Change log for libxml2 package in Ubuntu

226300 of 311 results
Superseded in lucid-updates
Superseded in lucid-security
libxml2 (2.7.6.dfsg-1ubuntu1.4) lucid-security; urgency=low

  * SECURITY UPDATE: add randomization to dictionaries with hash tables
    help prevent denial of service via hash algorithm collision
    - configure.in: lookup for rand, srand and time
    - dict.c: add randomization to dictionaries hash tables
    - hash.c: add randomization to normal hash tables
    - 8973d58b7498fa5100a876815476b81fd1a2412a
    - CVE-2012-0841
 -- Jamie Strandboge <email address hidden>   Fri, 24 Feb 2012 15:17:42 -0600
Superseded in precise-release
libxml2 (2.7.8.dfsg-5.1ubuntu3) precise; urgency=low

  * various fixes for __xmlRaiseError (LP: #686363). This can be dropped in
    2.7.8.dfsg-6
    - 111d705c282e03e7202723c6c7e4499f8582bd4f
    - 1b9128bae737fa559f5e2c191d6679a856efbad9
    - 241d4a1069e6bedd0ee2295d7b43858109c1c6d1
    - c2a0fdc4e6d106690d7fd8fa1677e133c94e155d
 -- Jamie Strandboge <email address hidden>   Thu, 19 Jan 2012 11:59:30 -0600
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.7) hardy-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 14:20:37 -0600
Superseded in lucid-updates
Superseded in lucid-security
libxml2 (2.7.6.dfsg-1ubuntu1.3) lucid-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
      entering a function or a scoped evaluation
    - f5048b3e71fc30ad096970b8df6e7af073bae4cb
    - CVE-2011-2821
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:48:59 -0600
Superseded in maverick-updates
Superseded in maverick-security
libxml2 (2.7.7.dfsg-4ubuntu0.3) maverick-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
      entering a function or a scoped evaluation
    - f5048b3e71fc30ad096970b8df6e7af073bae4cb
    - CVE-2011-2821
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:46:22 -0600
Superseded in natty-updates
Superseded in natty-security
libxml2 (2.7.8.dfsg-2ubuntu0.2) natty-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
      entering a function or a scoped evaluation
    - f5048b3e71fc30ad096970b8df6e7af073bae4cb
    - CVE-2011-2821
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:40:28 -0600
Superseded in oneiric-updates
Superseded in oneiric-security
libxml2 (2.7.8.dfsg-4ubuntu0.1) oneiric-security; urgency=low

  * SECURITY UPDATE: fix off-by-one leading to denial of service
    - encoding.c: adjust calculation of space available
    - 69f04562f75212bfcabecd190ea8b06ace28ece2
    - CVE-2011-0216
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.h, xpath.c: add a mechanism of frame for XPath evaluation when
      entering a function or a scoped evaluation
    - f5048b3e71fc30ad096970b8df6e7af073bae4cb
    - CVE-2011-2821
  * SECURITY UPDATE: fix double free in XPath evaluation
    - xpath.c: fix missing error status in XPath evaluation
    - 1d4526f6f4ec8d18c40e2a09b387652a6c1aa2cd
    - CVE-2011-2834
  * SECURITY UPDATE: fix out of bounds read
    - parser.c: make sure the parser returns when getting a Stop order
    - 77404b8b69bc122d12231807abf1a837d121b551
    - CVE-2011-3905
  * SECURITY UPDATE: fix heap overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:12:25 -0600
Superseded in precise-release
libxml2 (2.7.8.dfsg-5.1ubuntu2) precise; urgency=low

  * SECURITY UPDATE: denial of service via buffer overflow
    - parser.c: fix an allocation error when copying entities
    - 5bd3c061823a8499b27422aee04ea20aae24f03e
    - CVE-2011-3919
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 13:03:04 -0600
Superseded in precise-release
libxml2 (2.7.8.dfsg-5.1ubuntu1) precise; urgency=low

  * Merge from Debian testing, remaining changes:
    - Build for multiarch.
    - Use debhelper compat 9 instead of hardcoding --libdir.
    - Move the udeb contents back into /usr/lib.

Superseded in precise-release
libxml2 (2.7.8.dfsg-5ubuntu1) precise; urgency=low

  * Build for multiarch; thanks to Riku Voipio for the patch.
    Closes: #643026.
  * Use debhelper compat 9 instead of hardcoding --libdir.
  * Move the udeb contents back into /usr/lib.
 -- Steve Langasek <email address hidden>   Wed, 19 Oct 2011 22:00:20 -0700
Superseded in precise-release
libxml2 (2.7.8.dfsg-5) unstable; urgency=low

  * xpath.c, xpointer.c, include/libxml/xpath.h: Hardening of XPath evaluation.
    CVE-2011-2821.
  * xpath.c: Fix for undefined namespaces. CVE-2011-2834.
  * Both closes: #643648.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  17 Oct 2011 11:12:48 +0000

Available diffs

Superseded in precise-release
Obsolete in oneiric-release
libxml2 (2.7.8.dfsg-4) unstable; urgency=low

  * debian/rules: Add --with python2 to dh call.
  * debian/control:
    - Remove build dependency on python-support.
    - Build depend on python-all-dev >= 2.6.6-3~.
    - Remove XB-Python-Version header.
    - Bump Standards-Version to 3.9.2.0. No changes required.
  * debian/pycompat: Removed. With the above changes, closes: #631416.
    Thanks Colin Watson.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Sat,  30 Jul 2011 08:29:35 +0000

Available diffs

Superseded in maverick-updates
Superseded in maverick-security
libxml2 (2.7.7.dfsg-4ubuntu0.2) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    specially crafted xml file
    - xpath.c: update count only if allocation succeeds.
    - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
    - CVE-2011-1944
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jun 2011 09:26:36 -0400
Superseded in lucid-updates
Superseded in lucid-security
libxml2 (2.7.6.dfsg-1ubuntu1.2) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    specially crafted xml file
    - xpath.c: update count only if allocation succeeds.
    - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
    - CVE-2011-1944
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jun 2011 09:27:43 -0400
Superseded in natty-updates
Superseded in natty-security
libxml2 (2.7.8.dfsg-2ubuntu0.1) natty-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    specially crafted xml file
    - xpath.c: update count only if allocation succeeds.
    - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
    - CVE-2011-1944
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jun 2011 09:18:48 -0400
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.6) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    specially crafted xml file
    - xpath.c: update count only if allocation succeeds.
    - http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
    - CVE-2011-1944
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jun 2011 09:30:30 -0400
Superseded in oneiric-release
libxml2 (2.7.8.dfsg-3) unstable; urgency=low

  * xpath.c: Fix some potential problems on reallocation failures.
    Closes: #628537.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  06 Jun 2011 08:23:03 +0000

Available diffs

Superseded in oneiric-release
Obsolete in natty-release
libxml2 (2.7.8.dfsg-2) unstable; urgency=low

  * xpath.c: Fix a double-freeing error in XPath processing code.
    (CVE-2010-4494). Closes: #607922.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  27 Dec 2010 10:59:50 +0000

Available diffs

Obsolete in dapper-updates
Obsolete in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.6) dapper-security; urgency=low

  * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
    axis for namespace/attribute context nodes
    - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
    - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
    - CVE-2010-4008
 -- Jamie Strandboge <email address hidden>   Mon, 08 Nov 2010 12:56:54 -0600
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.5) hardy-security; urgency=low

  * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
    axis for namespace/attribute context nodes
    - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
    - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
    - CVE-2010-4008
 -- Jamie Strandboge <email address hidden>   Mon, 08 Nov 2010 13:00:19 -0600
Obsolete in karmic-updates
Obsolete in karmic-security
libxml2 (2.7.5.dfsg-1ubuntu1.2) karmic-security; urgency=low

  * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
    axis for namespace/attribute context nodes
    - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
    - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
    - CVE-2010-4008
 -- Jamie Strandboge <email address hidden>   Mon, 08 Nov 2010 13:01:23 -0600
Superseded in lucid-updates
Superseded in lucid-security
libxml2 (2.7.6.dfsg-1ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
    axis for namespace/attribute context nodes
    - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
    - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
    - CVE-2010-4008
 -- Jamie Strandboge <email address hidden>   Mon, 08 Nov 2010 13:02:08 -0600
Superseded in maverick-updates
Superseded in maverick-security
libxml2 (2.7.7.dfsg-4ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
    axis for namespace/attribute context nodes
    - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
    - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
    - CVE-2010-4008
 -- Jamie Strandboge <email address hidden>   Mon, 08 Nov 2010 13:02:43 -0600
Superseded in natty-release
libxml2 (2.7.8.dfsg-1) unstable; urgency=low

  * New upstream release.
  * configure.in: Applied upstream fix to reactivate symbol versioning script.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Fri,  05 Nov 2010 10:19:12 +0000

Available diffs

Superseded in natty-release
Obsolete in maverick-release
libxml2 (2.7.7.dfsg-4) unstable; urgency=low

  * debian/rules:
    - Use a variable to express which sub-targets to invoke for
      configure/build/install.
    - Refactor configure-% and build-% rules.
    - Avoid possible renaming of _d.so files to _d_d.so files in the
      install-python%-dbg rules.
  * debian/control, debian/control.udeb, debian/libxml2-udeb.install,
    debian/rules: Add an udeb package when building for Ubuntu.
    Closes: #583767.
  * debian/control:
    - Remove old Conflicts/Replaces for packages that have disappeared before
      etch.
    - Bump Standards-Version to 3.9.0.0.

Superseded in maverick-release
libxml2 (2.7.7.dfsg-2ubuntu1) maverick; urgency=low

  * Shuffle old Debian changelog entries around to match the Debian layout and
    reduce the diff.
  * Drop /usr/share/doc/python-libxml2-dbg -> python-libxml2 symlink which was
    added to optimize disk space, the -dbg package is huge anyway.  Add a
    preinst snippet to deal with upgrades.
  * Merge with Debian.
    - Keep the new Debian build-deps "libreadline-dev | libreadline5-dev"
      since this should work fine with Ubuntu buildds reinstalling everything
      on each build.
    - Drop duplicate -Wall and -g from -dbg CFLAGS.
    - Drop addition of -Wl,-Bsymbolic-functions to LDFLAGS since LDFLAGS
      aren't overriden in the Debian rules anymore.
    - Don't set PYTHON_VERSION and PYTHON_SITE_PACKAGES during python$*-dbg
      builds since these should be correct already.
    - Drop explicit zlib1g-dev dep, .pc only mentions zlib in Libs.private and
      the .la file isn't shipped anymore, so there should be no mention of -lz
      requiring this anymore.
    - Rework creation of -dbg package (python$*-dbg) for the new dh 7 rules;
      install to debian/tmp-dbg.
    - Remaining changes:
      + Add python-libxml2-dbg package built with python$*-dbg and these
        CFLAGS: -Wall -Wextra -g -O0 -fno-strict-aliasing -pedantic.
      + Add libxml2-udeb package.
      + Fix debian/python-libxml2.install to cope with builds which don't have
        any site-packages based python versions.
      + rm -rf build-python$* in configure-python% to fix FTBFS.
  * Fix dependency of python-libxml2-dbg on python-libxml2 to use
    ${binary:Version}, not ${source:Version}.
  * Add ${misc:Depends} to python-libxml2-dbg.

Superseded in karmic-updates
Deleted in karmic-proposed (Reason: moved to -updates)
libxml2 (2.7.5.dfsg-1ubuntu1.1) karmic-proposed; urgency=low

  * Build using --with-threads, closes LP: #309149
 -- Jonathan Riddell <email address hidden>   Mon, 28 Dec 2009 23:40:10 +0000
Superseded in maverick-release
Obsolete in lucid-release
libxml2 (2.7.6.dfsg-1ubuntu1) lucid; urgency=low

  * Merge from debian testing, remaining changes:
    - Create -udeb and python -dbg packages
    - Link using -Bsymbolic-functions
    - Add missing zlib1g-dev to -dev
    - Fix site-/dist-packages
    - Build-depend on libreadline6-dev instead of libreadline5-dev.

Superseded in lucid-release
Obsolete in karmic-release
libxml2 (2.7.5.dfsg-1ubuntu1) karmic; urgency=low

  * Merge with Debian (LP: #433253); remaining changes:
    - Create -udeb and python -dbg packages
    - Link using -Bsymbolic-functions
    - Add missing zlib1g-dev to -dev
    - Fix site-/dist-packages
    - error.c: Grab fix from SVN to avoid pidgin/jabber crash
    - Build-depend on libreadline-dev instead of libreadline5-dev.

Superseded in karmic-release
libxml2 (2.7.3.dfsg-1ubuntu2) karmic; urgency=low

  * Build-depend on libreadline-dev instead of libreadline5-dev.

 -- Matthias Klose <email address hidden>   Sat, 19 Sep 2009 22:31:32 +0200
Obsolete in jaunty-updates
Obsolete in jaunty-security
libxml2 (2.6.32.dfsg-5ubuntu4.2) jaunty-security; urgency=low

  * SECURITY UPDATE: denial of service via stack overflow from crafted
    root XML document element DTD definition
    - parser.c: validate ctxt->depth isn't too deep
    - CVE-2009-2414
  * SECURITY UPDATE: denial of service via use-after-frees when parsing
    Notation and Enumeration attribute types
    - parser.c: use xmlFreeEnumeration before returning.
    - CVE-2009-2416
  * SECURITY UPDATE: heap overflow in entity name parsing
    - parser.c: reintroduce the security fix for CVE-2008-3529 that got
      lost somehow
    - CVE-2008-3529

 -- Marc Deslauriers <email address hidden>   Tue, 11 Aug 2009 11:37:31 -0400
Superseded in dapper-updates
Superseded in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.5) dapper-security; urgency=low

  * SECURITY UPDATE: denial of service via stack overflow from crafted
    root XML document element DTD definition
    - parser.c: validate ctxt->depth isn't too deep
    - CVE-2009-2414
  * SECURITY UPDATE: denial of service via use-after-frees when parsing
    Notation and Enumeration attribute types
    - parser.c: use xmlFreeEnumeration before returning.
    - CVE-2009-2416

 -- Marc Deslauriers <email address hidden>   Mon, 10 Aug 2009 16:35:39 -0400
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.4) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via stack overflow from crafted
    root XML document element DTD definition
    - parser.c: validate ctxt->depth isn't too deep
    - CVE-2009-2414
  * SECURITY UPDATE: denial of service via use-after-frees when parsing
    Notation and Enumeration attribute types
    - parser.c: use xmlFreeEnumeration before returning.
    - CVE-2009-2416

 -- Marc Deslauriers <email address hidden>   Mon, 10 Aug 2009 16:32:39 -0400
Obsolete in intrepid-updates
Obsolete in intrepid-security
libxml2 (2.6.32.dfsg-4ubuntu1.2) intrepid-security; urgency=low

  * SECURITY UPDATE: denial of service via stack overflow from crafted
    root XML document element DTD definition
    - parser.c: validate ctxt->depth isn't too deep
    - CVE-2009-2414
  * SECURITY UPDATE: denial of service via use-after-frees when parsing
    Notation and Enumeration attribute types
    - parser.c: use xmlFreeEnumeration before returning.
    - CVE-2009-2416

 -- Marc Deslauriers <email address hidden>   Mon, 10 Aug 2009 16:31:24 -0400
Superseded in karmic-release
libxml2 (2.7.3.dfsg-1ubuntu1) karmic; urgency=low

  * Merge from debian unstable (LP: #386390), remaining changes:
    - Create -udeb and python -dbg packages
    - Link using -Bsymbolic-functions
    - Add missing zlib1g-dev to -dev
    - Fix site-/dist-packages
    - error.c: Grab fix from SVN to avoid pidgin/jabber crash

Superseded in karmic-release
Obsolete in jaunty-release
libxml2 (2.6.32.dfsg-5ubuntu4) jaunty; urgency=low

  * error.c: use svn change to fix error handling issues leading to pidgin crash
    when connecting jabber (lp: #357949)

 -- Sebastien Bacher <email address hidden>   Wed, 08 Apr 2009 22:22:46 +0200
Superseded in jaunty-release
libxml2 (2.6.32.dfsg-5ubuntu3) jaunty; urgency=low

  * Define sitedir directly in debian/rules.

 -- Matthias Klose <email address hidden>   Sat, 21 Feb 2009 23:40:49 +0000
Superseded in jaunty-release
libxml2 (2.6.32.dfsg-5ubuntu2) jaunty; urgency=low

  * debian/rules: Set PYTHON_SITE_PACKAGES for installation.

 -- Matthias Klose <email address hidden>   Sat, 21 Feb 2009 23:32:52 +0000
Superseded in jaunty-release
libxml2 (2.6.32.dfsg-5ubuntu1) jaunty; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.

Superseded in intrepid-updates
Superseded in intrepid-security
libxml2 (2.6.32.dfsg-4ubuntu1.1) intrepid-security; urgency=low

  * SECURITY UPDATE: infinite loop, integer overflow, and double-free.
    - parserInternals.c: upstream fix for double-free (svn rev 3741).
    - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225).
    - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226).

 -- Kees Cook <email address hidden>   Tue, 18 Nov 2008 08:57:24 -0800
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.3) hardy-security; urgency=low

  * SECURITY UPDATE: infinite loop, integer overflow, and double-free.
    - parserInternals.c: upstream fix for double-free (svn rev 3741).
    - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225).
    - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226).

 -- Kees Cook <email address hidden>   Tue, 18 Nov 2008 09:01:05 -0800
Obsolete in gutsy-updates
Obsolete in gutsy-security
libxml2 (2.6.30.dfsg-2ubuntu1.4) gutsy-security; urgency=low

  * SECURITY UPDATE: infinite loop, integer overflow, and double-free.
    - parserInternals.c: upstream fix for double-free (svn rev 3741).
    - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225).
    - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226).

 -- Kees Cook <email address hidden>   Tue, 18 Nov 2008 09:01:48 -0800
Superseded in dapper-updates
Superseded in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.4) dapper-security; urgency=low

  * SECURITY UPDATE: infinite loop, integer overflow, and double-free.
    - parserInternals.c: upstream fix for double-free (svn rev 3741).
    - tree.c: fix for infinite loop, thanks to Mike Hommey (CVE-2008-4225).
    - SAX2.c: fix for integer overflow, thanks to Mike Hommey CVE-2008-4226).

 -- Kees Cook <email address hidden>   Tue, 18 Nov 2008 09:02:55 -0800
Superseded in jaunty-release
Obsolete in intrepid-release
libxml2 (2.6.32.dfsg-4ubuntu1) intrepid; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.

Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: heap overflow in entity name parsing.
  * parser.c: upstream fixes thanks to Tomas Hoger.
  * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
    thanks to Tomas Hoger.
  * References
    CVE-2008-3529

 -- Kees Cook <email address hidden>   Thu, 11 Sep 2008 09:41:33 -0700
Superseded in gutsy-updates
Superseded in gutsy-security
libxml2 (2.6.30.dfsg-2ubuntu1.3) gutsy-security; urgency=low

  * SECURITY UPDATE: heap overflow in entity name parsing.
  * parser.c: upstream fixes thanks to Tomas Hoger.
  * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
    thanks to Tomas Hoger.
  * References
    CVE-2008-3529

 -- Kees Cook <email address hidden>   Thu, 11 Sep 2008 10:46:50 -0700
Obsolete in feisty-updates
Obsolete in feisty-security
libxml2 (2.6.27.dfsg-1ubuntu3.3) feisty-security; urgency=low

  * SECURITY UPDATE: heap overflow in entity name parsing.
  * parser.c: upstream fixes thanks to Tomas Hoger.
  * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
    thanks to Tomas Hoger.
  * References
    CVE-2008-3529

 -- Kees Cook <email address hidden>   Thu, 11 Sep 2008 10:47:54 -0700
Superseded in dapper-updates
Superseded in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.3) dapper-security; urgency=low

  * SECURITY UPDATE: heap overflow in entity name parsing.
  * parser.c: upstream fixes thanks to Tomas Hoger.
  * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
    thanks to Tomas Hoger.
  * References
    CVE-2008-3529

 -- Kees Cook <email address hidden>   Thu, 11 Sep 2008 11:07:10 -0700
Superseded in intrepid-release
libxml2 (2.6.32.dfsg-2ubuntu3) intrepid; urgency=low

  * SECURITY UPDATE: heap overflow in entity name parsing.
  * parser.c: upstream fixes thanks to Tomas Hoger.
  * include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
    thanks to Tomas Hoger.
  * References
    CVE-2008-3529

 -- Kees Cook <email address hidden>   Thu, 11 Sep 2008 10:11:02 -0700
Superseded in hardy-updates
Superseded in hardy-security
libxml2 (2.6.31.dfsg-2ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: DoS via recursive entity evaluation.
  * entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
    non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
  * References
    CVE-2008-3281

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 14:25:35 -0700
Superseded in gutsy-updates
Superseded in gutsy-security
libxml2 (2.6.30.dfsg-2ubuntu1.2) gutsy-security; urgency=low

  * SECURITY UPDATE: DoS via recursive entity evaluation.
  * entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
    non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
  * References
    CVE-2008-3281

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 14:25:35 -0700
Superseded in feisty-updates
Superseded in feisty-security
libxml2 (2.6.27.dfsg-1ubuntu3.2) feisty-security; urgency=low

  * SECURITY UPDATE: DoS via recursive entity evaluation.
  * entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
    non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
  * References
    CVE-2008-3281

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 14:56:51 -0700
Superseded in dapper-updates
Superseded in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.2) dapper-security; urgency=low

  * SECURITY UPDATE: DoS via recursive entity evaluation.
  * entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
    non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
  * References
    CVE-2008-3281

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 14:57:39 -0700
Superseded in intrepid-release
libxml2 (2.6.32.dfsg-2ubuntu2) intrepid; urgency=low

  * SECURITY UPDATE: DoS via recursive entity evaluation.
  * entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
    non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
  * References
    CVE-2008-3281

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 14:25:35 -0700
Superseded in intrepid-release
libxml2 (2.6.32.dfsg-2ubuntu1) intrepid; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.

Superseded in intrepid-release
Obsolete in hardy-release
libxml2 (2.6.31.dfsg-2ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.
  * Fixed: USN-569-1, denial of service bug in UTF-8 handling. LP: #181985.

Superseded in hardy-release
libxml2 (2.6.31.dfsg-1ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.

Superseded in gutsy-updates
Superseded in gutsy-security
libxml2 (2.6.30.dfsg-2ubuntu1.1) gutsy-security; urgency=low

  * SECURITY UPDATE: infinite loop with malformed UTF8
  * parserInternals.c: patched inline with upstream changes, thanks to
    Daniel Veillard.
  * References
    http://mail.gnome.org/archives/xml/2008-January/msg00036.html
    CVE-2007-6284

 -- Kees Cook <email address hidden>   Mon, 14 Jan 2008 09:56:09 -0800
Superseded in feisty-updates
Superseded in feisty-security
libxml2 (2.6.27.dfsg-1ubuntu3.1) feisty-security; urgency=low

  * SECURITY UPDATE: infinite loop with malformed UTF8
  * parserInternals.c: patched inline with upstream changes, thanks to
    Daniel Veillard.
  * References
    http://mail.gnome.org/archives/xml/2008-January/msg00036.html
    CVE-2007-6284

 -- Kees Cook <email address hidden>   Mon, 14 Jan 2008 09:56:09 -0800
Obsolete in edgy-updates
Obsolete in edgy-security
libxml2 (2.6.26.dfsg-2ubuntu4.1) edgy-security; urgency=low

  * SECURITY UPDATE: infinite loop with malformed UTF8
  * parserInternals.c: patched inline with upstream changes, thanks to
    Daniel Veillard.
  * References
    http://mail.gnome.org/archives/xml/2008-January/msg00036.html
    CVE-2007-6284

 -- Kees Cook <email address hidden>   Mon, 14 Jan 2008 09:56:09 -0800
Superseded in dapper-updates
Superseded in dapper-security
libxml2 (2.6.24.dfsg-1ubuntu1.1) dapper-security; urgency=low

  * SECURITY UPDATE: infinite loop with malformed UTF8
  * parserInternals.c: patched inline with upstream changes, thanks to
    Daniel Veillard.
  * References
    http://mail.gnome.org/archives/xml/2008-January/msg00036.html
    CVE-2007-6284

 -- Kees Cook <email address hidden>   Mon, 14 Jan 2008 09:56:09 -0800
Superseded in hardy-release
libxml2 (2.6.30.dfsg-3ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Fix a regression using XSLT copy element. LP: #147144.
  * Link using -Bsymbolic-functions.

Superseded in hardy-release
Obsolete in gutsy-release
libxml2 (2.6.30.dfsg-2ubuntu1) gutsy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
  * Fixes a regression using XSLT copy element. LP: #147144.

Superseded in gutsy-release
libxml2 (2.6.29.dfsg-1ubuntu2) gutsy; urgency=low

  * Trigger rebuild for hppa

 -- LaMont Jones <email address hidden>   Thu, 04 Oct 2007 12:11:58 -0600
Superseded in gutsy-release
libxml2 (2.6.29.dfsg-1ubuntu1) gutsy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.

Superseded in gutsy-release
libxml2 (2.6.28.dfsg-1ubuntu1) gutsy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.

Superseded in gutsy-release
Obsolete in feisty-release
libxml2 (2.6.27.dfsg-1ubuntu3) feisty; urgency=low

  * Install the python debug build into the same temporary installation dir.

 -- Matthias Klose <email address hidden>   Sun, 18 Feb 2007 22:24:20 +0100
Superseded in feisty-release
libxml2 (2.6.27.dfsg-1ubuntu2) feisty; urgency=low

  * Build a python-libxml2-dbg package.
  * Set Ubuntu maintainer address.

 -- Matthias Klose <email address hidden>   Sat, 17 Feb 2007 03:05:01 +0100
Superseded in feisty-release
libxml2 (2.6.27.dfsg-1ubuntu1) feisty; urgency=low

  * Merge from debian unstable.
  * Remaining Ubuntu changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.

 -- Kees Cook <email address hidden>   Mon, 27 Nov 2006 15:23:46 -0800
Superseded in feisty-release
Obsolete in edgy-release
libxml2 (2.6.26.dfsg-2ubuntu4) edgy; urgency=low

  * debian/control: Add zlib1g-dev/libz-dev to libxml2-dev Depends.

 -- Kees Cook <email address hidden>   Fri, 13 Oct 2006 10:24:25 -0700
Superseded in edgy-release
libxml2 (2.6.26.dfsg-2ubuntu3) edgy; urgency=low

  * Rebuild to add support for python2.5.

 -- Matthias Klose <email address hidden>   Fri,  8 Sep 2006 13:30:02 +0000
Superseded in edgy-release
libxml2 (2.6.26.dfsg-2ubuntu2) edgy; urgency=low

  * Fix dh_makeshlibs --add-udeb syntax.

 -- Colin Watson <email address hidden>   Tue,  1 Aug 2006 08:24:43 +0100
Superseded in edgy-release
libxml2 (2.6.26.dfsg-2ubuntu1) edgy; urgency=low

  [ Evan Dandrea ]
  * Created a udeb for debian-installer.

  [ Colin Watson ]
  * Use dh_makeshlibs --add-udeb. Drop udeb Provides since we have no
    backward compatibility to maintain.

 -- Colin Watson <email address hidden>   Mon, 31 Jul 2006 10:32:45 +0100
Superseded in edgy-release
libxml2 (2.6.26.dfsg-2) unstable; urgency=low

  * The slithering release.

  * debian/python-libxml2.examples.in: Renamed to
    debian/python-libxml2.examples
  * debian/python-libxml2.install.in: Renamed to
    debian/python-libxml2.install, and replaced PYVERS by a wildcard.
  * debian/control:
    + Adapted dependencies to fit all changes.
    + Added fields required by new Python policy.
    + Added fields necessary for flawless transition.
    + Replaced dummy python-libxml2 package by a full real package which
      itself replaces python2.x-libxml2 packages.
  * debian/rules:
    + Changed rules to get the python versions we want to build for and
      adapted some rules to fit with the new setting.
    + Changed shell loops to make loops.
    + In case python binary modules are identical (and they are, but they
      may not be with future versions of the python headers), replace some
      of them with symbolic links.
    + Adapted rules to the fact we're installing in only one python package
      instead of several.
  * debian/pycompat: Set to 2, for new Python policy. Closes: #373456.
  * Switching to the new policy avoids necessity to conflict with very old
    versions of the python bindings packages. Closes: #365057.

  * debian/libxml2-doc.install: Added the /usr/share/gtk-doc directory.
    Closes: #375113.
  * debian/control: Made libxml2-doc suggest devhelper.
  * libxml-2.0.pc.in, libxml-2.0-uninstalled.pc.in: Split Libs in Libs and
    Libs.private.
  * xml2-config.in, xml2-config.1: Added a --static option to add to --libs
    so that we can split what is needed when building statically and what is
    needed when building dynamically. Closes: #374017.
  * libxml-2.0.pc.in, libxml-2.0-uninstalled.pc.in, xml2-config.in: Added
    BASE_THREADS_LIBS to the static link information so that -lpthread would
    appear. Closes: #372945.
  * debian/control: Removed dependency on zlib-dev for libxml2-dev.
  * debian/rules: Add the NEWS file to dh_install calls. Closes: #365596.
  * debian/watch: Updated.
  * NEWS: Updated.

 -- Matthias Klose <email address hidden>   Tue,  04 Jul 2006 13:12:02 +0100
Superseded in edgy-release
libxml2 (2.6.26.dfsg-1ubuntu1) edgy; urgency=low

  * Resynchronized with Debian, only Ubuntu changes are:
    - debian/control:
      - drop python2.3-libxml2 package,
      - drop python2.3-dev Build-Depends.
    - debian/libxml2-doc.install:
      - add usr/share/gtk-doc/ to Build-Depends.

226300 of 311 results