-
libxml2 (2.7.8.dfsg-2ubuntu0.5) natty-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
incorrect buffer sizes.
- http://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626
- http://git.gnome.org/browse/libxml2/commit/?id=4f9fdc709c4861c390cd84e2ed1fd878b3442e28
- http://git.gnome.org/browse/libxml2/commit/?id=baaf03f80f817bb34c421421e6cb4d68c353ac9a
- CVE-2012-2807
-- Marc Deslauriers <email address hidden> Wed, 26 Sep 2012 13:16:03 -0400
-
libxml2 (2.7.8.dfsg-2ubuntu0.4) natty-security; urgency=low
* SECURITY UPDATE: Fix an off by one pointer access in xpointer.c
- d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
- CVE-2011-3102
-- Jamie Strandboge <email address hidden> Fri, 18 May 2012 08:57:22 -0500
-
libxml2 (2.7.8.dfsg-2ubuntu0.3) natty-security; urgency=low
* SECURITY UPDATE: add randomization to dictionaries with hash tables
help prevent denial of service via hash algorithm collision
- configure.in: lookup for rand, srand and time
- dict.c: add randomization to dictionaries hash tables
- hash.c: add randomization to normal hash tables
- 8973d58b7498fa5100a876815476b81fd1a2412a
- CVE-2012-0841
-- Jamie Strandboge <email address hidden> Fri, 24 Feb 2012 15:16:14 -0600
-
libxml2 (2.7.8.dfsg-2ubuntu0.2) natty-security; urgency=low
* SECURITY UPDATE: fix off-by-one leading to denial of service
- encoding.c: adjust calculation of space available
- 69f04562f75212bfcabecd190ea8b06ace28ece2
- CVE-2011-0216
* SECURITY UPDATE: fix double free in XPath evaluation
- xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
entering a function or a scoped evaluation
- f5048b3e71fc30ad096970b8df6e7af073bae4cb
- CVE-2011-2821
* SECURITY UPDATE: fix double free in XPath evaluation
- xpath.c: fix missing error status in XPath evaluation
- 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
- CVE-2011-2834
* SECURITY UPDATE: fix out of bounds read
- parser.c: make sure the parser returns when getting a Stop order
- 77404b8b69bc122d12231807abf1a837d121b551
- CVE-2011-3905
* SECURITY UPDATE: fix heap overflow
- parser.c: fix an allocation error when copying entities
- 5bd3c061823a8499b27422aee04ea20aae24f03e
- CVE-2011-3919
-- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:40:28 -0600
-
libxml2 (2.7.8.dfsg-2ubuntu0.1) natty-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
specially crafted xml file
- xpath.c: update count only if allocation succeeds.
- http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
- CVE-2011-1944
-- Marc Deslauriers <email address hidden> Thu, 16 Jun 2011 09:18:48 -0400
-
libxml2 (2.7.8.dfsg-2) unstable; urgency=low
* xpath.c: Fix a double-freeing error in XPath processing code.
(CVE-2010-4494). Closes: #607922.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 27 Dec 2010 10:59:50 +0000
-
libxml2 (2.7.8.dfsg-1) unstable; urgency=low
* New upstream release.
* configure.in: Applied upstream fix to reactivate symbol versioning script.
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 05 Nov 2010 10:19:12 +0000
-
libxml2 (2.7.7.dfsg-4) unstable; urgency=low
* debian/rules:
- Use a variable to express which sub-targets to invoke for
configure/build/install.
- Refactor configure-% and build-% rules.
- Avoid possible renaming of _d.so files to _d_d.so files in the
install-python%-dbg rules.
* debian/control, debian/control.udeb, debian/libxml2-udeb.install,
debian/rules: Add an udeb package when building for Ubuntu.
Closes: #583767.
* debian/control:
- Remove old Conflicts/Replaces for packages that have disappeared before
etch.
- Bump Standards-Version to 3.9.0.0.
libxml2 (2.7.7.dfsg-3) unstable; urgency=low
* debian/rules: Use build_python* instead of build-python* as build
directory when configuring python modules. build-python$* would get
matched by make as an existing file and would prevent evaluation of the
corresponding build rule. Thanks Loïc Minier.
* debian/python-libxml2.install: Don't hardcode site-/dist-packages in
.install. Cope with builds which don't have any dist-packages (or
site-packages) based python versions. Thanks Loïc Minier.
* debian/rules, debian/python-libxml2-dbg.install, debian/control:
Add a python-libxml2-dbg package. Closes: #583582.
* debian/rules: Don't link against libpython.
* python-libxml2-dbg.preinst: Remove /usr/share/doc/python-libxml2-dbg
symlink when it exists (which is the case with older Ubuntu packages).
-- Lo?c Minier <email address hidden> Mon, 05 Jul 2010 13:11:26 +0100