libxslt-1.1.32-150000.3.11.1

- Fix broken license symlink for libxslt-tools [bsc#1203669]

- Security fix [bsc#1154609, CVE-2019-18197]
  * Fix dangling pointer in xsltCopyText
  * Add libxslt-CVE-2019-18197.patch

- Security fix: [bsc#1140101, CVE-2019-13118]
  * Fix uninitialized read with UTF-8 grouping chars. Read of
    uninitialized stack data due to too narrow xsl:number
    instruction and an invalid character
  * Added libxslt-CVE-2019-13118.patch

- Security fix: [bsc#1140095, CVE-2019-13117]
  * Fix uninitialized read of xsl:number token. An xsl number with
    certain format strings could lead to a uninitialized read in
    xsltNumberFormatInsertNumbers
  * Added libxslt-CVE-2019-13117.patch

- Security fix: [bsc#1132160, CVE-2019-11068]
  * Bypass of a protection mechanism because callers of xsltCheckRead
    and xsltCheckWrite permit access even upon receiving a -1 error
    code. xsltCheckRead can return -1 for a crafted URL that is not
    actually invalid and is subsequently loaded.
  * Added libxslt-CVE-2019-11068.patch

- Update to version 1.1.32
  * fixes xml-config detection regression (boo#1066525)

- Update to version 1.1.30 [bsc#1063934]
  * Documentation:
  - Misc doc fixes
  * Portability:
  - Look for libxml2 via pkg-config first
  * Bug Fixes:
  - Also fix memory hazards in exsltFuncResultElem
  - Fix NULL deref in xsltDefaultSortFunction
  - Fix memory hazards in exsltFuncFunctionFunction
  - Fix memory leaks in EXSLT error paths
  - Fix memory leak in str:concat with empty node-set
  - Fix memory leaks in error paths
  - Switch to xmlUTF8Strsize in numbers.c
  - Fix NULL pointer deref in xsltFormatNumberFunction
  - Fix UTF-8 check in str:padding
  - Fix xmlStrPrintf argument
  - Check for overflow in _exsltDateParseGYear
  - Fix double to int conversion
  - Check for overflow in exsltDateParseDuration
  - Change version of xsltMaxVars back to 1.0.24
  - Disable xsltCopyTextString optimization for extensions
  - Create DOCTYPE for HTML version 5
  - Make xsl:decimal-format work with namespaces
  - Remove norm:localTime extension function
  - Check for integer overflow in xsltAddTextString
  - Detect infinite recursion when evaluating function arguments
  - Fix memory leak in xsltElementAvailableFunction
  - Fix for pattern predicates calling functions
  - Fix cmd.exe invocations in Makefile.mingw
  - Don't try to install index.sgml
  - Fix symbols.xml
  - Fix heap overread in xsltFormatNumberConversion
  - Fix <xsl:number level="any"/> for non-element nodes
  - Fix unreachable code in xsltAddChild
  - Change version number in xsl:version warning
  - Avoid infinite recursion after failed param evaluation
  - Stop if potential recursion is detected
  - Consider built-in templates in apply-imports
  - Fix precedence with multiple attribute sets
  - Rework attribute set resolution
  * Improvements:
  - Silence tests a little
  - Set LIBXML_SRC to absolute path
  - Add missing #include
  - Adjust expected error messages in tests
  - Make xsltDebug more quiet
  - New-line terminate error message that missed this convention
  - Use xmlBuffers in EXSLT string functions
  - Switch to xmlUTF8Strsize in EXSLT string functions
  - Check for return value of xmlUTF8Strlen
  - Avoid double/long round trip in FORMAT_ITEM
  - Separate date and duration structs
  - Check for overflow in _exsltDateDifference
  - Clamp seconds field of durations
  - Change _exsltDateAddDurCalc parameter types
  - Fix date:difference with time zones
  - Rework division/remainder arithmetic in date.c
  - Remove exsltDateCastDateToNumber
  - Change internal representation of years
  - Optimize IS_LEAP
  - Link libraries with libm
  - Rename xsltCopyTreeInternal to xsltCopyTree
  - Update linker version script
  - Add local wildcard to version script
  - Make some symbols static
  - Remove redundant NULL check in xsltNumberComp
  - Fix forwards compatibility for imported stylesheets
  - Reduce warnings in forwards-compatible mode
  - Precompute XSLT elements after preprocessing
  - Fix whitespace in xsltParseStylesheetTop
  - Consolidate recursion checks
  - Treat XSLT_STATE_STOPPED same as errors
  - Make sure that XSLT_STATE_STOPPED isn't overwritten
  - Add comment regarding built-in templates and params
  - Rewrite memory management of local RVTs
  - Validate QNames of attribute sets
  - Add xsl:attribute-set regression tests
  - Ignore imported stylesheets in xsltApplyAttributeSet
- Dropped patches fixed upstream
  * libxslt-CVE-2016-4738.patch
  * libxslt-1.1.28-CVE-2017-5029.patch

- Fix RPM groups. Drop ineffective --with-pic.
  Trim conjecture from description.

- Add gpg signature
- Cleanup spec file with spec-cleaner

- Fixed CVE-2017-5029 bcs#1035905
  * Limit buffer size in xsltAddTextString to INT_MAX
- Added patch libxslt-1.1.28-CVE-2017-5029.patch

- security update: initialize random generator, CVE-2015-9019
  [bsc#934119]
  + libxslt-random-seed.patch

- Added patch libxslt-CVE-2016-4738.patch
  * Fix heap overread in xsltFormatNumberConversion: An empty
    decimal-separator could cause a heap overread. This can be
    exploited to leak a couple of bytes after the buffer that holds
    the pattern string.
  * bsc#1005591 CVE-2016-4738

- Update to 1.1.29:
  * new release after 4 years with few bugfies all around
- Refresh patch 0009-Make-generate-id-deterministic.patch to apply
- Remove cve patch that was integrated upstream:
  libxslt-1.1.28-type_confusion_preprocess_attr.patch
- Unpack the manpage as the compression is set by buildbot not always gz

- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
  type confusion in preprocessing attributes [bnc#952474],
  [CVE-2015-7995]

- fix package with "soname" should obsolete libxslt package on suse < 12.2 (SLE11)

- add 0009-Make-generate-id-deterministic.patch from debian's
  reproducible builds project to avoid randomness in generated IDs

- update to 1.1.28:
  * fix generate-id() to avoid generating the same ID
  * fix crash with empty xsl:key/@match attribute
  * fix crash when passing an uninitialized variable to document()
  * fix regression: default namespace not correctly used
  * remove xsltTransStorageAdd and xsltTransStorageRemove from symbols.xml
- changes from 1.1.27:
  * link python module with python library (Frederic Crozat)
  * report errors on variable use in key
  * the XSLT namespace string is a constant one
  * fix handling of names in xsl:attribute
  * reserved namespaces in xsl:element and xsl:attribute
  * null-terminate result string of cry:rc4_decrypt
  * EXSLT date normalization fix
  * exit after compilation of invalid func:result
  * fix for EXSLT func:function
  * rewrite EXSLT string:replace to be conformant
  * avoid a heap use after free error
  * fix a dictionary string usage
  * output should not include extraneous newlines when indent is off
  * document('') fails to return stylesheets parsed from memory
  * xsltproc should return an error code if xinclude fails
  * forwards-compatible processing of unknown top level elements
  * fix system-property with unknown namespace
  * fix default template processing on namespace nodes
  * fix a bug in selecting XSLT elements
  * fix a memory leak with xsl:number
  * fix a problem with ESXLT date:add() with January
  * fix generate-id() to not expose object addresses
  * allow whitespace in xsl:variable with select
  * fix direct pattern matching bug
  * add the saxon:systemId extension
  * add an append mode to document output
  * fix portability to upcoming libxml2-2.9.0
  * precompile patterns in xsl:number
- change soname macro back to "1" and enforce it in the files list
- revert -tools subpackage for openSUSE < 12.2 as that has only
  become effective since 12.2 on the package that ships with the
  distribution, to avoid having a completely different package
  layout in this repository as compared to the stock distribution
  packages (added a Provides: libxslt-tools though)

- add macro "soname" %{name}1
- fix "self obsoletion"

- Make sure to follow shlib policy; put tools in a separate package
  like done in libxml2

- Remove redundant tags (License: field is inherited)
- Use exact EVR for Provides: