ddd20085 | 30-Sep-2020 |
mseidel |
Updated English dictionary |
8bee0436 | 30-Sep-2020 |
Jim Jagielski |
Allow for more recent SDKs |
202391d1 | 30-Sep-2020 |
Don Lewis |
Fix handling of NUL characters in certificate fields A flaw was found in the way Serf handled NUL characters in the CommonName and SubjectAltNames fields of X.509 certificates. An attack
Fix handling of NUL characters in certificate fields A flaw was found in the way Serf handled NUL characters in the CommonName and SubjectAltNames fields of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using Serf (such as Subversion on Fedora 20 and later, refer also to bug 1127063) into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. Patch by: Ben Reser of WANdisco via Serf Project and Apache Serf
show more ...
|
ebc59d3f | 30-Sep-2020 |
Don Lewis |
libxml2 bug fixes from upstream From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Thu, 12 Dec 2019 17:30:55 +0800 Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities
libxml2 bug fixes from upstream From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Thu, 12 Dec 2019 17:30:55 +0800 Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef return NULL which cause a infinite loop in xmlStringLenDecodeEntities Found with libFuzzer. From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Fri, 7 Aug 2020 21:54:27 +0200 Subject: [PATCH] Fix out-of-bounds read with 'xmllint --htmlout' Make sure that truncated UTF-8 sequences don't cause an out-of-bounds array access. Thanks to @SuhwanSong and the Agency for Defense Development (ADD) for the report. Fixes #178. From: Zhipeng Xie <xiezhipeng1@huawei.com> Date: Tue, 20 Aug 2019 16:33:06 +0800 Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun alloc a new schema for ctxt->schema and set vctxt->xsiAssemble to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize vctxt->xsiAssemble to 0 again which cause the alloced schema can not be freed anymore. Found with libFuzzer. Patch by: Zhipeng Xie <xiezhipeng1@huawei.com> via gnome.org Patch by: Nick Wellnhofer <wellnhofer@aevum.de> via gnome.org
show more ...
|
b87166d3 | 29-Sep-2020 |
mseidel |
Fixed some typos |
c47da6ea | 28-Sep-2020 |
mseidel |
Fixed several typos |
9c3cb57a | 27-Sep-2020 |
mseidel |
Fixed typo (errror -> error) |
56b8eddc | 25-Sep-2020 |
mseidel |
Fixed typo (explicitely -> explicitly) and some more |
aa2578ad | 23-Sep-2020 |
mseidel |
Cleaned up resource files |
5d6b1f39 | 20-Sep-2020 |
mseidel |
Update download numbers |
e9903d32 | 20-Sep-2020 |
Matthias Seidel |
Update README.md |
1dedf1ec | 19-Sep-2020 |
mseidel |
Updated LICENSE for Python 2.7.18 |
b613169b | 19-Sep-2020 |
Don Lewis |
nss switched to MPL-2.0 some time ago. |
ed5580f7 | 19-Sep-2020 |
Carl Marcum |
Refs #6 - updated junit url to https (#98) |
07327bc6 | 18-Sep-2020 |
Don Lewis |
Fix intermittent parallel build breakage. Use an order-only prerequisite to create output directories. * This will not trigger a rebuild when the directory mtime changes.
Fix intermittent parallel build breakage. Use an order-only prerequisite to create output directories. * This will not trigger a rebuild when the directory mtime changes. * This removes the prerequisite from $^, allowing the latter to be used in more places. Add missing prerequisites for the ooxml directory. One that was missing broke a parallel build. Use $^ in a few more places instead of duplicating the prerequisites in the recipies. Remove unused prerequisites from the $(wf_GEN_model_QNameToStr_cxx) rule. Add a prerequisite to the $(wf_GEN_doctok_ResourceIds_hxx) rule that was in the old makefile.mk.
show more ...
|
26aca12f | 18-Sep-2020 |
Don Lewis |
Upgrade bundled python to 2.7.18. |
01d5ed08 | 18-Sep-2020 |
mseidel |
Updated Asturian dictionary |
b5acf798 | 17-Sep-2020 |
mseidel |
Fixed typos (implementated -> implemented) |
a30e0b2c | 12-Sep-2020 |
mseidel |
Cleaned up resource files |
2e89cd49 | 08-Sep-2020 |
mseidel |
Corrected small errors in Help text |
e414e35e | 05-Sep-2020 |
mseidel |
Cleaned up resource files |
369baf75 | 04-Sep-2020 |
mseidel |
Cleaned up resource files |
95f0451a | 02-Sep-2020 |
mseidel |
Small change in string |
be522427 | 27-Aug-2020 |
mseidel |
Updated LICENSE for curl 7.72.0 |
bc614383 | 27-Aug-2020 |
Don Lewis |
Upgrade to curl-7.72.0 Curl 7.27.0 fixes a number of bugs and a couple CVEs that probably do not affect us. |