Format: 1.8 Date: Fri, 03 Jun 2016 08:05:40 -0400 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: amd64 all Version: 2.9.3+dfsg1-1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.3+dfsg1-1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread in xmlNextChar - debian/patches/CVE-2016-1762.patch: return after error in parser.c. - CVE-2016-1762 * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c. - CVE-2016-1833 * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat - debian/patches/CVE-2016-1834.patch: check for negative lengths in xmlstring.c. - CVE-2016-1834 * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests to result/errors/759020.xml.err, result/errors/759020.xml.str, test/errors/759020.xml. - CVE-2016-1835 * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in parser.c, added tests to result/errors/759398.xml.err, result/errors/759398.xml.str, test/errors/759398.xml. - CVE-2016-1836 * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in HTMLparser.c. - CVE-2016-1837 * SECURITY UPDATE: heap-based buffer overread in xmlParserPrintFileContextInternal - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c, add tests to result/errors/758588.xml.err, result/errors/758588.xml.str, test/errors/758588.xml. - CVE-2016-1838 * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c. - CVE-2015-8806 - CVE-2016-1839 - CVE-2016-2073 * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup - debian/patches/CVE-2016-1840.patch: properly handle error in xmlregexp.c. - CVE-2016-1840 * SECURITY UPDATE: avoid building recursive entities - debian/patches/CVE-2016-3627.patch: properly handle recursion in parser.c, tree.c. - CVE-2016-3627 * SECURITY UPDATE: recursion depth counter issue - debian/patches/CVE-2016-3705.patch: properly could recursion depth in parser.c. - CVE-2016-3705 * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName - debian/patches/CVE-2016-4447.patch: improve error handling in parser.c. - CVE-2016-4447 * SECURITY UPDATE: inappropriate fetch of entities content - debian/patches/CVE-2016-4449.patch: fix another external entity fetch in parser.c. - CVE-2016-4449 * SECURITY UPDATE: out of bound access when serializing malformed strings - debian/patches/CVE-2016-4483.patch: improve string handling in xmlsave.c. - CVE-2016-4483 Checksums-Sha1: 48b303933905721b48f61f2ef8a9d3929165ee7c 1666676 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb df04184c725906daaa82b81a4b079c19ee8e4bbb 1060 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 6ff450d53ca4ce6d79a794e4728d0ad60ff89be1 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 2e1db10e16850bfd5e165414b2badeb3adc880ac 742850 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 7e92366f939c3a2c7b21b1f09ff99e89e126593e 816872 libxml2-doc_2.9.3+dfsg1-1ubuntu0.1_all.deb f111583853c03b7dcf78c28dfcb31adb795f1a9c 1050 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 34be42ca64eb45f5f6b8e45b02864a17bca01314 631488 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_amd64.udeb 96945de24474efcc13a2d74130f134824461916f 72140 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb c63be3fa1cbbadd280a1601669798eb4bae308bb 1082 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb dced840e54b1ac9ee448c2056849954d1d40ba93 37452 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 09da6222d18e2fa697e93c1c6a9a36c107f1603f 695872 libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 1e9aaaff503b7e04dab1a162e77bf2b471eb501a 260072 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 7c73967822469823fe2592f6d662e67d0c18e786 140620 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb Checksums-Sha256: aa8f68cd82c28932555a16b69df7ff1916b5b5031c3e5e0f9932df4edb385785 1666676 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 18ca121b0e8475a2ccc3f5b008d3eca2b4fb5b6fe76a4027443ce6a4011c01ec 1060 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb f295e762f19653759466ac3490ce6ac0b5c80b58227b81da89ecf5adfeeac959 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb c0177583e564160c8ad9f6892a0d56c24826697b4bbfaaa7475835b5a4b8815e 742850 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 35bb2f4f791ccd7b3b799ebd9c3462002d16ce81bb22c173b07ab141e356b163 816872 libxml2-doc_2.9.3+dfsg1-1ubuntu0.1_all.deb 4c0381dcc15b2cfb5b24ea2ea6210dfc84beca24d7ae414464d8069994e3b02a 1050 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb cca9c9d2d28a1b4840a6568a634ac238c80d9443d4209401ce9000bb0f4930a8 631488 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_amd64.udeb 417767db83fd89060f48725beb07433f846d46b7024feaa2129e944ee70accf3 72140 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb f0c575930dad49e3d048a92dd6b5586d77e8cf7ecc85a9994c2df8e54448d888 1082 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb a72f609eb2413d0a96c6341e0386fafc58199f901e36bf3593f51d362c7be991 37452 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_amd64.deb da5573404b6a514b9f90e9a0ec836b0cdcc8ee6657e8e495d0b55610c885b201 695872 libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 4a7c4243fd90cf036110c09bfd8bef254c393ff50c00be6bee52b8b6029b7059 260072 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 681fb8dde72798bc7fd5f356e543abb6a0526f4d7ac16e84183890d9adab8cb0 140620 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb Files: 878cc962ec8984e665b354efe0b5a317 1666676 debug extra libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb c2c1436b07be4696454c24f0a35ee32e 1060 libs extra libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 4eb00ebf5ba6771224eb1460cdf8b32b 1060 libdevel extra libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 9071849043d07c0b5c1b4770162d9097 742850 libdevel optional libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 62957d4ab29427a38c0a663dd8140b8d 816872 doc optional libxml2-doc_2.9.3+dfsg1-1ubuntu0.1_all.deb 07604668d4f60c7b11636c44b8264471 1050 debian-installer extra libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb f22ed160460e8019407603e7f3f2352d 631488 debian-installer optional libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_amd64.udeb 00a0807d6e8b08260050214fac901447 72140 debug extra libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 1c8551d248c9c01e3d95dfccf2311930 1082 text extra libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_amd64.ddeb 4f2c6b3ec5bf7b9fbdd6a41dbcdfcb19 37452 text optional libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 9511539a6d6e65289b20892a9fc1be42 695872 libs standard libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb e2d1e60f59470160af7007a01916424b 260072 debug extra python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_amd64.deb 60f3a535f654952adc7a4a5de6947a7e 140620 python optional python-libxml2_2.9.3+dfsg1-1ubuntu0.1_amd64.deb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb