Ubuntu
libxml2 package

libxml2 2.9.1+dfsg1-3ubuntu4.8 source package in Ubuntu

Changelog

libxml2 (2.9.1+dfsg1-3ubuntu4.8) trusty-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overread in xmlNextChar
    - debian/patches/CVE-2016-1762.patch: return after error in parser.c.
    - CVE-2016-1762
  * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar
    - debian/patches/CVE-2016-1833-pre.patch: clear up NULL deref in
      parserInternals.c.
    - debian/patches/CVE-2016-1833-pre2.patch: handle 0-length entities in
      parserInternals.c.
    - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c.
    - CVE-2016-1833
  * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat
    - debian/patches/CVE-2016-1834.patch: check for negative lengths in
      xmlstring.c.
    - CVE-2016-1834
  * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs
    - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests
      to result/errors/759020.xml.err, result/errors/759020.xml.str,
      test/errors/759020.xml.
    - CVE-2016-1835
  * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey
    - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in
      parser.c, added tests to result/errors/759398.xml.err,
      result/errors/759398.xml.str, test/errors/759398.xml.
    - CVE-2016-1836
  * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and
    htmlParseSystemiteral
    - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in
      HTMLparser.c.
    - CVE-2016-1837
  * SECURITY UPDATE: heap-based buffer overread in
    xmlParserPrintFileContextInternal
    - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c,
      add tests to result/errors/758588.xml.err,
      result/errors/758588.xml.str, test/errors/758588.xml.
    - CVE-2016-1838
  * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString
    - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c.
    - CVE-2015-8806
    - CVE-2016-1839
    - CVE-2016-2073
  * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup
    - debian/patches/CVE-2016-1840.patch: properly handle error in
      xmlregexp.c.
    - CVE-2016-1840
  * SECURITY UPDATE: avoid building recursive entities
    - debian/patches/CVE-2016-3627.patch: properly handle recursion in
      parser.c, tree.c.
    - CVE-2016-3627
  * SECURITY UPDATE: recursion depth counter issue
    - debian/patches/CVE-2016-3705.patch: properly could recursion depth in
      parser.c.
    - CVE-2016-3705
  * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName
    - debian/patches/CVE-2016-4447.patch: improve error handling in
      parser.c.
    - CVE-2016-4447
  * SECURITY UPDATE: inappropriate fetch of entities content
    - debian/patches/CVE-2016-4449.patch: fix another external entity fetch
      in parser.c.
    - CVE-2016-4449
  * SECURITY UPDATE: out of bound access when serializing malformed strings
    - debian/patches/CVE-2016-4483.patch: improve string handling in
      xmlsave.c.
    - CVE-2016-4483

 -- Marc Deslauriers <email address hidden>  Fri, 03 Jun 2016 08:59:55 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libxml2_2.9.1+dfsg1.orig.tar.gz 3.6 MiB f3ec5256412192f74833286c4490672500b232ed1c9195214db2c641df064a28
libxml2_2.9.1+dfsg1-3ubuntu4.8.debian.tar.gz 60.6 KiB f56fdd231994787d0cd2cb16d5fdb697b797e0f1b57f9a920345ddfc74fb6201
libxml2_2.9.1+dfsg1-3ubuntu4.8.dsc 2.6 KiB 81c18158a8e335691e8fd88f8aa7e45ab2d2a1ee9011c7e6b48331fad2534b96

View changes file

Binary packages built by this source

libxml2: GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides a library providing an extensive API to handle
 such XML data files.

libxml2-dbg: Debugging symbols for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides the debugging symbols for the library.

libxml2-dbgsym: debug symbols for package libxml2

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides a library providing an extensive API to handle
 such XML data files.

libxml2-dev: Development files for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 Install this package if you wish to develop your own programs using
 the GNOME XML library.

libxml2-dev-dbgsym: debug symbols for package libxml2-dev

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 Install this package if you wish to develop your own programs using
 the GNOME XML library.

libxml2-doc: Documentation for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains general information about the GNOME XML library
 and more specific API references.

libxml2-udeb: GNOME XML library - minimal runtime

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This is a minimal package for use in debian-installer that yields a
 library providing an extensive API to handle such XML data files.

libxml2-udeb-dbgsym: debug symbols for package libxml2-udeb

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This is a minimal package for use in debian-installer that yields a
 library providing an extensive API to handle such XML data files.

libxml2-utils: XML utilities

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides xmllint, a tool for validating and reformatting
 XML documents, and xmlcatalog, a tool to parse and manipulate XML or
 SGML catalog files.

libxml2-utils-dbg: XML utilities (debug extension)

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides the debugging symbols for the utilities provided
 by the libxml2-utils package.

libxml2-utils-dbgsym: debug symbols for package libxml2-utils

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides xmllint, a tool for validating and reformatting
 XML documents, and xmlcatalog, a tool to parse and manipulate XML or
 SGML catalog files.

python-libxml2: Python bindings for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python programs.

python-libxml2-dbg: Python bindings for the GNOME XML library (debug extension)

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python programs for use with the Python debug interpreter.

python-libxml2-dbgsym: debug symbols for package python-libxml2

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python programs.