Back to libxml2 PTS page

Accepted libxml2 2.9.4+dfsg1-3.1 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 20 Aug 2017 06:56:40 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg python3-libxml2 python3-libxml2-dbg
Architecture: source
Version: 2.9.4+dfsg1-3.1
Distribution: unstable
Urgency: low
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 863018 863019 863021 863022 870865 870867 870870
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
 python3-libxml2 - Python3 bindings for the GNOME XML library
 python3-libxml2-dbg - Python3 bindings for the GNOME XML library (debug extension)
Changes:
 libxml2 (2.9.4+dfsg1-3.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Increase buffer space for port in HTTP redirect support (CVE-2017-7376)
     Incorrect limit was used for port values. (Closes: #870865)
   * Prevent unwanted external entity reference (CVE-2017-7375)
     Missing validation for external entities in xmlParsePEReference.
     (Closes: #870867)
   * Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050)
     - Heap-based buffer over-read in function xmlDictComputeFastKey
       (CVE-2017-9049).
     - Heap-based buffer over-read in function xmlDictAddString
       (CVE-2017-9050).
     (Closes: #863019, #863018)
   * Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047,
     CVE-2017-9048)
     - Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047).
     - Stack-based buffer overflow in function xmlSnprintfElementContent
       (CVE-2017-9048).
     (Closes: #863022, #863021)
   * Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663)
     Heap buffer overflow in xmlAddID. (Closes: #870870)
Checksums-Sha1: 
 f403fa424d24484734ac50e4f425fb20bbc8c0a4 3121 libxml2_2.9.4+dfsg1-3.1.dsc
 2107cdd9a86fcced334e230c0570b8b9d4ffaef5 33852 libxml2_2.9.4+dfsg1-3.1.debian.tar.xz
Checksums-Sha256: 
 7b6dbd6cb82e44393436d1900ec37791002456eb53f17951d561b2b4f3a71bdf 3121 libxml2_2.9.4+dfsg1-3.1.dsc
 9de354bf1315f0e631505789a6059fdbcef3fd2c262b1573935cdf6acf0ee976 33852 libxml2_2.9.4+dfsg1-3.1.debian.tar.xz
Files: 
 63f1bfc1415e09c79177978cce1f2f77 3121 libs optional libxml2_2.9.4+dfsg1-3.1.dsc
 ae6b0290e64db9ccf1604938422de437 33852 libs optional libxml2_2.9.4+dfsg1-3.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmZGH1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ei3MP/RrZvJrvv0dJ9f2ollRVL9hi3iqZ9pKN
xfOqEjQ2pOyDdiG/maJWvpJvMb+Jxm4yPJmPqBiWddUe69sBDK1V7svkh8PnuGK3
MjWZgS67UoIq7tN9rGflOhhJZ14E6YJniv3bq2F+uu3IpQCdoxDNFDGbEMZOXyt0
b6/fiw+8CYbswO+fe0UqGwnqBEfVF0ZEk2XRhPaldACOLgaiA5sJBqEiS/eV56+5
tRu+wI9PM2wg15Y3zVRWBygTwvKKDhbKU0W6UKbrfNz7x93OutHQp7N1tdHgch17
aP0gsSUTgx0O27VjYup8jWFS2w1muypGeM0xsBLLgQADmVSq4e+x+jsradC7wt+2
/+wZqDmXrlJF4Rpwm7Edu37uXngSMjwXN75bMYtie54AKn+Mc38QpcuM3lp6qHGG
n0b2TrR4Ay0t2upof2lOwVMAg7007BcmvOxuPmnVAPdpAKjiMCQukTdhmfthmBZ4
QdVRN3NYDfjehYzioUkpcBgoNhu7nD7tFsIIC592kaW7YGmV8eLrcPt7WqOOZnoW
Ew6BSyOMPDvVibB0pmi1LnSAZxmkDmpqdEUpcaoyQ6Mv6Emc1lVORDqWy/Lf1r44
gf8IOIxc9/Zql4W65CKTGcnpWRHY6vUwY5GIdYk1z1BxS+h1JNH8JZCHTY/A/FIO
mNhEVvbVSM0g
=3MwH
-----END PGP SIGNATURE-----