Format: 1.8 Date: Fri, 03 Jun 2016 08:59:55 -0400 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: ppc64el Version: 2.9.1+dfsg1-3ubuntu4.8 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.1+dfsg1-3ubuntu4.8) trusty-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread in xmlNextChar - debian/patches/CVE-2016-1762.patch: return after error in parser.c. - CVE-2016-1762 * SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar - debian/patches/CVE-2016-1833-pre.patch: clear up NULL deref in parserInternals.c. - debian/patches/CVE-2016-1833-pre2.patch: handle 0-length entities in parserInternals.c. - debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c. - CVE-2016-1833 * SECURITY UPDATE: heap-buffer-overflow in xmlStrncat - debian/patches/CVE-2016-1834.patch: check for negative lengths in xmlstring.c. - CVE-2016-1834 * SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs - debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests to result/errors/759020.xml.err, result/errors/759020.xml.str, test/errors/759020.xml. - CVE-2016-1835 * SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey - debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in parser.c, added tests to result/errors/759398.xml.err, result/errors/759398.xml.str, test/errors/759398.xml. - CVE-2016-1836 * SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral - debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in HTMLparser.c. - CVE-2016-1837 * SECURITY UPDATE: heap-based buffer overread in xmlParserPrintFileContextInternal - debian/patches/CVE-2016-1838.patch: add bounds check to parser.c, add tests to result/errors/758588.xml.err, result/errors/758588.xml.str, test/errors/758588.xml. - CVE-2016-1838 * SECURITY UPDATE: heap-based buffer overread in xmlDictAddString - debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c. - CVE-2015-8806 - CVE-2016-1839 - CVE-2016-2073 * SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup - debian/patches/CVE-2016-1840.patch: properly handle error in xmlregexp.c. - CVE-2016-1840 * SECURITY UPDATE: avoid building recursive entities - debian/patches/CVE-2016-3627.patch: properly handle recursion in parser.c, tree.c. - CVE-2016-3627 * SECURITY UPDATE: recursion depth counter issue - debian/patches/CVE-2016-3705.patch: properly could recursion depth in parser.c. - CVE-2016-3705 * SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName - debian/patches/CVE-2016-4447.patch: improve error handling in parser.c. - CVE-2016-4447 * SECURITY UPDATE: inappropriate fetch of entities content - debian/patches/CVE-2016-4449.patch: fix another external entity fetch in parser.c. - CVE-2016-4449 * SECURITY UPDATE: out of bound access when serializing malformed strings - debian/patches/CVE-2016-4483.patch: improve string handling in xmlsave.c. - CVE-2016-4483 Checksums-Sha1: 2e3a73f54cf2b446dd489ac28db7f3e16eeeb96c 602708 libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb d557279f7dcd1039aea69071ee4e2bcf20eb5e1f 33788 libxml2-utils_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 0945a41987cb2f2692b8b1269f730ef351ed430c 72004 libxml2-utils-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 5d5a0ef724f0277b4d3be4a469463bf0122ef453 693080 libxml2-dev_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb b3fdc5c306adf26735533ebaa9913223f1cc2ac0 1770684 libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 230c4c8c7be3cc2bbebf8beb0c8f6d1c35125751 131240 python-libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 49e1ab7c51964b1854759f88b9ea5f403c3ac578 257470 python-libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb fb3ee007221b54005be261c13a78362d8a87f9d8 550960 libxml2-udeb_2.9.1+dfsg1-3ubuntu4.8_ppc64el.udeb fdbe560912082666e964962201baef41492cbbc9 1058 libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb b134ef28dcd54f7503eed9750d7886f192003650 1086 libxml2-utils-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb 1014912089001bf1a1b325c45f387ec5ad683491 1058 libxml2-dev-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb 8494303bf865d1e3faf3b1472f937c855b1c9c85 1054 python-libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb e0edf0d129ee776e5c847ac33f7167bf07e46640 1050 libxml2-udeb-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb Checksums-Sha256: f2a49046e7c56f79dab5796878a296cf89079e13bb5ed51779d707aced6a7bdb 602708 libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 3ea5bf0a80acf787bcf81bb5a0e11026db3e474c1e1e923e2e949436a237727e 33788 libxml2-utils_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 8d6af46d29b02e9b797d84cbd66d3d70f1734beba6cd1a80ae19d4a2ad6bc158 72004 libxml2-utils-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 8b607e6d82d0b7a262a01ce57505f1d30bcd6e647e43cb30b9d1be67bd5d9122 693080 libxml2-dev_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 4a33c6be98a55acdc5fa71e3b0996f527b589642101ca70d2cf928935e98210f 1770684 libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 9deba02bbb29ec8c108d9f43ecf6f0c522a931bdf954c33954919b438332057e 131240 python-libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 4ee94bbfe048f210587bd1b63217a7a1f877b00768bd355b11bc1dff75b7d0d7 257470 python-libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb ff03cc01d1ec4ae6155b900f0b4c42a85421e71399fce09ead563e89b9df91f0 550960 libxml2-udeb_2.9.1+dfsg1-3ubuntu4.8_ppc64el.udeb b598ae3799988fe98d0a45463ab6dff3eb714e58d454ceefe2a245de0fc8a410 1058 libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb a93490ed19ada8fce1ac19825dcd7cb82ab267295fd92cb4e679a0cd86b5cf46 1086 libxml2-utils-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb 8ed59da6dd8ad711b02184addf52cc4efd571171f392830f2f8cb68e64155bf0 1058 libxml2-dev-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb ca4a8188a31c1e7f67667b5736bf2509c8049a80c8bb82b2fce1e60eb1c6e8dd 1054 python-libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb 9e075407168bf22f29fa96802e8d557668ed26cd0a403cbcd0bd25c9cdc6a1cb 1050 libxml2-udeb-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb Files: d5b8ceb2f13edf0695e19f3938f84584 602708 libs standard libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 5c417ed08cbdea4b8b1da8a66dc6430e 33788 text optional libxml2-utils_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 3ef2f6259fce28d758a8b5f97f5ba1cc 72004 debug extra libxml2-utils-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 513930e1eed8adb7d1ca6e034de87f57 693080 libdevel optional libxml2-dev_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb b1383086ca98ea0991fc86dc3d9ead27 1770684 debug extra libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 62fbb69853f11fedd308a6dde859c907 131240 python optional python-libxml2_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 81490692865041cfa60001f06d7770a2 257470 debug extra python-libxml2-dbg_2.9.1+dfsg1-3ubuntu4.8_ppc64el.deb 090739720689c08f8a4bce5a81602bf4 550960 debian-installer optional libxml2-udeb_2.9.1+dfsg1-3ubuntu4.8_ppc64el.udeb a144d32a89769a37cda28cdde867cffa 1058 libs extra libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb b5c2b97a13adb28237390ff6bab01190 1086 text extra libxml2-utils-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb 1472f81dd0b56163dc13aae30bff1b75 1058 libdevel extra libxml2-dev-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb ff017a13a3ed30e66bf0b14103a4b365 1054 python extra python-libxml2-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb eb1b1ea3ad5838e1100ef79ca27daf64 1050 debian-installer extra libxml2-udeb-dbgsym_2.9.1+dfsg1-3ubuntu4.8_ppc64el.ddeb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb