libxml2 (2.7.8.dfsg-5.1ubuntu4.22) precise-security; urgency=medium

  * SECURITY UPDATE: Memory leak
    - fix memory leak in xmlParseBalancedChunkMemoryRecover checking
      if doc is NULL in parser.c.
    - CVE-2019-19956
  * SECURITY UPDATE: Denial of service though an infinite loop
    - fix infinite loop in  xmlStringLenDecodeEntities adding checks
      to ctxt->instate if it is == XML_PARSER_EOF in parser.c.
    - CVE-2020-7595

libxml2 (2.7.8.dfsg-5.1ubuntu4.21) precise-security; urgency=medium

  * SECURITY UPDATE: XXE attacks
    - debian/patches/CVE-2016-9318.patch: fix in parser.c.
    - CVE-2016-9318
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14404.patch: fix in xpath.c.
    - CVE-2018-14404

libxml2 (2.7.8.dfsg-5.1ubuntu4.20) precise-security; urgency=medium

  * SECURITY UPDATE: use after-free in xmlXPathCompOpEvalPositionPredicate
    - CVE-2017-15412

libxml2 (2.7.8.dfsg-5.1ubuntu4.19) precise-security; urgency=medium

  * SECURITY UPDATE: infinite recursion in parameter entities
    - CVE-2017-16932

libxml2 (2.7.8.dfsg-5.1ubuntu4.18) precise-security; urgency=medium

  * SECURITY UPDATE: type confusion leading to out-of-bounds write
    - CVE-2017-0663
  * SECURITY UPDATE: XML external entity (XXE) vulnerability
      entity references
    - CVE-2017-7375
  * SECURITY UPDATE: buffer overflow in URL handling
      ports in HTTP redirect support
    - CVE-2017-7376
  * SECURITY UPDATE: buffer overflows in xmlSnprintfElementContent()
      remains in buffer for copied data
    - CVE-2017-9047, CVE-2017-9048
  * SECURITY UPDATE: heap based buffer overreads in
    xmlDictComputeFastKey()
      expansions, add additional sanity check
    - CVE-2017-9049, CVE-2017-9050

Date: 2020-02-05 17:23:22.089564+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.22
Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

Reply via email to