Change log for libxml2 package in Ubuntu
226 → 300 of 311 results | First • Previous • Next • Last |
libxml2 (2.7.6.dfsg-1ubuntu1.4) lucid-security; urgency=low * SECURITY UPDATE: add randomization to dictionaries with hash tables help prevent denial of service via hash algorithm collision - configure.in: lookup for rand, srand and time - dict.c: add randomization to dictionaries hash tables - hash.c: add randomization to normal hash tables - 8973d58b7498fa5100a876815476b81fd1a2412a - CVE-2012-0841 -- Jamie Strandboge <email address hidden> Fri, 24 Feb 2012 15:17:42 -0600
Available diffs
Superseded in precise-release |
libxml2 (2.7.8.dfsg-5.1ubuntu3) precise; urgency=low * various fixes for __xmlRaiseError (LP: #686363). This can be dropped in 2.7.8.dfsg-6 - 111d705c282e03e7202723c6c7e4499f8582bd4f - 1b9128bae737fa559f5e2c191d6679a856efbad9 - 241d4a1069e6bedd0ee2295d7b43858109c1c6d1 - c2a0fdc4e6d106690d7fd8fa1677e133c94e155d -- Jamie Strandboge <email address hidden> Thu, 19 Jan 2012 11:59:30 -0600
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.7) hardy-security; urgency=low * SECURITY UPDATE: fix off-by-one leading to denial of service - encoding.c: adjust calculation of space available - 69f04562f75212bfcabecd190ea8b06ace28ece2 - CVE-2011-0216 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.c: fix missing error status in XPath evaluation - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd - CVE-2011-2834 * SECURITY UPDATE: fix out of bounds read - parser.c: make sure the parser returns when getting a Stop order - 77404b8b69bc122d12231807abf1a837d121b551 - CVE-2011-3905 * SECURITY UPDATE: fix heap overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 14:20:37 -0600
Available diffs
libxml2 (2.7.6.dfsg-1ubuntu1.3) lucid-security; urgency=low * SECURITY UPDATE: fix off-by-one leading to denial of service - encoding.c: adjust calculation of space available - 69f04562f75212bfcabecd190ea8b06ace28ece2 - CVE-2011-0216 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when entering a function or a scoped evaluation - f5048b3e71fc30ad096970b8df6e7af073bae4cb - CVE-2011-2821 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.c: fix missing error status in XPath evaluation - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd - CVE-2011-2834 * SECURITY UPDATE: fix out of bounds read - parser.c: make sure the parser returns when getting a Stop order - 77404b8b69bc122d12231807abf1a837d121b551 - CVE-2011-3905 * SECURITY UPDATE: fix heap overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:48:59 -0600
Available diffs
libxml2 (2.7.7.dfsg-4ubuntu0.3) maverick-security; urgency=low * SECURITY UPDATE: fix off-by-one leading to denial of service - encoding.c: adjust calculation of space available - 69f04562f75212bfcabecd190ea8b06ace28ece2 - CVE-2011-0216 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when entering a function or a scoped evaluation - f5048b3e71fc30ad096970b8df6e7af073bae4cb - CVE-2011-2821 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.c: fix missing error status in XPath evaluation - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd - CVE-2011-2834 * SECURITY UPDATE: fix out of bounds read - parser.c: make sure the parser returns when getting a Stop order - 77404b8b69bc122d12231807abf1a837d121b551 - CVE-2011-3905 * SECURITY UPDATE: fix heap overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:46:22 -0600
Available diffs
libxml2 (2.7.8.dfsg-2ubuntu0.2) natty-security; urgency=low * SECURITY UPDATE: fix off-by-one leading to denial of service - encoding.c: adjust calculation of space available - 69f04562f75212bfcabecd190ea8b06ace28ece2 - CVE-2011-0216 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when entering a function or a scoped evaluation - f5048b3e71fc30ad096970b8df6e7af073bae4cb - CVE-2011-2821 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.c: fix missing error status in XPath evaluation - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd - CVE-2011-2834 * SECURITY UPDATE: fix out of bounds read - parser.c: make sure the parser returns when getting a Stop order - 77404b8b69bc122d12231807abf1a837d121b551 - CVE-2011-3905 * SECURITY UPDATE: fix heap overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:40:28 -0600
Available diffs
libxml2 (2.7.8.dfsg-4ubuntu0.1) oneiric-security; urgency=low * SECURITY UPDATE: fix off-by-one leading to denial of service - encoding.c: adjust calculation of space available - 69f04562f75212bfcabecd190ea8b06ace28ece2 - CVE-2011-0216 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when entering a function or a scoped evaluation - f5048b3e71fc30ad096970b8df6e7af073bae4cb - CVE-2011-2821 * SECURITY UPDATE: fix double free in XPath evaluation - xpath.c: fix missing error status in XPath evaluation - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd - CVE-2011-2834 * SECURITY UPDATE: fix out of bounds read - parser.c: make sure the parser returns when getting a Stop order - 77404b8b69bc122d12231807abf1a837d121b551 - CVE-2011-3905 * SECURITY UPDATE: fix heap overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:12:25 -0600
Available diffs
Superseded in precise-release |
libxml2 (2.7.8.dfsg-5.1ubuntu2) precise; urgency=low * SECURITY UPDATE: denial of service via buffer overflow - parser.c: fix an allocation error when copying entities - 5bd3c061823a8499b27422aee04ea20aae24f03e - CVE-2011-3919 -- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 13:03:04 -0600
Available diffs
Superseded in precise-release |
libxml2 (2.7.8.dfsg-5.1ubuntu1) precise; urgency=low * Merge from Debian testing, remaining changes: - Build for multiarch. - Use debhelper compat 9 instead of hardcoding --libdir. - Move the udeb contents back into /usr/lib.
Available diffs
Superseded in precise-release |
libxml2 (2.7.8.dfsg-5ubuntu1) precise; urgency=low * Build for multiarch; thanks to Riku Voipio for the patch. Closes: #643026. * Use debhelper compat 9 instead of hardcoding --libdir. * Move the udeb contents back into /usr/lib. -- Steve Langasek <email address hidden> Wed, 19 Oct 2011 22:00:20 -0700
Available diffs
Superseded in precise-release |
libxml2 (2.7.8.dfsg-5) unstable; urgency=low * xpath.c, xpointer.c, include/libxml/xpath.h: Hardening of XPath evaluation. CVE-2011-2821. * xpath.c: Fix for undefined namespaces. CVE-2011-2834. * Both closes: #643648. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 17 Oct 2011 11:12:48 +0000
Available diffs
- diff from 2.7.8.dfsg-4 to 2.7.8.dfsg-5 (2.3 KiB)
libxml2 (2.7.8.dfsg-4) unstable; urgency=low * debian/rules: Add --with python2 to dh call. * debian/control: - Remove build dependency on python-support. - Build depend on python-all-dev >= 2.6.6-3~. - Remove XB-Python-Version header. - Bump Standards-Version to 3.9.2.0. No changes required. * debian/pycompat: Removed. With the above changes, closes: #631416. Thanks Colin Watson. -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Jul 2011 08:29:35 +0000
Available diffs
- diff from 2.7.8.dfsg-3 to 2.7.8.dfsg-4 (1.1 KiB)
libxml2 (2.7.7.dfsg-4ubuntu0.2) maverick-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via specially crafted xml file - xpath.c: update count only if allocation succeeds. - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4 - CVE-2011-1944 -- Marc Deslauriers <email address hidden> Thu, 16 Jun 2011 09:26:36 -0400
Available diffs
libxml2 (2.7.6.dfsg-1ubuntu1.2) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via specially crafted xml file - xpath.c: update count only if allocation succeeds. - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4 - CVE-2011-1944 -- Marc Deslauriers <email address hidden> Thu, 16 Jun 2011 09:27:43 -0400
Available diffs
libxml2 (2.7.8.dfsg-2ubuntu0.1) natty-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via specially crafted xml file - xpath.c: update count only if allocation succeeds. - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4 - CVE-2011-1944 -- Marc Deslauriers <email address hidden> Thu, 16 Jun 2011 09:18:48 -0400
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.6) hardy-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via specially crafted xml file - xpath.c: update count only if allocation succeeds. - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4 - CVE-2011-1944 -- Marc Deslauriers <email address hidden> Thu, 16 Jun 2011 09:30:30 -0400
Available diffs
Superseded in oneiric-release |
libxml2 (2.7.8.dfsg-3) unstable; urgency=low * xpath.c: Fix some potential problems on reallocation failures. Closes: #628537. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 06 Jun 2011 08:23:03 +0000
Available diffs
- diff from 2.7.8.dfsg-2 to 2.7.8.dfsg-3 (8.1 KiB)
libxml2 (2.7.8.dfsg-2) unstable; urgency=low * xpath.c: Fix a double-freeing error in XPath processing code. (CVE-2010-4494). Closes: #607922. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 27 Dec 2010 10:59:50 +0000
Available diffs
- diff from 2.7.8.dfsg-1 to 2.7.8.dfsg-2 (625 bytes)
libxml2 (2.6.24.dfsg-1ubuntu1.6) dapper-security; urgency=low * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath axis for namespace/attribute context nodes - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9 - CVE-2010-4008 -- Jamie Strandboge <email address hidden> Mon, 08 Nov 2010 12:56:54 -0600
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.5) hardy-security; urgency=low * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath axis for namespace/attribute context nodes - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9 - CVE-2010-4008 -- Jamie Strandboge <email address hidden> Mon, 08 Nov 2010 13:00:19 -0600
Available diffs
libxml2 (2.7.5.dfsg-1ubuntu1.2) karmic-security; urgency=low * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath axis for namespace/attribute context nodes - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9 - CVE-2010-4008 -- Jamie Strandboge <email address hidden> Mon, 08 Nov 2010 13:01:23 -0600
Available diffs
libxml2 (2.7.6.dfsg-1ubuntu1.1) lucid-security; urgency=low * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath axis for namespace/attribute context nodes - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9 - CVE-2010-4008 -- Jamie Strandboge <email address hidden> Mon, 08 Nov 2010 13:02:08 -0600
Available diffs
libxml2 (2.7.7.dfsg-4ubuntu0.1) maverick-security; urgency=low * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath axis for namespace/attribute context nodes - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9 - CVE-2010-4008 -- Jamie Strandboge <email address hidden> Mon, 08 Nov 2010 13:02:43 -0600
Available diffs
Superseded in natty-release |
libxml2 (2.7.8.dfsg-1) unstable; urgency=low * New upstream release. * configure.in: Applied upstream fix to reactivate symbol versioning script. -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 05 Nov 2010 10:19:12 +0000
Available diffs
- diff from 2.7.7.dfsg-4 to 2.7.8.dfsg-1 (86.1 KiB)
libxml2 (2.7.7.dfsg-4) unstable; urgency=low * debian/rules: - Use a variable to express which sub-targets to invoke for configure/build/install. - Refactor configure-% and build-% rules. - Avoid possible renaming of _d.so files to _d_d.so files in the install-python%-dbg rules. * debian/control, debian/control.udeb, debian/libxml2-udeb.install, debian/rules: Add an udeb package when building for Ubuntu. Closes: #583767. * debian/control: - Remove old Conflicts/Replaces for packages that have disappeared before etch. - Bump Standards-Version to 3.9.0.0.
Available diffs
Superseded in maverick-release |
libxml2 (2.7.7.dfsg-2ubuntu1) maverick; urgency=low * Shuffle old Debian changelog entries around to match the Debian layout and reduce the diff. * Drop /usr/share/doc/python-libxml2-dbg -> python-libxml2 symlink which was added to optimize disk space, the -dbg package is huge anyway. Add a preinst snippet to deal with upgrades. * Merge with Debian. - Keep the new Debian build-deps "libreadline-dev | libreadline5-dev" since this should work fine with Ubuntu buildds reinstalling everything on each build. - Drop duplicate -Wall and -g from -dbg CFLAGS. - Drop addition of -Wl,-Bsymbolic-functions to LDFLAGS since LDFLAGS aren't overriden in the Debian rules anymore. - Don't set PYTHON_VERSION and PYTHON_SITE_PACKAGES during python$*-dbg builds since these should be correct already. - Drop explicit zlib1g-dev dep, .pc only mentions zlib in Libs.private and the .la file isn't shipped anymore, so there should be no mention of -lz requiring this anymore. - Rework creation of -dbg package (python$*-dbg) for the new dh 7 rules; install to debian/tmp-dbg. - Remaining changes: + Add python-libxml2-dbg package built with python$*-dbg and these CFLAGS: -Wall -Wextra -g -O0 -fno-strict-aliasing -pedantic. + Add libxml2-udeb package. + Fix debian/python-libxml2.install to cope with builds which don't have any site-packages based python versions. + rm -rf build-python$* in configure-python% to fix FTBFS. * Fix dependency of python-libxml2-dbg on python-libxml2 to use ${binary:Version}, not ${source:Version}. * Add ${misc:Depends} to python-libxml2-dbg.
Available diffs
libxml2 (2.7.5.dfsg-1ubuntu1.1) karmic-proposed; urgency=low * Build using --with-threads, closes LP: #309149 -- Jonathan Riddell <email address hidden> Mon, 28 Dec 2009 23:40:10 +0000
Available diffs
libxml2 (2.7.6.dfsg-1ubuntu1) lucid; urgency=low * Merge from debian testing, remaining changes: - Create -udeb and python -dbg packages - Link using -Bsymbolic-functions - Add missing zlib1g-dev to -dev - Fix site-/dist-packages - Build-depend on libreadline6-dev instead of libreadline5-dev.
Available diffs
libxml2 (2.7.5.dfsg-1ubuntu1) karmic; urgency=low * Merge with Debian (LP: #433253); remaining changes: - Create -udeb and python -dbg packages - Link using -Bsymbolic-functions - Add missing zlib1g-dev to -dev - Fix site-/dist-packages - error.c: Grab fix from SVN to avoid pidgin/jabber crash - Build-depend on libreadline-dev instead of libreadline5-dev.
Available diffs
Superseded in karmic-release |
libxml2 (2.7.3.dfsg-1ubuntu2) karmic; urgency=low * Build-depend on libreadline-dev instead of libreadline5-dev. -- Matthias Klose <email address hidden> Sat, 19 Sep 2009 22:31:32 +0200
Available diffs
libxml2 (2.6.32.dfsg-5ubuntu4.2) jaunty-security; urgency=low * SECURITY UPDATE: denial of service via stack overflow from crafted root XML document element DTD definition - parser.c: validate ctxt->depth isn't too deep - CVE-2009-2414 * SECURITY UPDATE: denial of service via use-after-frees when parsing Notation and Enumeration attribute types - parser.c: use xmlFreeEnumeration before returning. - CVE-2009-2416 * SECURITY UPDATE: heap overflow in entity name parsing - parser.c: reintroduce the security fix for CVE-2008-3529 that got lost somehow - CVE-2008-3529 -- Marc Deslauriers <email address hidden> Tue, 11 Aug 2009 11:37:31 -0400
Available diffs
libxml2 (2.6.24.dfsg-1ubuntu1.5) dapper-security; urgency=low * SECURITY UPDATE: denial of service via stack overflow from crafted root XML document element DTD definition - parser.c: validate ctxt->depth isn't too deep - CVE-2009-2414 * SECURITY UPDATE: denial of service via use-after-frees when parsing Notation and Enumeration attribute types - parser.c: use xmlFreeEnumeration before returning. - CVE-2009-2416 -- Marc Deslauriers <email address hidden> Mon, 10 Aug 2009 16:35:39 -0400
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.4) hardy-security; urgency=low * SECURITY UPDATE: denial of service via stack overflow from crafted root XML document element DTD definition - parser.c: validate ctxt->depth isn't too deep - CVE-2009-2414 * SECURITY UPDATE: denial of service via use-after-frees when parsing Notation and Enumeration attribute types - parser.c: use xmlFreeEnumeration before returning. - CVE-2009-2416 -- Marc Deslauriers <email address hidden> Mon, 10 Aug 2009 16:32:39 -0400
Available diffs
libxml2 (2.6.32.dfsg-4ubuntu1.2) intrepid-security; urgency=low * SECURITY UPDATE: denial of service via stack overflow from crafted root XML document element DTD definition - parser.c: validate ctxt->depth isn't too deep - CVE-2009-2414 * SECURITY UPDATE: denial of service via use-after-frees when parsing Notation and Enumeration attribute types - parser.c: use xmlFreeEnumeration before returning. - CVE-2009-2416 -- Marc Deslauriers <email address hidden> Mon, 10 Aug 2009 16:31:24 -0400
Available diffs
Superseded in karmic-release |
libxml2 (2.7.3.dfsg-1ubuntu1) karmic; urgency=low * Merge from debian unstable (LP: #386390), remaining changes: - Create -udeb and python -dbg packages - Link using -Bsymbolic-functions - Add missing zlib1g-dev to -dev - Fix site-/dist-packages - error.c: Grab fix from SVN to avoid pidgin/jabber crash
Available diffs
libxml2 (2.6.32.dfsg-5ubuntu4) jaunty; urgency=low * error.c: use svn change to fix error handling issues leading to pidgin crash when connecting jabber (lp: #357949) -- Sebastien Bacher <email address hidden> Wed, 08 Apr 2009 22:22:46 +0200
Available diffs
Superseded in jaunty-release |
libxml2 (2.6.32.dfsg-5ubuntu3) jaunty; urgency=low * Define sitedir directly in debian/rules. -- Matthias Klose <email address hidden> Sat, 21 Feb 2009 23:40:49 +0000
Available diffs
Superseded in jaunty-release |
libxml2 (2.6.32.dfsg-5ubuntu2) jaunty; urgency=low * debian/rules: Set PYTHON_SITE_PACKAGES for installation. -- Matthias Klose <email address hidden> Sat, 21 Feb 2009 23:32:52 +0000
Available diffs
Superseded in jaunty-release |
libxml2 (2.6.32.dfsg-5ubuntu1) jaunty; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Link using -Bsymbolic-functions.
Available diffs
libxml2 (2.6.32.dfsg-4ubuntu1.1) intrepid-security; urgency=low * SECURITY UPDATE: infinite loop, integer overflow, and double-free. - parserInternals.c: upstream fix for double-free (svn rev 3741). - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225). - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226). -- Kees Cook <email address hidden> Tue, 18 Nov 2008 08:57:24 -0800
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.3) hardy-security; urgency=low * SECURITY UPDATE: infinite loop, integer overflow, and double-free. - parserInternals.c: upstream fix for double-free (svn rev 3741). - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225). - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226). -- Kees Cook <email address hidden> Tue, 18 Nov 2008 09:01:05 -0800
Available diffs
libxml2 (2.6.30.dfsg-2ubuntu1.4) gutsy-security; urgency=low * SECURITY UPDATE: infinite loop, integer overflow, and double-free. - parserInternals.c: upstream fix for double-free (svn rev 3741). - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225). - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226). -- Kees Cook <email address hidden> Tue, 18 Nov 2008 09:01:48 -0800
Available diffs
libxml2 (2.6.24.dfsg-1ubuntu1.4) dapper-security; urgency=low * SECURITY UPDATE: infinite loop, integer overflow, and double-free. - parserInternals.c: upstream fix for double-free (svn rev 3741). - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225). - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226). -- Kees Cook <email address hidden> Tue, 18 Nov 2008 09:02:55 -0800
Available diffs
libxml2 (2.6.32.dfsg-4ubuntu1) intrepid; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Link using -Bsymbolic-functions.
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.2) hardy-security; urgency=low * SECURITY UPDATE: heap overflow in entity name parsing. * parser.c: upstream fixes thanks to Tomas Hoger. * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix, thanks to Tomas Hoger. * References CVE-2008-3529 -- Kees Cook <email address hidden> Thu, 11 Sep 2008 09:41:33 -0700
Available diffs
libxml2 (2.6.30.dfsg-2ubuntu1.3) gutsy-security; urgency=low * SECURITY UPDATE: heap overflow in entity name parsing. * parser.c: upstream fixes thanks to Tomas Hoger. * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix, thanks to Tomas Hoger. * References CVE-2008-3529 -- Kees Cook <email address hidden> Thu, 11 Sep 2008 10:46:50 -0700
Available diffs
libxml2 (2.6.27.dfsg-1ubuntu3.3) feisty-security; urgency=low * SECURITY UPDATE: heap overflow in entity name parsing. * parser.c: upstream fixes thanks to Tomas Hoger. * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix, thanks to Tomas Hoger. * References CVE-2008-3529 -- Kees Cook <email address hidden> Thu, 11 Sep 2008 10:47:54 -0700
Available diffs
libxml2 (2.6.24.dfsg-1ubuntu1.3) dapper-security; urgency=low * SECURITY UPDATE: heap overflow in entity name parsing. * parser.c: upstream fixes thanks to Tomas Hoger. * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix, thanks to Tomas Hoger. * References CVE-2008-3529 -- Kees Cook <email address hidden> Thu, 11 Sep 2008 11:07:10 -0700
Available diffs
Superseded in intrepid-release |
libxml2 (2.6.32.dfsg-2ubuntu3) intrepid; urgency=low * SECURITY UPDATE: heap overflow in entity name parsing. * parser.c: upstream fixes thanks to Tomas Hoger. * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix, thanks to Tomas Hoger. * References CVE-2008-3529 -- Kees Cook <email address hidden> Thu, 11 Sep 2008 10:11:02 -0700
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1.1) hardy-security; urgency=low * SECURITY UPDATE: DoS via recursive entity evaluation. * entities.c, include/libxml/parser.h, parser.c, parserInternals.c: non-ABI-breaking version of upstream changes, thanks to Mike Hommey. * References CVE-2008-3281 -- Kees Cook <email address hidden> Tue, 02 Sep 2008 14:25:35 -0700
Available diffs
libxml2 (2.6.30.dfsg-2ubuntu1.2) gutsy-security; urgency=low * SECURITY UPDATE: DoS via recursive entity evaluation. * entities.c, include/libxml/parser.h, parser.c, parserInternals.c: non-ABI-breaking version of upstream changes, thanks to Mike Hommey. * References CVE-2008-3281 -- Kees Cook <email address hidden> Tue, 02 Sep 2008 14:25:35 -0700
Available diffs
libxml2 (2.6.27.dfsg-1ubuntu3.2) feisty-security; urgency=low * SECURITY UPDATE: DoS via recursive entity evaluation. * entities.c, include/libxml/parser.h, parser.c, parserInternals.c: non-ABI-breaking version of upstream changes, thanks to Mike Hommey. * References CVE-2008-3281 -- Kees Cook <email address hidden> Tue, 02 Sep 2008 14:56:51 -0700
Available diffs
libxml2 (2.6.24.dfsg-1ubuntu1.2) dapper-security; urgency=low * SECURITY UPDATE: DoS via recursive entity evaluation. * entities.c, include/libxml/parser.h, parser.c, parserInternals.c: non-ABI-breaking version of upstream changes, thanks to Mike Hommey. * References CVE-2008-3281 -- Kees Cook <email address hidden> Tue, 02 Sep 2008 14:57:39 -0700
Available diffs
Superseded in intrepid-release |
libxml2 (2.6.32.dfsg-2ubuntu2) intrepid; urgency=low * SECURITY UPDATE: DoS via recursive entity evaluation. * entities.c, include/libxml/parser.h, parser.c, parserInternals.c: non-ABI-breaking version of upstream changes, thanks to Mike Hommey. * References CVE-2008-3281 -- Kees Cook <email address hidden> Tue, 02 Sep 2008 14:25:35 -0700
Available diffs
Superseded in intrepid-release |
libxml2 (2.6.32.dfsg-2ubuntu1) intrepid; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Link using -Bsymbolic-functions.
Available diffs
libxml2 (2.6.31.dfsg-2ubuntu1) hardy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Link using -Bsymbolic-functions. * Fixed: USN-569-1, denial of service bug in UTF-8 handling. LP: #181985.
Superseded in hardy-release |
libxml2 (2.6.31.dfsg-1ubuntu1) hardy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Link using -Bsymbolic-functions.
libxml2 (2.6.30.dfsg-2ubuntu1.1) gutsy-security; urgency=low * SECURITY UPDATE: infinite loop with malformed UTF8 * parserInternals.c: patched inline with upstream changes, thanks to Daniel Veillard. * References http://mail.gnome.org/archives/xml/2008-January/msg00036.html CVE-2007-6284 -- Kees Cook <email address hidden> Mon, 14 Jan 2008 09:56:09 -0800
libxml2 (2.6.27.dfsg-1ubuntu3.1) feisty-security; urgency=low * SECURITY UPDATE: infinite loop with malformed UTF8 * parserInternals.c: patched inline with upstream changes, thanks to Daniel Veillard. * References http://mail.gnome.org/archives/xml/2008-January/msg00036.html CVE-2007-6284 -- Kees Cook <email address hidden> Mon, 14 Jan 2008 09:56:09 -0800
libxml2 (2.6.26.dfsg-2ubuntu4.1) edgy-security; urgency=low * SECURITY UPDATE: infinite loop with malformed UTF8 * parserInternals.c: patched inline with upstream changes, thanks to Daniel Veillard. * References http://mail.gnome.org/archives/xml/2008-January/msg00036.html CVE-2007-6284 -- Kees Cook <email address hidden> Mon, 14 Jan 2008 09:56:09 -0800
libxml2 (2.6.24.dfsg-1ubuntu1.1) dapper-security; urgency=low * SECURITY UPDATE: infinite loop with malformed UTF8 * parserInternals.c: patched inline with upstream changes, thanks to Daniel Veillard. * References http://mail.gnome.org/archives/xml/2008-January/msg00036.html CVE-2007-6284 -- Kees Cook <email address hidden> Mon, 14 Jan 2008 09:56:09 -0800
Superseded in hardy-release |
libxml2 (2.6.30.dfsg-3ubuntu1) hardy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. - Fix a regression using XSLT copy element. LP: #147144. * Link using -Bsymbolic-functions.
libxml2 (2.6.30.dfsg-2ubuntu1) gutsy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package. * Fixes a regression using XSLT copy element. LP: #147144.
Superseded in gutsy-release |
libxml2 (2.6.29.dfsg-1ubuntu2) gutsy; urgency=low * Trigger rebuild for hppa -- LaMont Jones <email address hidden> Thu, 04 Oct 2007 12:11:58 -0600
Superseded in gutsy-release |
libxml2 (2.6.29.dfsg-1ubuntu1) gutsy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package.
Superseded in gutsy-release |
libxml2 (2.6.28.dfsg-1ubuntu1) gutsy; urgency=low * Merge with Debian; remaining changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. - Build a python-libxml2-dbg package.
libxml2 (2.6.27.dfsg-1ubuntu3) feisty; urgency=low * Install the python debug build into the same temporary installation dir. -- Matthias Klose <email address hidden> Sun, 18 Feb 2007 22:24:20 +0100
Superseded in feisty-release |
libxml2 (2.6.27.dfsg-1ubuntu2) feisty; urgency=low * Build a python-libxml2-dbg package. * Set Ubuntu maintainer address. -- Matthias Klose <email address hidden> Sat, 17 Feb 2007 03:05:01 +0100
Superseded in feisty-release |
libxml2 (2.6.27.dfsg-1ubuntu1) feisty; urgency=low * Merge from debian unstable. * Remaining Ubuntu changes: - debian/rules: create a udeb for debian-installer, correct libxml2-dev Depends to include zlib1g-dev. -- Kees Cook <email address hidden> Mon, 27 Nov 2006 15:23:46 -0800
libxml2 (2.6.26.dfsg-2ubuntu4) edgy; urgency=low * debian/control: Add zlib1g-dev/libz-dev to libxml2-dev Depends. -- Kees Cook <email address hidden> Fri, 13 Oct 2006 10:24:25 -0700
Superseded in edgy-release |
libxml2 (2.6.26.dfsg-2ubuntu3) edgy; urgency=low * Rebuild to add support for python2.5. -- Matthias Klose <email address hidden> Fri, 8 Sep 2006 13:30:02 +0000
Superseded in edgy-release |
libxml2 (2.6.26.dfsg-2ubuntu2) edgy; urgency=low * Fix dh_makeshlibs --add-udeb syntax. -- Colin Watson <email address hidden> Tue, 1 Aug 2006 08:24:43 +0100
Superseded in edgy-release |
libxml2 (2.6.26.dfsg-2ubuntu1) edgy; urgency=low [ Evan Dandrea ] * Created a udeb for debian-installer. [ Colin Watson ] * Use dh_makeshlibs --add-udeb. Drop udeb Provides since we have no backward compatibility to maintain. -- Colin Watson <email address hidden> Mon, 31 Jul 2006 10:32:45 +0100
Superseded in edgy-release |
libxml2 (2.6.26.dfsg-2) unstable; urgency=low * The slithering release. * debian/python-libxml2.examples.in: Renamed to debian/python-libxml2.examples * debian/python-libxml2.install.in: Renamed to debian/python-libxml2.install, and replaced PYVERS by a wildcard. * debian/control: + Adapted dependencies to fit all changes. + Added fields required by new Python policy. + Added fields necessary for flawless transition. + Replaced dummy python-libxml2 package by a full real package which itself replaces python2.x-libxml2 packages. * debian/rules: + Changed rules to get the python versions we want to build for and adapted some rules to fit with the new setting. + Changed shell loops to make loops. + In case python binary modules are identical (and they are, but they may not be with future versions of the python headers), replace some of them with symbolic links. + Adapted rules to the fact we're installing in only one python package instead of several. * debian/pycompat: Set to 2, for new Python policy. Closes: #373456. * Switching to the new policy avoids necessity to conflict with very old versions of the python bindings packages. Closes: #365057. * debian/libxml2-doc.install: Added the /usr/share/gtk-doc directory. Closes: #375113. * debian/control: Made libxml2-doc suggest devhelper. * libxml-2.0.pc.in, libxml-2.0-uninstalled.pc.in: Split Libs in Libs and Libs.private. * xml2-config.in, xml2-config.1: Added a --static option to add to --libs so that we can split what is needed when building statically and what is needed when building dynamically. Closes: #374017. * libxml-2.0.pc.in, libxml-2.0-uninstalled.pc.in, xml2-config.in: Added BASE_THREADS_LIBS to the static link information so that -lpthread would appear. Closes: #372945. * debian/control: Removed dependency on zlib-dev for libxml2-dev. * debian/rules: Add the NEWS file to dh_install calls. Closes: #365596. * debian/watch: Updated. * NEWS: Updated. -- Matthias Klose <email address hidden> Tue, 04 Jul 2006 13:12:02 +0100
Superseded in edgy-release |
libxml2 (2.6.26.dfsg-1ubuntu1) edgy; urgency=low * Resynchronized with Debian, only Ubuntu changes are: - debian/control: - drop python2.3-libxml2 package, - drop python2.3-dev Build-Depends. - debian/libxml2-doc.install: - add usr/share/gtk-doc/ to Build-Depends.
226 → 300 of 311 results | First • Previous • Next • Last |