xerces-c 3.1.1-5.1+deb8u4build0.14.04.1 source package in Ubuntu

Changelog

xerces-c (3.1.1-5.1+deb8u4build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

xerces-c (3.1.1-5.1+deb8u4) jessie; urgency=medium

  * Fix CVE-2017-12627: Alberto Garcia, Francisco Oca and Suleman Ali of
    Offensive Research discovered that the Xerces-C XML parser mishandles
    certain kinds of external DTD references, resulting in dereference of a
    NULL pointer while processing the path to the DTD. The bug allows for a
    denial of service attack in applications that allow DTD processing and do
    not prevent external DTD usage, and could conceivably result in remote code
    execution.

 -- Mike Salvatore <email address hidden>  Thu, 06 Dec 2018 11:09:03 -0500

Upload details

Uploaded by:
Mike Salvatore on 2018-12-06
Uploaded to:
Trusty
Original maintainer:
Jay Berkenbilt
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2018-12-06 universe libs
Trusty security on 2018-12-06 universe libs

Downloads

File Size SHA-256 Checksum
xerces-c_3.1.1.orig.tar.gz 4.8 MiB a42785f71e0b91d5fd273831c87410ce60a73ccfdd207de1b805d26d44968736
xerces-c_3.1.1-5.1+deb8u4build0.14.04.1.debian.tar.gz 11.6 KiB e8d198107b654ba460610977209044c39af3129ea6a8060a2443db16d5f8c1cb
xerces-c_3.1.1-5.1+deb8u4build0.14.04.1.dsc 2.0 KiB 23571207053305671eaf3b1c998cb7cd1e671992d5bd1dc89da9a7ce5b5cb07d

View changes file

Binary packages built by this source

libxerces-c-dev: validating XML parser library for C++ (development files)

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. This package contains the development files for Xerces. It also
 contains sources to various sample files. The libxerces-c-samples
 package contains compiled versions of the samples.

libxerces-c-doc: validating XML parser library for C++ (documentation)

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. This package contains the documentation files.

libxerces-c-samples: validating XML parser library for C++ (compiled samples)

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. This package contains compiled versions of the samples. You
 probably don't want this package, but it can be useful if you are
 trying to reproduce a problem before reporting a bug that will be
 easy for the xerces developers to reproduce.

libxerces-c-samples-dbgsym: debug symbols for package libxerces-c-samples

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. This package contains compiled versions of the samples. You
 probably don't want this package, but it can be useful if you are
 trying to reproduce a problem before reporting a bug that will be
 easy for the xerces developers to reproduce.

libxerces-c3.1: validating XML parser library for C++

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. Xerces-C++ makes it easy to give your application the ability
 to read and write XML data. A shared library is provided for parsing,
 generating, manipulating, and validating XML documents. Xerces-C++ is
 faithful to the XML 1.0 recommendation and associated standards (DOM
 1.0, DOM 2.0, SAX 1.0, SAX 2.0, Namespaces, XML Schema Part 1 and
 Part 2). It also provides experimental implementations of XML 1.1
 and DOM Level 3.0. The parser provides high performance, modularity,
 and scalability.

libxerces-c3.1-dbgsym: debug symbols for package libxerces-c3.1

 Xerces-C++ is a validating XML parser written in a portable subset of
 C++. Xerces-C++ makes it easy to give your application the ability
 to read and write XML data. A shared library is provided for parsing,
 generating, manipulating, and validating XML documents. Xerces-C++ is
 faithful to the XML 1.0 recommendation and associated standards (DOM
 1.0, DOM 2.0, SAX 1.0, SAX 2.0, Namespaces, XML Schema Part 1 and
 Part 2). It also provides experimental implementations of XML 1.1
 and DOM Level 3.0. The parser provides high performance, modularity,
 and scalability.