libxml2 (2.9.2+zdfsg1-4ubuntu3) xenial; urgency=medium

  * SECURITY UPDATE: incomplete fix for out of bounds read in xmlGROW
    (LP: #1525996)
    - add extra commits to this previously-fixed CVE
    - debian/patches/CVE-2015-7499-3.patch: reuse xmlHaltParser() where it
      makes sense in parser.c.
    - debian/patches/CVE-2015-7499-4.patch: do not print error context when
      there is none in error.c.
    - CVE-2015-7499
  * SECURITY UPDATE: out of bounds memory access via unclosed html comment
    - debian/patches/CVE-2015-8710.patch: fix parsing short unclosed
      comment uninitialized access in HTMLparser.c.
    - CVE-2015-8710

Date: Thu, 14 Jan 2016 08:59:31 -0500
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libxml2/2.9.2+zdfsg1-4ubuntu3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Jan 2016 08:59:31 -0500
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg 
libxml2-doc python-libxml2 python-libxml2-dbg libxml2-udeb
Architecture: source
Version: 2.9.2+zdfsg1-4ubuntu3
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description:
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-udeb - GNOME XML library - minimal runtime (udeb)
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug 
extension)
Launchpad-Bugs-Fixed: 1525996
Changes:
 libxml2 (2.9.2+zdfsg1-4ubuntu3) xenial; urgency=medium
 .
   * SECURITY UPDATE: incomplete fix for out of bounds read in xmlGROW
     (LP: #1525996)
     - add extra commits to this previously-fixed CVE
     - debian/patches/CVE-2015-7499-3.patch: reuse xmlHaltParser() where it
       makes sense in parser.c.
     - debian/patches/CVE-2015-7499-4.patch: do not print error context when
       there is none in error.c.
     - CVE-2015-7499
   * SECURITY UPDATE: out of bounds memory access via unclosed html comment
     - debian/patches/CVE-2015-8710.patch: fix parsing short unclosed
       comment uninitialized access in HTMLparser.c.
     - CVE-2015-8710
Checksums-Sha1:
 793f85b62ac558388f2620d6dc45c1e889ba9d94 2757 libxml2_2.9.2+zdfsg1-4ubuntu3.dsc
 1e4ad497520919047f09d700d33739685153bad9 36176 
libxml2_2.9.2+zdfsg1-4ubuntu3.debian.tar.xz
Checksums-Sha256:
 8141ed5bd6ba8453482d9d02923e0c55d39d24b5e474c7ae5b5421081c57a93c 2757 
libxml2_2.9.2+zdfsg1-4ubuntu3.dsc
 cb9cfe36ebd12617f0546220b54ee81e7803c30d791e68e8b782eb90fc0443ce 36176 
libxml2_2.9.2+zdfsg1-4ubuntu3.debian.tar.xz
Files:
 7568bf45c87705971f5c97ab3d2396cd 2757 libs optional 
libxml2_2.9.2+zdfsg1-4ubuntu3.dsc
 83c130117a49053eeb534d5fe5df9d93 36176 libs optional 
libxml2_2.9.2+zdfsg1-4ubuntu3.debian.tar.xz
Original-Maintainer: Debian XML/SGML Group 
<debian-xml-sgml-p...@lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWl+QEAAoJEGVp2FWnRL6TCg8QAKMNAKP3rmInfLyVo8QD00hS
QMDJCqEmAog5cECQ83wx4tiB2htyq+QSSGGYBhtAVk6Vo2GQNYp6WkUGRyu5qivI
uN5ybvyF2bJo/Z5b+YJvAJZRCk62nV12ejiC9LRqpeXpPEx/+4rxQwa3iy1H5peq
muZe2IQ4o+IGg6yXAGCb56nmoUVUzcWJuoeS7D35TuonlGR1HTniFTqUgAvcOX5x
gSE5Qhj+kGJIzwGh7T3maiA7CskCmLWnZhgYvD2M87iXSoP6zlUGqkVf6xGx4QT/
2TyWy9oKir9tNLiTNB6eGWjU+DWyqUgWr1QrawIqdE+xZfRS0+jOfxpTsL29c8fZ
rlNESB+bIRi+V8nhJYwy6bqhWZgUME7vUg+iTK77mU6NxDWuEoMrijjiKDpgExtJ
cr65hPk2zoiSjsML2nbIrm6ZSM/PBZVboCfFaaEjmH5KcyVPA30mF+nOoGCCsCUL
aigQZnAGkOhyV8a/tOfz5Hgt2/RvW1KZBCfXC/iRCHZmcSa4n1plYND1Vmp2uxRB
24FRTUFFFsX1w1XSq/3/zEc3EdS/ddmsgug1G5GwRHXiI2e5ntgQcqnMhuiZ8X1Z
SVCx5KWzxNd2Cg3S5ojYuo7AcgYL13oYNY6ZONueRl2WYQ7yw5VihMMlBfmKVBfa
hRq/fFAf2P4HiMYnBX9j
=TSFI
-----END PGP SIGNATURE-----
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to