libxml2 2.9.10+dfsg-6.3ubuntu0.1 source package in Ubuntu

Changelog

libxml2 (2.9.10+dfsg-6.3ubuntu0.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: use-after-free in xmlEncodeEntitiesInternal
    - debian/patches/CVE-2021-3516.patch: Call htmlCtxtUseOptions to make sure
      that names aren't stored in dictionaries.
    - CVE-2021-3516
  * SECURITY UPDATE: heap-based buffer overflow in xmlEncodeEntitiesInternal
    - debian/patches/CVE-2021-3517.patch: Add some checks to validate input is
      UTF-8 format, supplementing CVE-2020-24977 fix.
    - CVE-2021-3517
  * SECURITY UPDATE: use-after-free in xmlXIncludeDoProcess
    - debian/patches/CVE-2021-3518.patch: Move from a block list to an allow
      list approach to avoid descending into other node types that can't
      contain elements.
    - CVE-2021-3518
  * SECURITY UPDATE: NULL pointer dereference in xmlValidBuildAContentModel
    - debian/patches/CVE-2021-3537.patch: Check return value of recursive calls
      to xmlParseElementChildrenContentDeclPriv and return immediately in case
      of errors.
    - CVE-2021-3537
  * SECURITY UPDATE: Exponential entity expansion
    - debian/patches/Patch-for-security-issue-CVE-2021-3541.patch: Add check to
      xmlParserEntityCheck to prevent entity exponential.
    - CVE-2021-3541

 -- Avital Ostromich <email address hidden>  Mon, 17 May 2021 18:13:47 -0400

Upload details

Uploaded by:
Avital Ostromich
Uploaded to:
Hirsute
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hirsute updates main libs
Hirsute security main libs

Downloads

File Size SHA-256 Checksum
libxml2_2.9.10+dfsg.orig.tar.xz 2.4 MiB 65ee7a2f5e100c64ddf7beb92297c9b2a30b994a76cd1fab67470cf22db6b7d0
libxml2_2.9.10+dfsg-6.3ubuntu0.1.debian.tar.xz 31.7 KiB 1841a377b4039fcbe7a3ea2288ff8d9a65f7313126a091710b11769e69dff2b2
libxml2_2.9.10+dfsg-6.3ubuntu0.1.dsc 2.6 KiB 13d322e6635061d18443aeb3cd0fd7cca1758f0afa95b5850ca34420f4c788fa

View changes file

Binary packages built by this source

libxml2: GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides a library providing an extensive API to handle
 such XML data files.

libxml2-dbgsym: debug symbols for libxml2
libxml2-dev: Development files for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 Install this package if you wish to develop your own programs using
 the GNOME XML library.

libxml2-doc: Documentation for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains general information about the GNOME XML library
 and more specific API references.

libxml2-utils: XML utilities

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package provides xmllint, a tool for validating and reformatting
 XML documents, and xmlcatalog, a tool to parse and manipulate XML or
 SGML catalog files.

libxml2-utils-dbgsym: debug symbols for libxml2-utils
python3-libxml2: Python3 bindings for the GNOME XML library

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python3 programs.

python3-libxml2-dbg: Python3 bindings for the GNOME XML library (debug extension)

 XML is a metalanguage to let you design your own markup language.
 A regular markup language defines a way to describe information in
 a certain class of documents (eg HTML). XML lets you define your
 own customized markup languages for many classes of document. It
 can do this because it's written in SGML, the international standard
 metalanguage for markup languages.
 .
 This package contains the files needed to use the GNOME XML library
 in Python3 programs for use with the Python3 debug interpreter.