[xml/sgml-pkgs] libxml2_2.9.3+dfsg1-1.1_sourceonly.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu Jun 2 06:21:25 UTC 2016
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 28 May 2016 06:51:08 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: source
Version: 2.9.3+dfsg1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Closes: 812807 813613 819006 823405 823414
Description:
libxml2 - GNOME XML library
libxml2-dbg - Debugging symbols for the GNOME XML library
libxml2-dev - Development files for the GNOME XML library
libxml2-doc - Documentation for the GNOME XML library
libxml2-utils - XML utilities
libxml2-utils-dbg - XML utilities (debug extension)
python-libxml2 - Python bindings for the GNOME XML library
python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Changes:
libxml2 (2.9.3+dfsg1-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
* heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
* Add missing increments of recursion depth counter to XML parser
(CVE-2016-3705) (Closes: #823414)
* Avoid an out of bound access when serializing malformed strings
(CVE-2016-4483) (Closes: #823405)
* Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
* Heap-based buffer overread in xmlParserPrintFileContextInternal
(CVE-2016-1838)
* Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
* Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
* Fix inappropriate fetch of entities content (CVE-2016-4449)
* Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
(CVE-2016-1837)
* Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
* Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
* Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
* Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)
Checksums-Sha1:
b71f106c35efd70433b37368ee862ac9752aa349 2583 libxml2_2.9.3+dfsg1-1.1.dsc
3e6cf816b41f9e3f70520096be8da0cb738804a8 39456 libxml2_2.9.3+dfsg1-1.1.debian.tar.xz
Checksums-Sha256:
50fc6db96e8f890262706c010c71bf771729a3768c2b9a44eb3b6c98313097d4 2583 libxml2_2.9.3+dfsg1-1.1.dsc
51889d4f48812d602fc107b5ed3b94903f8bfddf05e1624a8cb4bc07c36fdc28 39456 libxml2_2.9.3+dfsg1-1.1.debian.tar.xz
Files:
a8c5193060dc99c9882e5458826db04e 2583 libs optional libxml2_2.9.3+dfsg1-1.1.dsc
90f7f502b79ef1637b9962a3cea09c49 39456 libs optional libxml2_2.9.3+dfsg1-1.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJXSSiKAAoJEAVMuPMTQ89ECJ0P/2u871OO4pgfeAqHDgA8LuIB
xYgUviq+QSVh1E/6Ofl4Nqtvymh2Au0nwapVkmPrPvDP4ABHmHWoAIDViwXTqGPD
/PvjZJlvH2PcF2SG/IQB12+TXfunbHd+eNruPeooQzIIusc5bC5aErfQyIsj79Gz
uwHUuuVehxEhkDTkVfZ+cTzhVWwIjd9mnrGp8O05Ud7LYR02X3eIY94ic6BGAQEt
RZS8WUcyUvqnZ/YPObZWUgbMMDsEFIht4Jsh9PbWTjjgxsgfxna6hzOPjFnESvse
M5O/e1UjoHQsdTr0/MMRu3WUMssvUhrsQYSeHUN9eTDSWprW66YIwa277FRk+06o
chV18BstB9nadpdiJgY3EdUJ/xsnIdTjni9zG8EXGOaQUNByC/53uiwXO+/+hpbp
EP6nNFEmaReiFcY1FJS/XFFlfXiGZrgSvdOYSXvQLfABapdZ0MWZ+YeA71RWKYE9
VnQL/9lml0c2RflDyYdJFsStmzFkT3UCVxNoQP9+XX9MTG+YsrOYo6+FoR0XzZne
WTu35rKiwCm107lqE3Q/L7il0TvAKSop2FgJPZC9Qscdz9aUWAwMF6C3dX0eRgnI
8hfHxvxoKpeOTa4RkLd7LxPwLJoGOQ8McTG3xy2tVjB7WvXIVS3/zbVqxwV8F1cn
BsEi51AsXIzn9NoPsqH5
=0VWR
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the debian-xml-sgml-pkgs
mailing list