libxml2 2.9.2+zdfsg1-4ubuntu0.4 source package in Ubuntu
Changelog
libxml2 (2.9.2+zdfsg1-4ubuntu0.4) wily-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overread in xmlNextChar
- debian/patches/CVE-2016-1762.patch: return after error in parser.c.
- CVE-2016-1762
* SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar
- debian/patches/CVE-2016-1833-pre2.patch: handle 0-length entities in
parserInternals.c.
- debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c.
- CVE-2016-1833
* SECURITY UPDATE: heap-buffer-overflow in xmlStrncat
- debian/patches/CVE-2016-1834.patch: check for negative lengths in
xmlstring.c.
- CVE-2016-1834
* SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs
- debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests
to result/errors/759020.xml.err, result/errors/759020.xml.str,
test/errors/759020.xml.
- CVE-2016-1835
* SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey
- debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in
parser.c, added tests to result/errors/759398.xml.err,
result/errors/759398.xml.str, test/errors/759398.xml.
- CVE-2016-1836
* SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and
htmlParseSystemiteral
- debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in
HTMLparser.c.
- CVE-2016-1837
* SECURITY UPDATE: heap-based buffer overread in
xmlParserPrintFileContextInternal
- debian/patches/CVE-2016-1838.patch: add bounds check to parser.c,
add tests to result/errors/758588.xml.err,
result/errors/758588.xml.str, test/errors/758588.xml.
- CVE-2016-1838
* SECURITY UPDATE: heap-based buffer overread in xmlDictAddString
- debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c.
- CVE-2015-8806
- CVE-2016-1839
- CVE-2016-2073
* SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup
- debian/patches/CVE-2016-1840.patch: properly handle error in
xmlregexp.c.
- CVE-2016-1840
* SECURITY UPDATE: avoid building recursive entities
- debian/patches/CVE-2016-3627.patch: properly handle recursion in
parser.c, tree.c.
- CVE-2016-3627
* SECURITY UPDATE: recursion depth counter issue
- debian/patches/CVE-2016-3705.patch: properly could recursion depth in
parser.c.
- CVE-2016-3705
* SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName
- debian/patches/CVE-2016-4447.patch: improve error handling in
parser.c.
- CVE-2016-4447
* SECURITY UPDATE: inappropriate fetch of entities content
- debian/patches/CVE-2016-4449.patch: fix another external entity fetch
in parser.c.
- CVE-2016-4449
* SECURITY UPDATE: out of bound access when serializing malformed strings
- debian/patches/CVE-2016-4483.patch: improve string handling in
xmlsave.c.
- CVE-2016-4483
-- Marc Deslauriers <email address hidden> Fri, 03 Jun 2016 08:55:52 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Wily
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libxml2_2.9.2+zdfsg1.orig.tar.xz | 2.4 MiB | 0e2ba8bcdb181343f78acfacd342f211f70894b904747367c52011ab9a096776 |
| libxml2_2.9.2+zdfsg1-4ubuntu0.4.debian.tar.xz | 47.5 KiB | 3c0793e1c87878b826224bd430bd8437eea94d2f020cd5ff73fbdd42823452f0 |
| libxml2_2.9.2+zdfsg1-4ubuntu0.4.dsc | 2.7 KiB | 45db867c453084d3347ec2f6bcb6347b3b1c1e1cafb2ae509deb0b1bb28a1c59 |
Available diffs
Binary packages built by this source
- libxml2: No summary available for libxml2 in ubuntu wily.
No description available for libxml2 in ubuntu wily.
- libxml2-dbg: No summary available for libxml2-dbg in ubuntu wily.
No description available for libxml2-dbg in ubuntu wily.
- libxml2-dbgsym: No summary available for libxml2-dbgsym in ubuntu wily.
No description available for libxml2-dbgsym in ubuntu wily.
- libxml2-dev: No summary available for libxml2-dev in ubuntu wily.
No description available for libxml2-dev in ubuntu wily.
- libxml2-dev-dbgsym: No summary available for libxml2-dev-dbgsym in ubuntu wily.
No description available for libxml2-dev-dbgsym in ubuntu wily.
- libxml2-doc: No summary available for libxml2-doc in ubuntu wily.
No description available for libxml2-doc in ubuntu wily.
- libxml2-udeb: No summary available for libxml2-udeb in ubuntu wily.
No description available for libxml2-udeb in ubuntu wily.
- libxml2-udeb-dbgsym: No summary available for libxml2-udeb-dbgsym in ubuntu wily.
No description available for libxml2-udeb-dbgsym in ubuntu wily.
- libxml2-utils: No summary available for libxml2-utils in ubuntu wily.
No description available for libxml2-utils in ubuntu wily.
- libxml2-utils-dbg: No summary available for libxml2-utils-dbg in ubuntu wily.
No description available for libxml2-utils-dbg in ubuntu wily.
- libxml2-utils-dbgsym: No summary available for libxml2-utils-dbgsym in ubuntu wily.
No description available for libxml2-
utils-dbgsym in ubuntu wily.
- python-libxml2: No summary available for python-libxml2 in ubuntu wily.
No description available for python-libxml2 in ubuntu wily.
- python-libxml2-dbg: No summary available for python-libxml2-dbg in ubuntu wily.
No description available for python-libxml2-dbg in ubuntu wily.
- python-libxml2-dbgsym: No summary available for python-libxml2-dbgsym in ubuntu wily.
No description available for python-
libxml2- dbgsym in ubuntu wily.
