libxml2 2.9.10+dfsg-5ubuntu0.20.10.2 source package in Ubuntu
Changelog
libxml2 (2.9.10+dfsg-5ubuntu0.20.10.2) groovy-security; urgency=medium * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-24977.patch: Make sure that truncated UTF-8 sequences don't cause an out-of-bounds array access in xmllint. - CVE-2020-24977 * SECURITY UPDATE: use-after-free in xmlEncodeEntitiesInternal - debian/patches/CVE-2021-3516.patch: Call htmlCtxtUseOptions to make sure that names aren't stored in dictionaries. - CVE-2021-3516 * SECURITY UPDATE: heap-based buffer overflow in xmlEncodeEntitiesInternal - debian/patches/CVE-2021-3517.patch: Add some checks to validate input is UTF-8 format, supplementing CVE-2020-24977 fix. - CVE-2021-3517 * SECURITY UPDATE: use-after-free in xmlXIncludeDoProcess - debian/patches/CVE-2021-3518.patch: Move from a block list to an allow list approach to avoid descending into other node types that can't contain elements. - CVE-2021-3518 * SECURITY UPDATE: NULL pointer dereference in xmlValidBuildAContentModel - debian/patches/CVE-2021-3537.patch: Check return value of recursive calls to xmlParseElementChildrenContentDeclPriv and return immediately in case of errors. - CVE-2021-3537 * SECURITY UPDATE: Exponential entity expansion - debian/patches/Patch-for-security-issue-CVE-2021-3541.patch: Add check to xmlParserEntityCheck to prevent entity exponential. - CVE-2021-3541 -- Avital Ostromich <email address hidden> Wed, 26 May 2021 19:43:37 -0400
Upload details
- Uploaded by:
- Avital Ostromich
- Uploaded to:
- Groovy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libxml2_2.9.10+dfsg.orig.tar.xz | 2.4 MiB | 65ee7a2f5e100c64ddf7beb92297c9b2a30b994a76cd1fab67470cf22db6b7d0 |
libxml2_2.9.10+dfsg-5ubuntu0.20.10.2.debian.tar.xz | 30.9 KiB | 1c6ea76dee99db828adc8d865859c7ccc1d9e77f81e675e1b7d200fa77c5afd3 |
libxml2_2.9.10+dfsg-5ubuntu0.20.10.2.dsc | 2.9 KiB | ea579823d4d1397dda2e6fb6f2b484e30de8d40141531af8f48e2d538db4f9ee |
Available diffs
Binary packages built by this source
- libxml2: No summary available for libxml2 in ubuntu groovy.
No description available for libxml2 in ubuntu groovy.
- libxml2-dbgsym: No summary available for libxml2-dbgsym in ubuntu groovy.
No description available for libxml2-dbgsym in ubuntu groovy.
- libxml2-dev: No summary available for libxml2-dev in ubuntu groovy.
No description available for libxml2-dev in ubuntu groovy.
- libxml2-doc: No summary available for libxml2-doc in ubuntu groovy.
No description available for libxml2-doc in ubuntu groovy.
- libxml2-utils: No summary available for libxml2-utils in ubuntu groovy.
No description available for libxml2-utils in ubuntu groovy.
- libxml2-utils-dbgsym: No summary available for libxml2-utils-dbgsym in ubuntu groovy.
No description available for libxml2-
utils-dbgsym in ubuntu groovy.
- python-libxml2: No summary available for python-libxml2 in ubuntu groovy.
No description available for python-libxml2 in ubuntu groovy.
- python-libxml2-dbg: No summary available for python-libxml2-dbg in ubuntu groovy.
No description available for python-libxml2-dbg in ubuntu groovy.
- python3-libxml2: No summary available for python3-libxml2 in ubuntu groovy.
No description available for python3-libxml2 in ubuntu groovy.
- python3-libxml2-dbg: No summary available for python3-libxml2-dbg in ubuntu groovy.
No description available for python3-libxml2-dbg in ubuntu groovy.