Format: 1.8 Date: Fri, 03 Jun 2016 08:05:40 -0400 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: arm64 Version: 2.9.3+dfsg1-1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.3+dfsg1-1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread in xmlNextChar - debian/patches/CVE-2016-1762.patch: return after error in parser.c. - CVE-2016-1762 * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c. - CVE-2016-1833 * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat - debian/patches/CVE-2016-1834.patch: check for negative lengths in xmlstring.c. - CVE-2016-1834 * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests to result/errors/759020.xml.err, result/errors/759020.xml.str, test/errors/759020.xml. - CVE-2016-1835 * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in parser.c, added tests to result/errors/759398.xml.err, result/errors/759398.xml.str, test/errors/759398.xml. - CVE-2016-1836 * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in HTMLparser.c. - CVE-2016-1837 * SECURITY UPDATE: heap-based buffer overread in xmlParserPrintFileContextInternal - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c, add tests to result/errors/758588.xml.err, result/errors/758588.xml.str, test/errors/758588.xml. - CVE-2016-1838 * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c. - CVE-2015-8806 - CVE-2016-1839 - CVE-2016-2073 * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup - debian/patches/CVE-2016-1840.patch: properly handle error in xmlregexp.c. - CVE-2016-1840 * SECURITY UPDATE: avoid building recursive entities - debian/patches/CVE-2016-3627.patch: properly handle recursion in parser.c, tree.c. - CVE-2016-3627 * SECURITY UPDATE: recursion depth counter issue - debian/patches/CVE-2016-3705.patch: properly could recursion depth in parser.c. - CVE-2016-3705 * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName - debian/patches/CVE-2016-4447.patch: improve error handling in parser.c. - CVE-2016-4447 * SECURITY UPDATE: inappropriate fetch of entities content - debian/patches/CVE-2016-4449.patch: fix another external entity fetch in parser.c. - CVE-2016-4449 * SECURITY UPDATE: out of bound access when serializing malformed strings - debian/patches/CVE-2016-4483.patch: improve string handling in xmlsave.c. - CVE-2016-4483 Checksums-Sha1: 821c6f49a812e0f134e6fa0b65cdd9aab67811cb 1702590 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 2f2df1907af4b954c36dcbafa20f85bb38a18d08 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb a7808ca925ee47462203813e70848441c841292e 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb f542730effbfe6ebae6cb127833bfd7944dc12b2 642650 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 301695b10c290461601056c5fe5df16b704c989f 1052 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb f1e60ca9b787cf6b9d7ddd15d3d9deacb5c6c3d7 500542 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_arm64.udeb c2b2292f0fa84d5294ccdcf88a513a8d8d6514c3 74992 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 5967509b71bd1802e51f543475516710aa966376 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb 230dac384364ba66a5b541312f5bccde7ddece8f 33116 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 481a4a285ec64ca286fd8adeec3bb9bdd262fd9b 565034 libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 7392f90c6afe40d24309835ff42864172e4e863e 246796 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 8873bc23b2b80f06a46bba3bacbaed82a5767780 127448 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb Checksums-Sha256: b81289fc9965cd47892b26904bfea4f7343a0945d9512362cc18aeeae4a72e16 1702590 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 5c11e27bff40f84aef52ae79bcd1bb7fc96bfd68d2505f77b42ee37d1910e01a 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb 401b0d9936f2b9eb065dc5dc7d21bb78edf0318a040559aee5a225995dbda3b1 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb 18519029bfc2a2ed3cba1e5eca7955fc2ac6b51e3af618366683c52c4131302c 642650 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_arm64.deb b71b677643ab9dfbbc6302f6b88053b23845d982dfd6c041659b55fd487acd1a 1052 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb f87e8a58b20d023ff38ae76074baea7732e7a6f09aa456e6da0a4d544fdbbe39 500542 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_arm64.udeb b6d80f2f60164d8425b31ec5c6de61c090e6926c6290da931c68076397b8fcd8 74992 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 844c176da8eb81762a01499d5fc180def2b88c737fa29ac664320b62bcce9e79 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb ac15a943a41e5197c303a120008e2f203034ec45fdba3c6b27a164bc39781126 33116 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 6fd1fb4ac1ba12e21f3e9b75e8ba15cc05730d72c58a22f58381dbafda1fd39b 565034 libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb f97284b8e89852b01a4536b9bcaffefa368f2eb9723670615344c3b46530efa5 246796 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 5d45b82a21d134a0d401a4144a27c7fb9c49847bf096f157f360c0706538cd3f 127448 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb Files: 4df970596178fa684ff65399830ba5e3 1702590 debug extra libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb bd433ca1f0a2d87935bbd4f1daa7124b 1058 libs extra libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb e3abbe5bf1d9afcfb035e8b3146892c9 1060 libdevel extra libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb f4f611482a9ad17e5fc2f262109d2229 642650 libdevel optional libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 1712596bba7f9955174510a2ebd12ec5 1052 debian-installer extra libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb 84b5771e94b3e742e84be28b5d26a926 500542 debian-installer optional libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_arm64.udeb 3369c1566afdc7b34422196f9ab6cc18 74992 debug extra libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 451c1b0c9a08521813197071d570895d 1086 text extra libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_arm64.ddeb 6e49b1d32e1007ce9a5c63612624ee02 33116 text optional libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_arm64.deb c3af8a205b10aabff7911f1197d8ef5a 565034 libs standard libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 8f3e714e8b728fee878ecaefdf929e5b 246796 debug extra python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_arm64.deb 2d9a022be0509a16e98243982c60a0db 127448 python optional python-libxml2_2.9.3+dfsg1-1ubuntu0.1_arm64.deb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb