-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 28 May 2016 07:13:57 +0200 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg Architecture: source amd64 all Version: 2.8.0+dfsg1-7+wheezy6 Distribution: wheezy-security Urgency: high Maintainer: Debian XML/SGML Group <debian-xml-sgml-p...@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Closes: 812807 813613 819006 823405 823414 Changes: libxml2 (2.8.0+dfsg1-7+wheezy6) wheezy-security; urgency=high . * Non-maintainer upload. * Heap-based buffer overread in xmlNextChar (CVE-2016-1762) * heap-buffer-overflow in xmlStrncat (CVE-2016-1834) * Add missing increments of recursion depth counter to XML parser (CVE-2016-3705) (Closes: #823414) * Avoid an out of bound access when serializing malformed strings (CVE-2016-4483) (Closes: #823405) * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840) * Heap-based buffer overread in xmlParserPrintFileContextInternal (CVE-2016-1838) * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839 CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807) * Fix inappropriate fetch of entities content (CVE-2016-4449) * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (CVE-2016-1837) * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835) * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447) * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833) * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006) Checksums-Sha1: 604f8fcfc4411019a07a49e0d93928a750eea642 2500 libxml2_2.8.0+dfsg1-7+wheezy6.dsc fcfc1e880cff9144c84741966d33b62d217a1163 64503 libxml2_2.8.0+dfsg1-7+wheezy6.debian.tar.gz 6349217a20a7ab46a5f430a4d695d2d41193658a 906898 libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb fe0414b6a5a7225aba50598c7c7216fd30fa8933 98072 libxml2-utils_2.8.0+dfsg1-7+wheezy6_amd64.deb b01b3a5d54383d5fa2e9031c10e2d41a29b98893 128790 libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb ac47bc7e853f21423a5030715bd97e822641fe5d 904604 libxml2-dev_2.8.0+dfsg1-7+wheezy6_amd64.deb 54be7c2c3c13f65cd742069c6a955c73e3b46d7e 1404062 libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb 3ba5bc4700fb099cac7ef7add63579bc8f358ee9 1398380 libxml2-doc_2.8.0+dfsg1-7+wheezy6_all.deb 550055a526af552fa866868ae66684229fc4baf0 347628 python-libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb 57da92e2c817b52359141ba13e303a64c686c021 729732 python-libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb Checksums-Sha256: 8218f3c5c930bd569953a4eff2a0f1a27d9162ae1114ee527bfad203965ff2b0 2500 libxml2_2.8.0+dfsg1-7+wheezy6.dsc b8e8d46f55f1d96e29580f4e40756fe825ed56222b1f0937d01c161df8e2ed0c 64503 libxml2_2.8.0+dfsg1-7+wheezy6.debian.tar.gz 53a482e4a9dbc6d743670d84f65e2bbdfceeb3e20083a3d22621ed68e2c45633 906898 libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb 6c481b40dc7a57f5902d52bac8a82c9ae6d9949dad1db6562e5228495d4949cb 98072 libxml2-utils_2.8.0+dfsg1-7+wheezy6_amd64.deb 704a52a7513591ef511ce01040b8a4e145482b4fd449b1abdb977c5e6032069b 128790 libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb 48ba81158ad5ec7a89d0e70f6899e293281c741d66860d5efede26ca2f761147 904604 libxml2-dev_2.8.0+dfsg1-7+wheezy6_amd64.deb 7a2455f91243d8599000d18d732a610539ecdd1cd09d12ca32be1a9e69393ddb 1404062 libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb 7943687615fd83f48ce02aa9853b5121f1cf69096fb27e2c4a798278db2abe00 1398380 libxml2-doc_2.8.0+dfsg1-7+wheezy6_all.deb 73c3f65988ecf6a320703ab60ad9387ed3e7fff7d800b1c7346363c9e773847d 347628 python-libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb a723cbe5117452572590f3a29c1ff3f005c7124b0028c67539ae81a7f527b590 729732 python-libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb Files: 2d4a662f07108ff4e77e702fb0d6995b 2500 libs optional libxml2_2.8.0+dfsg1-7+wheezy6.dsc 33e5334a7d0b96379e211d87b6b22a80 64503 libs optional libxml2_2.8.0+dfsg1-7+wheezy6.debian.tar.gz 7eccb8dfb25111dc4344bce194e3cf69 906898 libs standard libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb d4d7bdb4dcae705ee1e26f9397c29534 98072 text optional libxml2-utils_2.8.0+dfsg1-7+wheezy6_amd64.deb 61eb21a39818ca28b0f61ed38ebe8d36 128790 debug extra libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb 5bc435f6681a51a1750390db3fd0e14b 904604 libdevel optional libxml2-dev_2.8.0+dfsg1-7+wheezy6_amd64.deb c9846be03fd3af4f5d1c3c4066c31b31 1404062 debug extra libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb 4efc178e26d00001f26ab7a0c4b912f8 1398380 doc optional libxml2-doc_2.8.0+dfsg1-7+wheezy6_all.deb 8fe1fb0057a10b4996ec46b91ab482e7 347628 python optional python-libxml2_2.8.0+dfsg1-7+wheezy6_amd64.deb 198788bb52fb57386074f3293fa5f708 729732 debug extra python-libxml2-dbg_2.8.0+dfsg1-7+wheezy6_amd64.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXSSpDAAoJEAVMuPMTQ89Eoy8P/2YDYkZp2HD5QQN0495BBLIg dE61ZDR2a9Vnn3zUpZQg0pGgd7Yot3uz9fp1Zntq99W1FyzjuktzK3+MlttMHMRp y82atCkJ9EjHFcifuHqKIPXQKnRWZrpnGYcpHQaRJHbpH5U+Wwwr39nk5f1tv7oJ 7KytmS/OzJoGmR9XoCZZfFtlCgZnPQRJ19ZpsEbc1Bwqc+O83/fPRyunkUOHsy6u faLTy1nN2HV75IIrYT5PXxGKeY48SAaYwM0/Litv3SjsSne1Y27/dcnaEtcrIedB wOONu/pK4Bl82Re8P+TQwdukA2qm6Wf701Lk2zc2EMQEY9BkIhmqax5FjWnLA3Qq HAgjZODRaHmFWA8h3zhUq+XoO+FtsRt/U4KwBNs8Mvs2wqZOnMWsgO1Iq94szAto B8ANwa5ZCUcMqV8Pp8qf8SJAVw44jlfqmngUEgv81Y9cn27cbALWaGCTmY7gvr8N HuCG+WmyiYqTtCG9KgOyPIIyFea3g1XQzhd69jm4Q6YcOurofGRqg264F42lJhb/ I1YTHjbiSHjHbXOO9EKJG4uNXOr2ZpWkxPQPCYrW14f4TSjP0nFNCDHnF4u9s92A n4wHLklZhPZAJYSBw0I4I0JRdXxIGA2oIawUVVkYTGg0jHSJKlE3goNU3Suty0xd 5r6qUzV7g/RTpqQhxApC =17fu -----END PGP SIGNATURE-----