Format: 1.8 Date: Fri, 15 Sep 2017 16:00:14 -0700 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb Architecture: armhf Version: 2.9.3+dfsg1-1ubuntu0.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Steve Beattie Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-udeb - GNOME XML library - minimal runtime (udeb) libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.9.3+dfsg1-1ubuntu0.3) xenial-security; urgency=medium . * SECURITY UPDATE: type confusion leading to out-of-bounds write - debian/patches/CVE-2017-0663.patch: eliminate cast - CVE-2017-0663 * SECURITY UPDATE: XML external entity (XXE) vulnerability - debian/patches/CVE-2017-7375.patch: add validation for parsed entity references - CVE-2017-7375 * SECURITY UPDATE: buffer overflow in URL handling - debian/patches/CVE-2017-7376.patch: allocate enough memory for ports in HTTP redirect support - CVE-2017-7376 * SECURITY UPDATE: buffer overflows in xmlSnprintfElementContent() - debian/patches/CVE-2017-9047-9048.patch: ensure enough space remains in buffer for copied data - CVE-2017-9047, CVE-2017-9048 * SECURITY UPDATE: heap based buffer overreads in xmlDictComputeFastKey() - debian/patches/CVE-2017-9049-9050.patch: drop uneccessary expansions, add additional sanity check - CVE-2017-9049, CVE-2017-9050 Checksums-Sha1: 304ef2e5c6deeb2b296ba199a669352108bc36e9 1619308 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 8c60540c76288cb007b05959ba0efdab91454829 1060 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb e2ab9673b8f10e0e3188af121a21f6585bb9f99e 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 994965f50aefd2520822df6e824ff495e255b848 678828 libxml2-dev_2.9.3+dfsg1-1ubuntu0.3_armhf.deb de89672724a4497ab39be60062343e3b92855598 1052 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 4928fc0c5785f1a59361ad376ff51a46409c1022 539576 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.3_armhf.udeb d37370dcb60ead6a4b17198cb415b71bcf6beb1a 71750 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 873abd7e49ba49a7c8aee0aab8106acdd8ab7d5f 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 4667aea677fb4955caecf061bcafdb6ab4534bb8 35304 libxml2-utils_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 80a82aed141fce9fcb95ffe078224d83a15fa83a 605258 libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb edccf5d9092a5f190c1f736f4888ef2de45d58f7 239092 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb b8ed40ad27aabf20fc54c2572fb7c231c197ec24 127150 python-libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb Checksums-Sha256: d5f0ceaa9cb92573be45009b8cc6ecf73d2565d297a99719a7713e178ea4234e 1619308 libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb a3d60fd6e08fce46e7da1cec35b468180cd20c1c91768917f2f23e8ec14bd371 1060 libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 952f2cf31c68d0d5086bb27d6378139bfdb063d051e43d781507b5e84dcdc086 1060 libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 467ba9a8ad429871c1e85ecb209d6844b859108923631b16f19926c698a3f98d 678828 libxml2-dev_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 9d6a21d5240e41978e360fdf61e75383e30376e22c2ac19ae2577ca6e7688fd3 1052 libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 4d724df2b79545e3bab0d56f324feafb36c4a1b8790b4051b14a33568438833e 539576 libxml2-udeb_2.9.3+dfsg1-1ubuntu0.3_armhf.udeb 175cbbb267004ebd8aedd4e9110fd610693b1e95108bf1a33a753e95f9dcdc34 71750 libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 7180d8e326a24322aaa2395a72c3e3b079a4db4f706b65e2abbe824407554da5 1086 libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 320660b8b8f8991170ae602fb154cda3d9fb4a85072fcc0ab722926ede823c2d 35304 libxml2-utils_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 3f05e31f7243af0cd8735fc646080cfe10d077b8b7f67f8493a21f2b22c5e889 605258 libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 8d4c3b93951c031802e64b4107a349f0328bd822d35bbb46b7d4d66ff077ad8c 239092 python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 83d81c03700dc5be0e80a826dda4f9662656182e6e65484ebb4fa8610a209782 127150 python-libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb Files: dcecb6343072ce7da06881869970763c 1619308 debug extra libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 598e8eceda63266fba9e86d006241aaf 1060 libs extra libxml2-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 14f7db0fa8ab5cabeb41265c89830d8d 1060 libdevel extra libxml2-dev-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb ade76a6fd7ed075c77662e610e616d06 678828 libdevel optional libxml2-dev_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 3247209674d8bcd2c7cd643997b9470d 1052 debian-installer extra libxml2-udeb-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb 3fc4ef3845b80fdef03e73d07e7252ee 539576 debian-installer optional libxml2-udeb_2.9.3+dfsg1-1ubuntu0.3_armhf.udeb ab9a2c2121e90c3cb25e0a098e1ef697 71750 debug extra libxml2-utils-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb e74675717580d1cf6efec788dc0ec486 1086 text extra libxml2-utils-dbgsym_2.9.3+dfsg1-1ubuntu0.3_armhf.ddeb f7672b4362adbf1baa9970cd9764e64a 35304 text optional libxml2-utils_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 20fb1a9c6b40eb76db52efbbd026d76f 605258 libs standard libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb dafdebef2e55b7e7842e7354933254ac 239092 debug extra python-libxml2-dbg_2.9.3+dfsg1-1ubuntu0.3_armhf.deb 64267bd10f1bbb1e9fc217b8d4defe38 127150 python optional python-libxml2_2.9.3+dfsg1-1ubuntu0.3_armhf.deb Original-Maintainer: Debian XML/SGML Group Package-Type: udeb