Ubuntu
libxml2 package

lp:ubuntu/jaunty-security/libxml2

Jaunty (9.04)
jaunty-security

Created by James Westby on 2009-08-11 and last modified on 2009-08-11

Get this branch:: bzr branch lp:ubuntu/jaunty-security/libxml2

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

33. By Marc Deslauriers on 2009-08-11: * SECURITY UPDATE: denial of service via stack overflow from crafted
  root XML document element DTD definition
  - parser.c: validate ctxt->depth isn't too deep
  - CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
  Notation and Enumeration attribute types
  - parser.c: use xmlFreeEnumeration before returning.
  - CVE-2009-2416
* SECURITY UPDATE: heap overflow in entity name parsing
  - parser.c: reintroduce the security fix for CVE-2008-3529 that got
    lost somehow
  - CVE-2008-3529
32. By Sebastien Bacher on 2009-04-08: error.c: use svn change to fix error handling issues leading to pidgin crash
when connecting jabber (lp: #357949)
31. By Matthias Klose on 2009-02-21: Define sitedir directly in debian/rules.
30. By Matthias Klose on 2009-02-21: debian/rules: Set PYTHON_SITE_PACKAGES for installation.
29. By Matthias Klose on 2008-11-21: * Merge with Debian; remaining changes:
  - debian/rules: create a udeb for debian-installer, correct libxml2-dev
    Depends to include zlib1g-dev.
  - Build a python-libxml2-dbg package.
  - Link using -Bsymbolic-functions.
28. By Matthias Klose on 2008-09-25: * Merge with Debian; remaining changes:
  - debian/rules: create a udeb for debian-installer, correct libxml2-dev
    Depends to include zlib1g-dev.
  - Build a python-libxml2-dbg package.
  - Link using -Bsymbolic-functions.
27. By Kees Cook on 2008-09-11: * SECURITY UPDATE: heap overflow in entity name parsing.
* parser.c: upstream fixes thanks to Tomas Hoger.
* include/libxml/parser.h, parser.c: improvements to CVE-2008-3281 fix,
thanks to Tomas Hoger.
* References
CVE-2008-3529
26. By Kees Cook on 2008-09-02: * SECURITY UPDATE: DoS via recursive entity evaluation.
* entities.c, include/libxml/parser.h, parser.c, parserInternals.c:
non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
* References
CVE-2008-3281
25. By Matthias Klose on 2008-06-23: * Merge with Debian; remaining changes:
  - debian/rules: create a udeb for debian-installer, correct libxml2-dev
    Depends to include zlib1g-dev.
  - Build a python-libxml2-dbg package.
  - Link using -Bsymbolic-functions.
24. By Matthias Klose on 2008-03-12: * Merge with Debian; remaining changes:
  - debian/rules: create a udeb for debian-installer, correct libxml2-dev
    Depends to include zlib1g-dev.
  - Build a python-libxml2-dbg package.
  - Link using -Bsymbolic-functions.
* Fixed: USN-569-1, denial of service bug in UTF-8 handling. LP: #181985.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/libxml2

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntulibxml2 package