Superseded
by libxml2 - 2.9.12+dfsg-0+ubuntu18.04.1+deb.sury.org+1
Published
Changelog
libxml2 (2.9.10+dfsg-5+ubuntu18.04.1+deb.sury.org+3) bionic; urgency=medium
* No-change backport to bionic
libxml2 (2.9.10+dfsg-5) unstable; urgency=medium
* Team upload.
[ Mattia Rizzolo ]
* d/rules:
+ Drop --disable-silent-rules, already passed by dh_auto_configure.
+ Drop --parallel, now default with debhelper compat > 10.
+ Use dh_installdocs and dh_installexamples to install docs and examples.
+ Use dh_missing --fail-missing (and add the relevant d/not-installed).
+ Minimize indep build to build only the docs.
* d/watch: fix an option to avoid a warning message.
* d/control:
+ Move most of the build-deps to Build-Depends-Arch.
+ Use ${python:Depends} also for python-libxml2-dbg.
* Add a lintian override for
debian-rules-uses-supported-python-versions-without-python-all-build-depends
[ Gunnar Hjalmarsson ]
* d/p/python3-unicode-errors.patch:
Fix segfault issue with itstool and py3. LP: #1869814
libxml2 (2.9.10+dfsg-4) unstable; urgency=medium
* Team upload.
* Add patch from upstream to prevent a segfault in some platforms with
illegal documents.
libxml2 (2.9.10+dfsg-3) unstable; urgency=medium
* Team upload.
* Add patch so that xml2-config only disaplys libraries needed for dynamic
linking. Closes: #952115
libxml2 (2.9.10+dfsg-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix memory leak in xmlSchemaValidateStream (CVE-2019-20388)
(Closes: #949583)
* Fix infinite loop in xmlStringLenDecodeEntities (CVE-2020-7595)
(Closes: #949582)
libxml2 (2.9.10+dfsg-2) unstable; urgency=medium
* Team upload
* Re-instate Python2 support for now, the rev-deps are not ready.
Re-opens: #936941
* python-libxml2-dbg: Depend on python2-dbg instead of python-dbg.
Closes: #948493
* d/control: Bump Standards-Version 4.5.0, no changes needed.
* Re-instnate the xml2-config script for now.
* Upload to unstable.
libxml2 (2.9.10+dfsg-1) experimental; urgency=medium
* Team upload.
* New upstream version 2.9.10+dfsg.
+ Fix memory leak. CVE-2019-19956
* Drop all patches.
* d/control:
+ Bump debhelper compat level to 12.
+ Bump Standards-Version to 4.4.1, no changes needed.
* d/libxml2.symbols: add Build-Depends-Package field, by lintian.
libxml2 (2.9.9+dfsg1-1~exp2) experimental; urgency=medium
* Team upload.
* Merge the lost uploads 2.9.7+dfsg-1 and 2.9.8+dfsg-1.
libxml2 (2.9.9+dfsg1-1~exp1) experimental; urgency=medium
[ Rene Engelhard ]
* actually remove the override_dh_gencontrol (thanks mattia)...
[ Aron Xu ]
* New upstream version 2.9.9+dfsg1
+ Fix infinite loop in LZMA decompression. CVE-2018-9251; Closes: #895195
+ Fix (another) infinite loop in LZMA decompression. CVE-2018-14567
+ Fix nullptr deref with XPath logic ops. CVE-2018-14404; Closes: #901817
* Remove patches merged upstream
* Update symbols
* Remove python2 support Closes: #936941
libxml2 (2.9.8+dfsg-1) experimental; urgency=medium
* Team upload.
[ Rene Engelhard ]
* New upstream version 2.9.8+dfsg.
+ Fix possible XML External Entity attack. CVE-2016-9318; Closes: #844581
* Update Vcs-* to salsa.debian.org.
[ Mattia Rizzolo ]
* d/libxml2.symbols:
+ Remove removed symbols xmlNop@Base (no users found anywhere).
+ Add two new symbols.
* Refresh patches.
+ Drop the Python 3.6 compatibility patch, upstreamed.
* d/copyright: Update.
* d/control: Bump Standards-Version to 4.2.1, no changes needed.
* d/rules: Bump shlibs version.
libxml2 (2.9.7+dfsg-1) experimental; urgency=medium
* Team upload.
* New upstream version 2.9.7+dfsg. Closes: #882074
+ Infinite recursion in parameter entities. CVE-2017-16932; Closes: #882613
+ Double entity expansion; Closes: #836698
+ Set memory limit for LZMA decompression. CVE-2017-18258; Closes: #895245
* Refresh patches.
* Refresh symbols.
* Stop installing /usr/bin/xml2-config.
Packages should just use pkg-config instead.
* Remove the libxml2-dbg package, in favour of automatic debug package.
libxml2 (2.9.4+dfsg1-8) unstable; urgency=medium
* Team upload.
* Fix autopkgtest: use `python2` instead of `python` and actually run the
`python3` test. Closes: #943386
libxml2 (2.9.4+dfsg1-7) unstable; urgency=medium
* Team upload.
* drop automatically generated dependency on (non-existing) libicu60-dbg
from libxm2-dbg (closes: #900113)
-- Ondřej Surý <email address hidden> Wed, 06 May 2020 11:53:28 +0200