Ubuntu
libxml2 package

libxml2 2.9.10+dfsg-5ubuntu0.20.04.1 source package in Ubuntu

Changelog

libxml2 (2.9.10+dfsg-5ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-24977.patch: Make sure that truncated UTF-8
      sequences don't cause an out-of-bounds array access in xmllint.
    - CVE-2020-24977
  * SECURITY UPDATE: use-after-free in xmlEncodeEntitiesInternal
    - debian/patches/CVE-2021-3516.patch: Call htmlCtxtUseOptions to make sure
      that names aren't stored in dictionaries.
    - CVE-2021-3516
  * SECURITY UPDATE: heap-based buffer overflow in xmlEncodeEntitiesInternal
    - debian/patches/CVE-2021-3517.patch: Add some checks to validate input is
      UTF-8 format, supplementing CVE-2020-24977 fix.
    - CVE-2021-3517
  * SECURITY UPDATE: use-after-free in xmlXIncludeDoProcess
    - debian/patches/CVE-2021-3518.patch: Move from a block list to an allow
      list approach to avoid descending into other node types that can't
      contain elements.
    - CVE-2021-3518
  * SECURITY UPDATE: NULL pointer dereference in xmlValidBuildAContentModel
    - debian/patches/CVE-2021-3537.patch: Check return value of recursive calls
      to xmlParseElementChildrenContentDeclPriv and return immediately in case
      of errors.
    - CVE-2021-3537
  * SECURITY UPDATE: Exponential entity expansion
    - debian/patches/Patch-for-security-issue-CVE-2021-3541.patch: Add check to
      xmlParserEntityCheck to prevent entity exponential.
    - CVE-2021-3541

 -- Avital Ostromich <email address hidden>  Wed, 26 May 2021 19:51:20 -0400

Upload details

Uploaded by:
Avital Ostromich
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libxml2_2.9.10+dfsg.orig.tar.xz 2.4 MiB 65ee7a2f5e100c64ddf7beb92297c9b2a30b994a76cd1fab67470cf22db6b7d0
libxml2_2.9.10+dfsg-5ubuntu0.20.04.1.debian.tar.xz 30.8 KiB 1dab64d99f1f965c5dd7cb2adf0b8faca41f9624ca786e5e282535a80330edd4
libxml2_2.9.10+dfsg-5ubuntu0.20.04.1.dsc 2.9 KiB b2ff47362421366472ffab1c6c7e757fd167e0a2af250b941c9aea825ba74035

View changes file

Binary packages built by this source

libxml2: GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides a library providing an extensive API to handle
 such XML data files.

libxml2-dbgsym: debug symbols for libxml2
libxml2-dev: Development files for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 Install this package if you wish to develop your own programs using
 the GNOME XML library.

libxml2-doc: Documentation for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains general information about the GNOME XML library
 and more specific API references.

libxml2-utils: XML utilities

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides xmllint, a tool for validating and reformatting
 XML documents, and xmlcatalog, a tool to parse and manipulate XML or
 SGML catalog files.

libxml2-utils-dbgsym: debug symbols for libxml2-utils
python-libxml2: Python bindings for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python programs.

python-libxml2-dbg: Python bindings for the GNOME XML library (debug extension)

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python programs for use with the Python debug interpreter.

python3-libxml2: Python3 bindings for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python3 programs.

python3-libxml2-dbg: Python3 bindings for the GNOME XML library (debug extension)

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python3 programs for use with the Python3 debug interpreter.