-
xerces-c (3.1.1-1+deb6u2build0.12.04.1) precise-security; urgency=medium
* fake sync from Debian
xerces-c (3.1.1-1+deb6u2) squeeze-lts; urgency=high
* Non-maintainer upload by the Squeeze LTS Team.
* Add CVE-2016-0729.patch patch.
Apache Xerces-C XML Parser Crashes on Malformed Input
The Xerces-C XML parser mishandles certain kinds of malformed
input documents, resulting in buffer overlows during processing
and error reporting. The overflows can manifest as a segmentation
fault or as memory corruption during a parse operation. The bugs
allow for a denial of service attack in many applications by an
unauthenticated attacker, and could conceivably result in remote
code execution.
-- Tyler Hicks <email address hidden> Mon, 29 Feb 2016 16:51:32 -0600
-
xerces-c (3.1.1-1+deb6u1build0.12.04.1) precise-security; urgency=medium
* fake sync from Debian
xerces-c (3.1.1-1+deb6u1) squeeze-lts; urgency=high
* Non-maintainer upload by the Squeeze LTS Team.
* Add CVE-2015-0252.patch patch.
CVE-2015-0252: Apache Xerces-C XML parser crashes on malformed input.
-- Tyler Hicks <email address hidden> Fri, 15 May 2015 11:37:29 -0500
-
xerces-c (3.1.1-1build1) natty; urgency=low
* No change rebuild against current libicu
-- Bhavani Shankar <email address hidden> Fri, 17 Dec 2010 11:42:04 +0530
