[xml/sgml-pkgs] libxml2_2.9.1+dfsg1-5+deb8u2_allonly.changes ACCEPTED into proposed-updates->stable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Jun 2 22:08:20 UTC 2016


Mapping stable-security to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 May 2016 06:56:40 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: all source
Version: 2.9.1+dfsg1-5+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Closes: 812807 813613 819006 823405 823414
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Changes:
 libxml2 (2.9.1+dfsg1-5+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
   * heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
   * Add missing increments of recursion depth counter to XML parser
     (CVE-2016-3705) (Closes: #823414)
   * Avoid an out of bound access when serializing malformed strings
     (CVE-2016-4483) (Closes: #823405)
   * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
   * Heap-based buffer overread in xmlParserPrintFileContextInternal
     (CVE-2016-1838)
   * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
     CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
   * Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
   * Fix inappropriate fetch of entities content (CVE-2016-4449)
   * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
     (CVE-2016-1837)
   * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
   * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
   * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
   * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)
Checksums-Sha1: 
 09f25ba5032fe276316f25b2f2845a9f41666130 2591 libxml2_2.9.1+dfsg1-5+deb8u2.dsc
 307d1a803dbb46731fd37ba2796a8901607dc5b8 62880 libxml2_2.9.1+dfsg1-5+deb8u2.debian.tar.xz
 539ba130fbe761bf6ae8608b7e03f49cf99833a0 814510 libxml2-doc_2.9.1+dfsg1-5+deb8u2_all.deb
Checksums-Sha256: 
 a3bdc94653d45c2095f9bab65c46b5c7ab2bb63c31e1b41ad6190eca66f7e717 2591 libxml2_2.9.1+dfsg1-5+deb8u2.dsc
 5440d0031fc34880733fec681bf3e5acf3630b5412ae0731e6418f68ca2d0b81 62880 libxml2_2.9.1+dfsg1-5+deb8u2.debian.tar.xz
 fc8ef4b331ba5fff28436581aea8f9ac8069b633a7b74765cdf38aff89601c1d 814510 libxml2-doc_2.9.1+dfsg1-5+deb8u2_all.deb
Files: 
 517aa199d7166cdca33b83003bca8aca 2591 libs optional libxml2_2.9.1+dfsg1-5+deb8u2.dsc
 3d72631c0f0fdae4b49764d8ad8e958d 62880 libs optional libxml2_2.9.1+dfsg1-5+deb8u2.debian.tar.xz
 e3049d4681201d19bd5a9ebdf1d961cd 814510 doc optional libxml2-doc_2.9.1+dfsg1-5+deb8u2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXSScJAAoJEAVMuPMTQ89ESjcQAJWjj2LVXItdXF69FNTOOynb
Bm8Lm0zP0rpBp381ArvIO5VhUyUxI2Znp/yJbhcCtk0keEpdnwrXy7vF8FWKrtbg
GeprvF7u8d3QAr3zzJ39LDoHyrJVr1XEcpIAYpJln1jnRsFPWEnh2+FVo9Uh+Pxw
7psefF9QwWqyzGNoxmupQ3oHAsezGPII+HU7yLWAMabQrSbcCn9y6DMk54QkBwrI
J1X7D8veDDwn0toxZmpGC7yAdfvHuBv3uw7dQPiBPIFfvVnTTvnc2kHLaUH1NSPS
IfItwub2SoTrKCcidfSnA+NGKMVZPr0u7pocq3DIoXRgpJbfV7DhWvNDKE6hensn
HYJ4gjXx9RVZmt6OUphR2Wf1WlDrC6ezS2tBBQ5lUUW/OOg3AF6ml5FcgdxiuP/q
e78TO0pkxkECTVgbll+WAut7H+HyIaPsI81UY564YtSg5xQTWdlywwQhmlxylWV/
a86BcWARjaYHQiave/2Mm/oxl/j0ivTEo/ok787fT2FExRE2ofGeJNxqe13X3d36
G543GNjt8wJi6TEatDF0semb1zbTqtC5xtdEg/tBjwYgm7wlifDW0lUI+s5p3Z2C
VGoXEZx4Uc3mOaq3QuakIRPtVI4a+Sst8SfxtZydqnYRO+WpbY3KfbBnXhgzThpH
RWh9XtQB2OXT6ffvlD6X
=k3h5
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the debian-xml-sgml-pkgs mailing list