Ubuntu
xerces-c2 package

Sync xerces-c2 2.8.0+deb1-2 (universe) from Debian unstable (main)

Bug #418561 reported by Michael Bienia on 2009-08-25

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	xerces-c2 (Ubuntu)	Fix Released	Wishlist	Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

affects ubuntu/xerces-c2
status confirmed
importance wishlist
subscribe ubuntu-archive
done

Please sync xerces-c2 2.8.0+deb1-2 (universe) from Debian unstable (main)

Changelog entries since current karmic version 2.8.0-4:

xerces-c2 (2.8.0+deb1-2) unstable; urgency=low

* Apply patch to correct CVE-2009-1885: DoS attack from nested DTDs.
(Closes: #541986)

-- Jay Berkenbilt <email address hidden> Mon, 24 Aug 2009 11:04:38 -0400

xerces-c2 (2.8.0+deb1-1) unstable; urgency=low

  * Repackage to eliminate tarball-in-orig.tar.gz packaging. This is the
    same version as 2.8.0. (Closes: #538572)
  * Updated standards to 3.8.3 (no changes required).

-- Jay Berkenbilt <email address hidden> Fri, 21 Aug 2009 18:28:01 -0400

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)

iJwEAQEDAAYFAkqT1d4ACgkQo8/XfXdugupKPgP/QXZorH5aSDMsJHe5+8DKgeyz
H8ZcN4z5KEfeh5SvvKvo80Djj1TaHnosm9qHi0sVKJhkNsV8Z4SXv0TzojFrRd7D
kfV8SR9Gi02NE6wD0Yryyuomub83U50SJ4CaotE9P15021RqCfaGIBWrpveNo2Wg
d7Uk3CjjMvg/x8z0E+Q=
=zPd1
-----END PGP SIGNATURE-----

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2009-08-26:

[Updating] xerces-c2 (2.8.0-4 [Ubuntu] < 2.8.0+deb1-2 [Debian])
* Trying to add xerces-c2...
  - <xerces-c2_2.8.0+deb1-2.diff.gz: downloading from http://ftp.debian.org/debian/>
  - <xerces-c2_2.8.0+deb1-2.dsc: downloading from http://ftp.debian.org/debian/>
  - <xerces-c2_2.8.0+deb1.orig.tar.gz: downloading from http://ftp.debian.org/debian/>
I: xerces-c2 [universe] -> libxerces-c28_2.8.0-4 [universe].
I: xerces-c2 [universe] -> libxerces-c2-dev_2.8.0-4 [universe].
I: xerces-c2 [universe] -> libxerces-c2-doc_2.8.0-4 [universe].

Changed in xerces-c2 (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuxerces-c2 package

Sync xerces-c2 2.8.0+deb1-2 (universe) from Debian unstable (main)

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
xerces-c2 package