Ubuntu
libxml2 package

Change logs for libxml2 source package in Natty

  1. Natty (11.04)
  2. Change log 
  • libxml2 (2.7.8.dfsg-2ubuntu0.5) natty-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect buffer sizes.
    - http://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626
    - http://git.gnome.org/browse/libxml2/commit/?id=4f9fdc709c4861c390cd84e2ed1fd878b3442e28
    - http://git.gnome.org/browse/libxml2/commit/?id=baaf03f80f817bb34c421421e6cb4d68c353ac9a
    - CVE-2012-2807
 -- Marc Deslauriers <email address hidden>   Wed, 26 Sep 2012 13:16:03 -0400
  • libxml2 (2.7.8.dfsg-2ubuntu0.4) natty-security; urgency=low

  * SECURITY UPDATE: Fix an off by one pointer access in xpointer.c
    - d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
    - CVE-2011-3102
 -- Jamie Strandboge <email address hidden>   Fri, 18 May 2012 08:57:22 -0500
  • libxml2 (2.7.8.dfsg-2ubuntu0.3) natty-security; urgency=low

  * SECURITY UPDATE: add randomization to dictionaries with hash tables
    help prevent denial of service via hash algorithm collision
    - configure.in: lookup for rand, srand and time
    - dict.c: add randomization to dictionaries hash tables
    - hash.c: add randomization to normal hash tables
    - 8973d58b7498fa5100a876815476b81fd1a2412a
    - CVE-2012-0841
 -- Jamie Strandboge <email address hidden>   Fri, 24 Feb 2012 15:16:14 -0600
  • libxml2 (2.7.8.dfsg-2ubuntu0.2) natty-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
      entering a function or a scoped evaluation
    - f5048b3e71fc30ad096970b8df6e7af073bae4cb
    - CVE-2011-2821
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:40:28 -0600
  • libxml2 (2.7.8.dfsg-2ubuntu0.1) natty-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    specially crafted xml file
    - xpath.c: update count only if allocation succeeds.
    - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
    - CVE-2011-1944
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jun 2011 09:18:48 -0400
  • libxml2 (2.7.8.dfsg-2) unstable; urgency=low

  * xpath.c: Fix a double-freeing error in XPath processing code.
    (CVE-2010-4494). Closes: #607922.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  27 Dec 2010 10:59:50 +0000
  • libxml2 (2.7.8.dfsg-1) unstable; urgency=low

  * New upstream release.
  * configure.in: Applied upstream fix to reactivate symbol versioning script.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Fri,  05 Nov 2010 10:19:12 +0000
  • libxml2 (2.7.7.dfsg-4) unstable; urgency=low

  * debian/rules:
    - Use a variable to express which sub-targets to invoke for
      configure/build/install.
    - Refactor configure-% and build-% rules.
    - Avoid possible renaming of _d.so files to _d_d.so files in the
      install-python%-dbg rules.
  * debian/control, debian/control.udeb, debian/libxml2-udeb.install,
    debian/rules: Add an udeb package when building for Ubuntu.
    Closes: #583767.
  * debian/control:
    - Remove old Conflicts/Replaces for packages that have disappeared before
      etch.
    - Bump Standards-Version to 3.9.0.0.

libxml2 (2.7.7.dfsg-3) unstable; urgency=low

  * debian/rules: Use build_python* instead of build-python* as build
    directory when configuring python modules. build-python$* would get
    matched by make as an existing file and would prevent evaluation of the
    corresponding build rule. Thanks Loïc Minier.
  * debian/python-libxml2.install: Don't hardcode site-/dist-packages in
    .install. Cope with builds which don't have any dist-packages (or
    site-packages) based python versions. Thanks Loïc Minier.
  * debian/rules, debian/python-libxml2-dbg.install, debian/control:
    Add a python-libxml2-dbg package. Closes: #583582.
  * debian/rules: Don't link against libpython.
  * python-libxml2-dbg.preinst: Remove /usr/share/doc/python-libxml2-dbg
    symlink when it exists (which is the case with older Ubuntu packages).
 -- Lo?c Minier <email address hidden>   Mon,  05 Jul 2010 13:11:26 +0100