Format: 1.8 Date: Fri, 03 Jun 2016 08:05:40 -0400 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: i386 Version: 2.9.3+dfsg1-1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.3+dfsg1-1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread in xmlNextChar - debian/patches/CVE-2016-1762.patch: return after error in parser.c. - CVE-2016-1762 * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c. - CVE-2016-1833 * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat - debian/patches/CVE-2016-1834.patch: check for negative lengths in xmlstring.c. - CVE-2016-1834 * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests to result/errors/759020.xml.err, result/errors/759020.xml.str, test/errors/759020.xml. - CVE-2016-1835 * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in parser.c, added tests to result/errors/759398.xml.err, result/errors/759398.xml.str, test/errors/759398.xml. - CVE-2016-1836 * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in HTMLparser.c. - CVE-2016-1837 * SECURITY UPDATE: heap-based buffer overread in xmlParserPrintFileContextInternal - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c, add tests to result/errors/758588.xml.err, result/errors/758588.xml.str, test/errors/758588.xml. - CVE-2016-1838 * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c. - CVE-2015-8806 - CVE-2016-1839 - CVE-2016-2073 * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup - debian/patches/CVE-2016-1840.patch: properly handle error in xmlregexp.c. - CVE-2016-1840 * SECURITY UPDATE: avoid building recursive entities - debian/patches/CVE-2016-3627.patch: properly handle recursion in parser.c, tree.c. - CVE-2016-3627 * SECURITY UPDATE: recursion depth counter issue - debian/patches/CVE-2016-3705.patch: properly could recursion depth in parser.c. - CVE-2016-3705 * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName - debian/patches/CVE-2016-4447.patch: improve error handling in parser.c. - CVE-2016-4447 * SECURITY UPDATE: inappropriate fetch of entities content - debian/patches/CVE-2016-4449.patch: fix another external entity fetch in parser.c. - CVE-2016-4449 * SECURITY UPDATE: out of bound access when serializing malformed strings - debian/patches/CVE-2016-4483.patch: improve string handling in xmlsave.c. - CVE-2016-4483 Checksums-Sha1: 33711af3c668e77c5ec15ffd6a29d92a357ebe36 1466996 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb cf5fbc774e07c1995c9dd6d9fd1cd60b320aee5e 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 96f2b986caa5108370dbd06ab0964d4161b51907 1058 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 532eac108624c801cb5f38c95c8fc8d223e0cc9e 803900 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_i386.deb c56a4a32c474c9b84f58d218abf473af9a098dc9 1050 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb b26dac009615c1fc8ac65560d4c93eb9b46e4255 666326 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_i386.udeb 8277024f48910503be7c6f8aa0b9ec69a3a4eb07 66580 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb 844f0105536e97c17a13a9ffa74d2295d818d811 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb e54b506edb95505ef205d6147c9a27b4393610eb 35804 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_i386.deb 1c3b1692e801ff1c0f5658ff6699b129a1a5801e 729896 libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb 898015689db72b80842e52d41f03d3c7c0671aac 219016 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb 470213d73853554bb782b9118eb6379b8d5c8c0f 138954 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb Checksums-Sha256: 442e4a4d0a69e5d316d9b14e5aba824addbd1ee8ac563dc7bc58e2b45b7de14a 1466996 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb 61d113c4e6c7e3094182d8f5a1c32db778a2ab5ff73cf446383cc4935fac67e2 1058 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 51cdcab2dacb25b4102fe79931a01c1ade2106e4145c7927d985a8ddcc3c3be4 1058 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 4c0c56c871210188b092eddaaaffc1c7083187e9c166b9c566aec0ebe903fb7e 803900 libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_i386.deb 6a5beca3683f713ffa0f92b01cd8200e3f6ae95bee38ec58d191f1ff961d7801 1050 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb b3bf8df2d85c224e4ff0e978cd1a7c721fa0a222a022d5ec289b5f538aafd6a1 666326 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_i386.udeb 75ea0f1f1a5345235184774fd9fba246c28d455f4345a3a45b4a704bbe4016fd 66580 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb bd48da218ca578be116a1e33ced96d2233f602bc1e45a888d02ea58e651637c8 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb b19ca945a1201be7edcc527933339d4be3131883a4959190f7e5fbab8dbb7c7c 35804 libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_i386.deb 5c5cfdfcd21f0c5e693f02fb993175d641ec3c73623c6b31407be597888759bc 729896 libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb 59b3a5242d7549555dec66dbd930105cd159f3086ff4864a620765854028d6cb 219016 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb 4d714f42ac0e88f7202e72b5f3c04f03390eda65e318123a500a7d03ef086943 138954 python-libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb Files: 5d65e3a1e44b3d26180adb1609ea056b 1466996 debug extra libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb d182a9bc5d1d3dc524ae3550a61d2d19 1058 libs extra libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 24878d072952ca9818e3cd1daa1f1437 1058 libdevel extra libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 4d60c58fa8f33fea6bae3c895cf80b66 803900 libdevel optional libxml2-dev_2.9.3+dfsg1-1ubuntu0.1_i386.deb f58f81716745b9911839072ade435578 1050 debian-installer extra libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb be45fc12d6e813c202cf0e267f84d414 666326 debian-installer optional libxml2-udeb_2.9.3+dfsg1-1ubuntu0.1_i386.udeb 2158cf3c190828a5093733b7946c3d9b 66580 debug extra libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb b29ecda6c59cb6ea442823a087c9dd9d 1086 text extra libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.1_i386.ddeb 2fb96f9d131dac29ed90dd6fad4bceb7 35804 text optional libxml2-utils_2.9.3+dfsg1-1ubuntu0.1_i386.deb 750a8414129642a823e01464bd5a429f 729896 libs standard libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb 53634ff0a48e78667262f9c229dfb84d 219016 debug extra python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.1_i386.deb c88fa96d23152efbf81d20fdcbef3714 138954 python optional python-libxml2_2.9.3+dfsg1-1ubuntu0.1_i386.deb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb