[xml/sgml-pkgs] libxml2_2.9.3+dfsg1-1.1_sourceonly.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Jun 2 06:21:25 UTC 2016



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 May 2016 06:51:08 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: source
Version: 2.9.3+dfsg1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Closes: 812807 813613 819006 823405 823414
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Changes:
 libxml2 (2.9.3+dfsg1-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
   * heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
   * Add missing increments of recursion depth counter to XML parser
     (CVE-2016-3705) (Closes: #823414)
   * Avoid an out of bound access when serializing malformed strings
     (CVE-2016-4483) (Closes: #823405)
   * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
   * Heap-based buffer overread in xmlParserPrintFileContextInternal
     (CVE-2016-1838)
   * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
     CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
   * Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
   * Fix inappropriate fetch of entities content (CVE-2016-4449)
   * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
     (CVE-2016-1837)
   * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
   * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
   * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
   * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)
Checksums-Sha1: 
 b71f106c35efd70433b37368ee862ac9752aa349 2583 libxml2_2.9.3+dfsg1-1.1.dsc
 3e6cf816b41f9e3f70520096be8da0cb738804a8 39456 libxml2_2.9.3+dfsg1-1.1.debian.tar.xz
Checksums-Sha256: 
 50fc6db96e8f890262706c010c71bf771729a3768c2b9a44eb3b6c98313097d4 2583 libxml2_2.9.3+dfsg1-1.1.dsc
 51889d4f48812d602fc107b5ed3b94903f8bfddf05e1624a8cb4bc07c36fdc28 39456 libxml2_2.9.3+dfsg1-1.1.debian.tar.xz
Files: 
 a8c5193060dc99c9882e5458826db04e 2583 libs optional libxml2_2.9.3+dfsg1-1.1.dsc
 90f7f502b79ef1637b9962a3cea09c49 39456 libs optional libxml2_2.9.3+dfsg1-1.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXSSiKAAoJEAVMuPMTQ89ECJ0P/2u871OO4pgfeAqHDgA8LuIB
xYgUviq+QSVh1E/6Ofl4Nqtvymh2Au0nwapVkmPrPvDP4ABHmHWoAIDViwXTqGPD
/PvjZJlvH2PcF2SG/IQB12+TXfunbHd+eNruPeooQzIIusc5bC5aErfQyIsj79Gz
uwHUuuVehxEhkDTkVfZ+cTzhVWwIjd9mnrGp8O05Ud7LYR02X3eIY94ic6BGAQEt
RZS8WUcyUvqnZ/YPObZWUgbMMDsEFIht4Jsh9PbWTjjgxsgfxna6hzOPjFnESvse
M5O/e1UjoHQsdTr0/MMRu3WUMssvUhrsQYSeHUN9eTDSWprW66YIwa277FRk+06o
chV18BstB9nadpdiJgY3EdUJ/xsnIdTjni9zG8EXGOaQUNByC/53uiwXO+/+hpbp
EP6nNFEmaReiFcY1FJS/XFFlfXiGZrgSvdOYSXvQLfABapdZ0MWZ+YeA71RWKYE9
VnQL/9lml0c2RflDyYdJFsStmzFkT3UCVxNoQP9+XX9MTG+YsrOYo6+FoR0XzZne
WTu35rKiwCm107lqE3Q/L7il0TvAKSop2FgJPZC9Qscdz9aUWAwMF6C3dX0eRgnI
8hfHxvxoKpeOTa4RkLd7LxPwLJoGOQ8McTG3xy2tVjB7WvXIVS3/zbVqxwV8F1cn
BsEi51AsXIzn9NoPsqH5
=0VWR
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the debian-xml-sgml-pkgs mailing list