Ubuntu
libxml2 package

Change logs for libxml2 source package in Saucy

  1. Saucy (13.10)
  2. Change log 
  • libxml2 (2.9.1+dfsg1-3ubuntu2.3) saucy-security; urgency=medium

  * SECURITY REGRESSION: more xmllint regressions (LP: #1321869)
    - debian/patches/lp1321869.patch: use upstream commit which includes
      additional regression fixes to parser.c.
 -- Marc Deslauriers <email address hidden>   Fri, 13 Jun 2014 08:34:17 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu2.2) saucy-security; urgency=medium

  * SECURITY REGRESSION: xmllint no longer loads entities with --postvalid
    (LP: #1321869)
    - debian/patches/lp1321869.patch: also check XML_PARSE_DTDLOAD in
      parser.c.
 -- Marc Deslauriers <email address hidden>   Fri, 06 Jun 2014 13:29:55 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu2.1) saucy-security; urgency=medium

  * SECURITY UPDATE: resource exhaustion via external parameter entities
    - debian/patches/CVE-2014-0191.patch: do not fetch external parameter
      entities in parser.c.
    - CVE-2014-0191
 -- Marc Deslauriers <email address hidden>   Thu, 08 May 2014 14:28:54 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu2) saucy; urgency=low

  [ Tim Galeckas ]
  * Fix SIGSEGV when --pretty is specified. LP: #923691
 -- Dmitrijs Ledkovs <email address hidden>   Thu, 22 Aug 2013 21:34:37 +0100
  • libxml2 (2.9.1+dfsg1-3ubuntu1) saucy; urgency=low

  * Merge with Debian; remaining changes:
    - Fix python multi-arch includes issues.
    - Allow the package to cross-build.
    - Set PYTHON_LIBS for cross builds.
    - Remove explicit build dependency on binutils.
    - Configure the udeb --without-python.

libxml2 (2.9.1+dfsg1-3) unstable; urgency=low

  * debian/patches/0007-Fix-XPath-optimization-with-predicates.patch:
    - Upstream patch to fix XPath evaluation issue. (Closes: #713146)
 -- Matthias Klose <email address hidden>   Sat, 17 Aug 2013 10:43:21 +0200
  • libxml2 (2.9.1+dfsg1-2ubuntu1) saucy; urgency=low

  * Merged from Debian unstable. Remaining changes:
    - Fix python multi-arch includes issues.
    - Allow the package to cross-build.
    - Set PYTHON_LIBS for cross builds.
    - Remove explicit build dependency on binutils.
    - Configure the udeb --without-python.
  * Dropped patches:
    - CVE-2013-0338.patch: upstream
    - CVE-2013-1969.patch: upstream

libxml2 (2.9.1+dfsg1-2) unstable; urgency=low

  * Upload to unstable.
  * debian/patches/000[2-6]-*.patch:
     - cherry-picking upstream post-release fixes.

libxml2 (2.9.1+dfsg1-1) experimental; urgency=low

  * New upstream release (Closes: #696300, #705722).
  * Add -llzma for static linking (Closes: #697382).
  * Update symbols.
  * Update debian/watch, thanks to Bart Martens.
  * Use canonical Vcs-* fields.
  * Mark python-libxml2-dbg as "Multi-Arch: same".
 -- Marc Deslauriers <email address hidden>   Thu, 11 Jul 2013 09:31:50 -0400
  • libxml2 (2.9.0+dfsg1-4ubuntu5) saucy; urgency=low

  * SECURITY UPDATE: multiple use after free issues
    - debian/patches/CVE-2013-1969.patch: properly reset pointers in
      HTMLparser.c, parser.c.
    - CVE-2013-1969
 -- Marc Deslauriers <email address hidden>   Tue, 07 May 2013 08:28:15 -0400
  • libxml2 (2.9.0+dfsg1-4ubuntu4) raring; urgency=low

  * SECURITY UPDATE: denial of service via entity expansion
    - debian/patches/CVE-2013-0338.patch: limit number of entity expansions
      in include/libxml/parser.h, parser.c, parserInternals.c.
    - CVE-2013-0338
 -- Marc Deslauriers <email address hidden>   Tue, 26 Mar 2013 10:04:58 -0400