher Swenson),
+  Don't add IDs in xmlSetTreeDoc (Nick Wellnhofer),
+  Account for ID attributes in xmlSetTreeDoc (Nick Wellnhofer),
+  Remove various unused value assignments (Philip Withnall),
+  Fix missing entities after CVE-2014-3660 fix (Daniel Veillard),
+  Revert "Missing initialization for the catalog module" (Daniel Veillard)
   
    - Improvements:
-  win32/libxml2.def.src after rebuild in doc (Roumen Petrov),
-  elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() (Roumen Petrov),
-  elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode (Roumen Petrov),
-  Provide cmake module (Samuel Martin),
-  Fix a couple of issues raised by make dist (Daniel Veillard),
-  Fix and add const qualifiers (Kurt Roeckx),
-  Preparing for upcoming release of 2.9.2 (Daniel Veillard),
-  Fix zlib and lzma libraries check via command line (Dmitriy),
-  wrong error column in structured error when parsing end tag (Juergen Keil),
-  doc/news.html: small update to avoid line join while generating NEWS. (Patrick Monnerat),
-  Add methods for python3 iterator (Ron Angeles),
-  Support element node traversal in document fragments. (Kyle VanderBeek),
-  xmlNodeSetName: Allow setting the name to a substring of the currently set name (Tristan Van Berkom),
-  Added macros for argument casts (Eric Zurcher),
-  adding init calls to xml and html Read parsing entry points (Daniel Veillard),
-  Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c (Jan Pokorný),
-  Implement choice for name classes on attributes (Shaun McCance),
-  Two small namespace tweaks (Daniel Veillard),
-  xmllint --memory should fail on empty files (Daniel Veillard),
-  Cast encoding name to char pointer to match arg type (Nikolay Sivov)
+  Reuse xmlHaltParser() where it makes sense (Daniel Veillard),
+  xmlStopParser reset errNo (Daniel Veillard),
+  Reenable xz support by default (Daniel Veillard),
+  Recover unescaped less-than character in HTML recovery parsing (Daniel Veillard),
+  Allow HTML serializer to output HTML5 DOCTYPE (Shaun McCance),
+  Regression test for bug #695699 (Nick Wellnhofer),
+  Add a couple of XPath tests (Nick Wellnhofer),
+  Add Python 3 rpm subpackage (Tomas Radej),
+  libxml2-config.cmake.in: update include directories (Samuel Martin),
+  Adding example from bugs 738805 to regression tests (Daniel Veillard)
   
    - Cleanups:
-  Removal of old configure.in (Daniel Veillard),
-  Unreachable code in tree.c (Gaurav Gupta),
-  Remove a couple of dead conditions (Gaurav Gupta),
-  Avoid some dead code and cleanup in relaxng.c (Gaurav),
-  Drop not needed checks (Denis Pauk),
-  Fix a wrong test (Daniel Veillard)
   
 
 
diff --git a/doc/news.html b/doc/news.html
index e76ef558..0c692c8b 100644
--- a/doc/news.html
+++ b/doc/news.html
@@ -8,7 +8,97 @@ H2 {font-family: Verdana,Arial,Helvetica}
 H3 {font-family: Verdana,Arial,Helvetica}
 A:link, A:visited, A:active { text-decoration: underline }
 Releases
Action against software patentsGnome2 LogoW3C LogoRed Hat Logo
Made with Libxml2 Logo
The XML C parser and toolkit of Gnome
Releases
Main Menu
Related links
The change log describes the recents commits
-to the GIT code base.
Here is the list of public releases:
v2.9.3: Nov 20 2015
    
+to the GIT code base.
    Here is the list of public releases:
    2.9.4: May 23 2016
      
+  
    • Security:
      
+  More format string warnings with possible format string vulnerability (David Kilzer),
      
+  Avoid building recursive entities (Daniel Veillard),
      
+  Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde),
      
+  Heap-based buffer-underreads due to xmlParseName (David Kilzer),
      
+  Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde),
      
+  Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde),
      
+  Fix some format string warnings with possible format string vulnerability (David Kilzer),
      
+  Detect change of encoding when parsing HTML names (Hugh Davenport),
      
+  Fix inappropriate fetch of entities content (Daniel Veillard),
      
+  Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde),
      
+  Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde),
      
+  Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer),
      
+  Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde),
      
+  Add missing increments of recursion depth counter to XML parser. (Peter Simons)
      
+  
      • 
+
+  
    • Documentation:
      
+  Fix typo: s{ ec -> cr }cipt (Jan Pokorný),
      
+  Fix typos: dictio{ nn -> n }ar{y,ies} (Jan Pokorný),
      
+  Fix typos: PATH_{ SEAPARATOR -> SEPARATOR } (Jan Pokorný),
      
+  Correct a typo. (Shlomi Fish)
      
+  
      • 
+
+  
    • Portability:
      
+  Correct the usage of LDFLAGS (Mattias Hansson),
      
+  Revert the use of SAVE_LDFLAGS in configure.ac (Mattias Hansson),
      
+  libxml2 hardcodes -L/lib in zlib/lzma tests which breaks cross-compiles (Mike Frysinger),
      
+  Fix apibuild for a recently added construct (Daniel Veillard),
      
+  Use pkg-config to locate zlib when possible (Stewart Brodie),
      
+  Use pkg-config to locate ICU when possible (Stewart Brodie),
      
+  Portability to non C99 compliant compilers (Patrick Monnerat),
      
+  dict.h: Move xmlDictPtr definition before includes to allow direct inclusion. (Patrick Monnerat),
      
+  os400: tell about xmllint and xmlcatalog in README400. (Patrick Monnerat),
      
+  os400: properly process SGML add in XMLCATALOG command. (Patrick Monnerat),
      
+  os400: implement CL command XMLCATALOG. (Patrick Monnerat),
      
+  os400: compile and install program xmlcatalog (qshell-only). (Patrick Monnerat),
      
+  os400: expand tabs in sources, strip trailing blanks. (Patrick Monnerat),
      
+  os400: implement CL command XMLLINT. (Patrick Monnerat),
      
+  os400: compile and install program xmllint (qshell-only). (Patrick Monnerat),
      
+  os400: initscript make_module(): Use options instead of positional parameters. (Patrick Monnerat),
      
+  os400: c14n.rpgle: allow *omit for nullable reference parameters. (Patrick Monnerat),
      
+  os400: use like() for double type. (Patrick Monnerat),
      
+  os400: use like() for int type. (Patrick Monnerat),
      
+  os400: use like() for unsigned int type. (Patrick Monnerat),
      
+  os400: use like() for enum types. (Patrick Monnerat),
      
+  Add xz to xml2-config --libs output (Baruch Siach),
      
+  Bug 760190: configure.ac should be able to build --with-icu without icu-config tool <https://bugzilla.gnome.org/show_bug.cgi?id=760190> (David Kilzer),
      
+  win32\VC10\config.h and VS 2015 (Bruce Dawson),
      
+  Add configure maintainer mode (orzen)
      
+  
      • 
+
+  
    • Bug Fixes:
      
+  Avoid an out of bound access when serializing malformed strings (Daniel Veillard),
      
+  Unsigned addition may overflow in xmlMallocAtomicLoc() (David Kilzer),
      
+  Integer signed/unsigned type mismatch in xmlParserInputGrow() (David Kilzer),
      
+  Bug 763071: heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071> (Pranjal Jumde),
      
+  Integer overflow parsing port number in URI (Michael Paddon),
      
+  Fix an error with regexp on nullable counted char transition (Daniel Veillard),
      
+  Fix memory leak with XPath namespace nodes (Nick Wellnhofer),
      
+  Fix namespace axis traversal (Nick Wellnhofer),
      
+      Fix null pointer deref in docs with no root element (Hugh Davenport),
      
+  Fix XSD validation of URIs with ampersands (Alex Henrie),
      
+  xmlschemastypes.c: accept endOfDayFrag Times set to "24:00:00" mean "end of day" and should not cause an error. (Patrick Monnerat),
      
+  xmlcatalog: flush stdout before interactive shell input. (Patrick Monnerat),
      
+  xmllint: flush stdout before interactive shell input. (Patrick Monnerat),
      
+  Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression (Nick Wellnhofer),
      
+  Fix namespace::node() XPath expression (Nick Wellnhofer),
      
+  Fix OOB write in xmlXPathEmptyNodeSet (Nick Wellnhofer),
      
+  Fix parsing of NCNames in XPath (Nick Wellnhofer),
      
+  Fix OOB read with invalid UTF-8 in xmlUTF8Strsize (Nick Wellnhofer),
      
+  Do normalize string-based datatype value in RelaxNG facet checking (Audric Schiltknecht),
      
+  Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix for "xmlSaveUri() incorrectly recomposes URIs with rootless paths" <https://bugzilla.gnome.org/show_bug.cgi?id=760921> (David Kilzer),
      
+  Bug 760861: REGRESSION (bf9c1dad): Missing results for test/schemas/regexp-char-ref_[01].xsd <https://bugzilla.gnome.org/show_bug.cgi?id=760861> (David Kilzer),
      
+  error.c: *input->cur == 0 does not mean no error (Pavel Raiskup),
      
+  Add missing RNG test files (David Kilzer),
      
+  Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer <https://bugzilla.gnome.org/show_bug.cgi?id=760183> (David Kilzer),
      
+  Bug 758572: ASAN crash in make check <https://bugzilla.gnome.org/show_bug.cgi?id=758572> (David Kilzer),
      
+  Bug 721158: Missing ICU string when doing --version on xmllint <https://bugzilla.gnome.org/show_bug.cgi?id=721158> (David Kilzer),
      
+  python 3: libxml2.c wrappers create Unicode str already (Michael Stahl),
      
+  Add autogen.sh to distrib (orzen),
      
+  Heap-based buffer overread in xmlNextChar (Daniel Veillard)
      
+  
      • 
+
+  
    • Improvements:
      
+  Add more debugging info to runtest (Daniel Veillard),
      
+  Implement "runtest -u" mode (David Kilzer),
      
+  Add a make rule to rebuild for ASAN (Daniel Veillard)
      
+  
      • 
+
    v2.9.3: Nov 20 2015
      
   
    • Security:
      
   CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport),
      
   CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard),
      
diff --git a/doc/xml.html b/doc/xml.html
index 51dca8c3..d035934b 100644
--- a/doc/xml.html
+++ b/doc/xml.html
@@ -709,6 +709,98 @@ to the GIT code base.
      
 
 
      Here is the list of public releases:
      
 
+
      2.9.4: May 23 2016
      
+
        
+  
      • Security:
        
+  More format string warnings with possible format string vulnerability (David Kilzer),
        
+  Avoid building recursive entities (Daniel Veillard),
        
+  Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde),
        
+  Heap-based buffer-underreads due to xmlParseName (David Kilzer),
        
+  Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde),
        
+  Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde),
        
+  Fix some format string warnings with possible format string vulnerability (David Kilzer),
        
+  Detect change of encoding when parsing HTML names (Hugh Davenport),
        
+  Fix inappropriate fetch of entities content (Daniel Veillard),
        
+  Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde),
        
+  Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde),
        
+  Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer),
        
+  Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde),
        
+  Add missing increments of recursion depth counter to XML parser. (Peter Simons)
        
+  
        • 
+
+  
      • Documentation:
        
+  Fix typo: s{ ec -> cr }cipt (Jan Pokorný),
        
+  Fix typos: dictio{ nn -> n }ar{y,ies} (Jan Pokorný),
        
+  Fix typos: PATH_{ SEAPARATOR -> SEPARATOR } (Jan Pokorný),
        
+  Correct a typo. (Shlomi Fish)
        
+  
        • 
+
+  
      • Portability:
        
+  Correct the usage of LDFLAGS (Mattias Hansson),
        
+  Revert the use of SAVE_LDFLAGS in configure.ac (Mattias Hansson),
        
+  libxml2 hardcodes -L/lib in zlib/lzma tests which breaks cross-compiles (Mike Frysinger),
        
+  Fix apibuild for a recently added construct (Daniel Veillard),
        
+  Use pkg-config to locate zlib when possible (Stewart Brodie),
        
+  Use pkg-config to locate ICU when possible (Stewart Brodie),
        
+  Portability to non C99 compliant compilers (Patrick Monnerat),
        
+  dict.h: Move xmlDictPtr definition before includes to allow direct inclusion. (Patrick Monnerat),
        
+  os400: tell about xmllint and xmlcatalog in README400. (Patrick Monnerat),
        
+  os400: properly process SGML add in XMLCATALOG command. (Patrick Monnerat),
        
+  os400: implement CL command XMLCATALOG. (Patrick Monnerat),
        
+  os400: compile and install program xmlcatalog (qshell-only). (Patrick Monnerat),
        
+  os400: expand tabs in sources, strip trailing blanks. (Patrick Monnerat),
        
+  os400: implement CL command XMLLINT. (Patrick Monnerat),
        
+  os400: compile and install program xmllint (qshell-only). (Patrick Monnerat),
        
+  os400: initscript make_module(): Use options instead of positional parameters. (Patrick Monnerat),
        
+  os400: c14n.rpgle: allow *omit for nullable reference parameters. (Patrick Monnerat),
        
+  os400: use like() for double type. (Patrick Monnerat),
        
+  os400: use like() for int type. (Patrick Monnerat),
        
+  os400: use like() for unsigned int type. (Patrick Monnerat),
        
+  os400: use like() for enum types. (Patrick Monnerat),
        
+  Add xz to xml2-config --libs output (Baruch Siach),
        
+  Bug 760190: configure.ac should be able to build --with-icu without icu-config tool <https://bugzilla.gnome.org/show_bug.cgi?id=760190> (David Kilzer),
        
+  win32\VC10\config.h and VS 2015 (Bruce Dawson),
        
+  Add configure maintainer mode (orzen)
        
+  
        • 
+
+  
      • Bug Fixes:
        
+  Avoid an out of bound access when serializing malformed strings (Daniel Veillard),
        
+  Unsigned addition may overflow in xmlMallocAtomicLoc() (David Kilzer),
        
+  Integer signed/unsigned type mismatch in xmlParserInputGrow() (David Kilzer),
        
+  Bug 763071: heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071> (Pranjal Jumde),
        
+  Integer overflow parsing port number in URI (Michael Paddon),
        
+  Fix an error with regexp on nullable counted char transition (Daniel Veillard),
        
+  Fix memory leak with XPath namespace nodes (Nick Wellnhofer),
        
+  Fix namespace axis traversal (Nick Wellnhofer),
        
+      Fix null pointer deref in docs with no root element (Hugh Davenport),
        
+  Fix XSD validation of URIs with ampersands (Alex Henrie),
        
+  xmlschemastypes.c: accept endOfDayFrag Times set to "24:00:00" mean "end of day" and should not cause an error. (Patrick Monnerat),
        
+  xmlcatalog: flush stdout before interactive shell input. (Patrick Monnerat),
        
+  xmllint: flush stdout before interactive shell input. (Patrick Monnerat),
        
+  Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression (Nick Wellnhofer),
        
+  Fix namespace::node() XPath expression (Nick Wellnhofer),
        
+  Fix OOB write in xmlXPathEmptyNodeSet (Nick Wellnhofer),
        
+  Fix parsing of NCNames in XPath (Nick Wellnhofer),
        
+  Fix OOB read with invalid UTF-8 in xmlUTF8Strsize (Nick Wellnhofer),
        
+  Do normalize string-based datatype value in RelaxNG facet checking (Audric Schiltknecht),
        
+  Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix for "xmlSaveUri() incorrectly recomposes URIs with rootless paths" <https://bugzilla.gnome.org/show_bug.cgi?id=760921> (David Kilzer),
        
+  Bug 760861: REGRESSION (bf9c1dad): Missing results for test/schemas/regexp-char-ref_[01].xsd <https://bugzilla.gnome.org/show_bug.cgi?id=760861> (David Kilzer),
        
+  error.c: *input->cur == 0 does not mean no error (Pavel Raiskup),
        
+  Add missing RNG test files (David Kilzer),
        
+  Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer <https://bugzilla.gnome.org/show_bug.cgi?id=760183> (David Kilzer),
        
+  Bug 758572: ASAN crash in make check <https://bugzilla.gnome.org/show_bug.cgi?id=758572> (David Kilzer),
        
+  Bug 721158: Missing ICU string when doing --version on xmllint <https://bugzilla.gnome.org/show_bug.cgi?id=721158> (David Kilzer),
        
+  python 3: libxml2.c wrappers create Unicode str already (Michael Stahl),
        
+  Add autogen.sh to distrib (orzen),
        
+  Heap-based buffer overread in xmlNextChar (Daniel Veillard)
        
+  
        • 
+
+  
      • Improvements:
        
+  Add more debugging info to runtest (Daniel Veillard),
        
+  Implement "runtest -u" mode (David Kilzer),
        
+  Add a make rule to rebuild for ASAN (Daniel Veillard)
        
+  
        • 
+
      
 
      v2.9.3: Nov 20 2015
      
 
        
   
      • Security:
        
diff --git a/libxml.spec.in b/libxml.spec.in
index 6fe3c69a..9029a180 100644
--- a/libxml.spec.in
+++ b/libxml.spec.in
@@ -3,10 +3,10 @@
 Summary: Library providing XML and HTML support
 Name: libxml2
 Version: @VERSION@
-Release: 0rc2%{?dist}%{?extra_release}
+Release: 1%{?dist}%{?extra_release}
 License: MIT
 Group: Development/Libraries
-Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}-rc2.tar.gz
+Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: python-devel
 %if 0%{?with_python3}