Debian
libxml2 package

libxml2 2.9.3+dfsg1-1.1 source package in Debian

Changelog

libxml2 (2.9.3+dfsg1-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
  * heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
  * Add missing increments of recursion depth counter to XML parser
    (CVE-2016-3705) (Closes: #823414)
  * Avoid an out of bound access when serializing malformed strings
    (CVE-2016-4483) (Closes: #823405)
  * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
  * Heap-based buffer overread in xmlParserPrintFileContextInternal
    (CVE-2016-1838)
  * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
    CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
  * Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
  * Fix inappropriate fetch of entities content (CVE-2016-4449)
  * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
    (CVE-2016-1837)
  * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
  * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
  * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
  * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)

 -- Salvatore Bonaccorso <email address hidden>  Sat, 28 May 2016 06:51:08 +0200

Upload details

Uploaded by:
Debian XML/SGML Group
Uploaded to:
Sid
Original maintainer:
Debian XML/SGML Group
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
libxml2_2.9.3+dfsg1-1.1.dsc 2.5 KiB 50fc6db96e8f890262706c010c71bf771729a3768c2b9a44eb3b6c98313097d4
libxml2_2.9.3+dfsg1.orig.tar.xz 2.4 MiB d6b7686fa12c70dd9ce7c7d97c84471b5afed1c176538df8c670754d8c206079
libxml2_2.9.3+dfsg1-1.1.debian.tar.xz 38.5 KiB 51889d4f48812d602fc107b5ed3b94903f8bfddf05e1624a8cb4bc07c36fdc28

No changes file available.

Binary packages built by this source