Package: python-libxml2 Version: 2.6.32.dfsg-3 Severity: important While upgrading python-libxml2 I noticed that python-libxml2 was not shown in apt-listchanges. After the upgrade, the file changelog.Debian.gz still starts with: libxml2 (2.6.32.dfsg-2+lenny1) testing-security; urgency=high
* Non-maintainer upload by the security team
* Fix DoS which leads to recursive evaluation of entities
Fixes: CVE-2008-3281
(i.e. not -3).
So either python-libxml2 must provide its own changelog.Debian.gz
or it must have a strict version lock to libxml2
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.24.3-grsec
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages python-libxml2 depends on:
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libxml2 2.6.32.dfsg-2+lenny1 GNOME XML library
ii python 2.5.2-2 An interactive high-level object-o
ii python-support 0.8.4 automated rebuilding support for P
python-libxml2 recommends no packages.
python-libxml2 suggests no packages.
-- no debconf information
--
Dr. Helge Kreutzmann [EMAIL PROTECTED]
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature
