Format: 1.8 Date: Fri, 03 Jun 2016 08:05:40 -0400 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: armhf Version: 2.9.3+dfsg1-1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.3+dfsg1-1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread in xmlNextChar - debian/patches/CVE-2016-1762.patch: return after error in parser.c. - CVE-2016-1762 * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c. - CVE-2016-1833 * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat - debian/patches/CVE-2016-1834.patch: check for negative lengths in xmlstring.c. - CVE-2016-1834 * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests to result/errors/759020.xml.err, result/errors/759020.xml.str, test/errors/759020.xml. - CVE-2016-1835 * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in parser.c, added tests to result/errors/759398.xml.err, result/errors/759398.xml.str, test/errors/759398.xml. - CVE-2016-1836 * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in HTMLparser.c. - CVE-2016-1837 * SECURITY UPDATE: heap-based buffer overread in xmlParserPrintFileContextInternal - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c, add tests to result/errors/758588.xml.err, result/errors/758588.xml.str, test/errors/758588.xml. - CVE-2016-1838 * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c. - CVE-2015-8806 - CVE-2016-1839 - CVE-2016-2073 * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup - debian/patches/CVE-2016-1840.patch: properly handle error in xmlregexp.c. - CVE-2016-1840 * SECURITY UPDATE: avoid building recursive entities - debian/patches/CVE-2016-3627.patch: properly handle recursion in parser.c, tree.c. - CVE-2016-3627 * SECURITY UPDATE: recursion depth counter issue - debian/patches/CVE-2016-3705.patch: properly could recursion depth in parser.c. - CVE-2016-3705 * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName - debian/patches/CVE-2016-4447.patch: improve error handling in parser.c. - CVE-2016-4447 * SECURITY UPDATE: inappropriate fetch of entities content - debian/patches/CVE-2016-4449.patch: fix another external entity fetch in parser.c. - CVE-2016-4449 * SECURITY UPDATE: out of bound access when serializing malformed strings - debian/patches/CVE-2016-4483.patch: improve string handling in xmlsave.c. - CVE-2016-4483 Checksums-Sha1: ee8f9fd4589cedbeb15fe8fa397e910a7ab8319e 1613850 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 8dcc0ffd4cd8028a3d2ad1d8f041ece2b402454c 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb 1e49120aec978a767a74d6551117054e70c3c034 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb b880a4cee82dcbd8437c07bb87428a46ebc07d10 676640 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 5194261b673d5922d1311b9228016e791c50a7e4 1048 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb bfc7baae9dc3b0b03176ca014df2d46ee0668d44 537116 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_armhf.udeb ea81aea7ec73d66093a1fb35237c1facc0247d4b 71832 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 57271240843248bdfe00ec667972934ddf5901b1 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb 33a70f60dea7eb92a6fafac66545d4cb31e79b56 35196 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_armhf.deb aa329646061d5cda02c3ecbb345c59d8170e9911 602710 libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb c7d4a894fbcbc41252ebb2320df58941878cbd6f 238596 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 773aff9425ef694456dddb4c530e10e24f695615 126594 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb Checksums-Sha256: 7b5b9f66b21f36f256d807aa459a9981096fd8c756d1616ac74eb2c818fe6aaf 1613850 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 8ddf9357ec948605fc96edc7a13eb19113601e7a8a4957c5222265a46d2c973f 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb 3ddc5bf4687ac290dff66916b574fbc2bd39ab1f907ab9232bbaca1fe9ffd67b 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb fbba0c9748242ce8ef7eb0c15813f71174ae612d2fbe8d133d88ab23fd8ea677 676640 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 7426c8a89e925f8a1b22fffb71f619a3cec08b83ff0123916ba7c703da4a76b1 1048 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb d064c79374793fd909340433e2eaa3ab2fc959347f9cc3a38b55a42125e6972e 537116 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_armhf.udeb b8aced2afef9cbc4a242545d5d77177be371b7bc227f807c734bd3d0209f49fa 71832 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb ad28ee9f71d7c2e3d73df39c9bdafcdd1ff36e26195d80719588c8f42a3e1767 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb b6bd607c5dc2640b2d68f89fe2c7a612855bc42e9dd065dde951227870d1bac8 35196 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 02ef3d6438e0f089202dfae9912a60cc3202b40d84ca3e88fd16252bd97c1dbb 602710 libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb a657b5a6791724bbf9eafbc2bb4a5a6b28f60f3f5b1d004ee1bcf6875fc96224 238596 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 63a8efacc213c4ea0a3c104fa1285a0a523efcdb9d970192813a0892b7ba740c 126594 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb Files: 782efff0a123c21274d4199f284cc008 1613850 debug extra libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 538d6803a9d191ca6f3c98ebfda11f2e 1058 libs extra libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb c1d28de5662ca8b67bf694031f8c4761 1060 libdevel extra libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb 231f94ed223bd4b1cd5d9691be6df8cf 676640 libdevel optional libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_armhf.deb c31ddb97978110058ef7ff917dfce636 1048 debian-installer extra libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb cea2514aa124ce3d24009487ebe55f8a 537116 debian-installer optional libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_armhf.udeb 492943f36dc365d31aec682ac86f9073 71832 debug extra libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 91ce45b722aea7de7a2eab309717b4fc 1086 text extra libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_armhf.ddeb 8d644910db27e4f02f20ac279c395172 35196 text optional libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_armhf.deb b3647940ece5d347f7867353813f6905 602710 libs standard libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb 9be4ef4a9c567f7fd63fb62cf90c0157 238596 debug extra python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_armhf.deb a88e039dac154db209c00a18390fd754 126594 python optional python-libxml2_2.9.3+dfsg1-1ubuntu0.1_armhf.deb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb