Ubuntu
libxml2 package

Change logs for libxml2 source package in Utopic

  1. Utopic (14.10)
  2. Change log 
  • libxml2 (2.9.1+dfsg1-4ubuntu1) utopic; urgency=medium

  * SECURITY UPDATE: denial of service via entity expansion
    - debian/patches/CVE-2014-3660.patch: added additional tests to
      parser.c.
    - CVE-2014-3660
 -- Marc Deslauriers <email address hidden>   Thu, 16 Oct 2014 15:28:40 -0400
  • libxml2 (2.9.1+dfsg1-4) unstable; urgency=low


  [ Christian Svensson ]
  * Do not build-depend on readline (Closes: #742350)

  [ Daniel Schepler ]
  * Patch to bootstrap without python (Closes: #738080)

  [ Helmut Grohne ]
  * Drop unneeded B-D on perl and binutils (Closes: #753005)

  [ Adam Conrad ]
  * Actually run dh_autoreconf, which the old/new mixed rules file misses.

  [ Matthias Klose ]
  * Add patch to fix python multiarch issue
  * Allow the package to cross-build by tweaking B-Ds on python
  * Set PYTHON_LIBS for cross builds

  [ Aron Xu ]
  * Use correct $CC
  * Configure udeb without python
  * New round of cherry-picking upstream fixes
    - Includes fixes for CVE-2014-0191 (Closes: #747309).
  * Call prename with -vf
  * Require python-all-dev (>= 2.7.5-5~)
  * Bump std-ver: 3.9.4 -> 3.9.5, no change

 -- Aron Xu <email address hidden>  Wed, 09 Jul 2014 05:40:15 +0800
  • libxml2 (2.9.1+dfsg1-3ubuntu7) utopic; urgency=medium

  * SECURITY REGRESSION: more xmllint regressions (LP: #1321869)
    - debian/patches/lp1321869.patch: use upstream commit which includes
      additional regression fixes to parser.c.
 -- Marc Deslauriers <email address hidden>   Fri, 13 Jun 2014 07:26:35 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu6) utopic; urgency=medium

  * SECURITY REGRESSION: xmllint no longer loads entities with --postvalid
    (LP: #1321869)
    - debian/patches/lp1321869.patch: also check XML_PARSE_DTDLOAD in
      parser.c.
 -- Marc Deslauriers <email address hidden>   Fri, 06 Jun 2014 12:49:52 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu5) utopic; urgency=medium

  * SECURITY UPDATE: resource exhaustion via external parameter entities
    - debian/patches/CVE-2014-0191.patch: do not fetch external parameter
      entities in parser.c.
    - CVE-2014-0191
 -- Marc Deslauriers <email address hidden>   Thu, 08 May 2014 14:25:19 -0400
  • libxml2 (2.9.1+dfsg1-3ubuntu4) trusty; urgency=medium

  * Rebuild to drop files installed into /usr/share/pyshared.
 -- Matthias Klose <email address hidden>   Sun, 23 Feb 2014 13:48:26 +0000