lp:ubuntu/jaunty-security/libxml2
- Get this branch:
- bzr branch lp:ubuntu/jaunty-security/libxml2
Branch merges
Branch information
Recent revisions
- 33. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via stack overflow from crafted
root XML document element DTD definition
- parser.c: validate ctxt->depth isn't too deep
- CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
Notation and Enumeration attribute types
- parser.c: use xmlFreeEnumeration before returning.
- CVE-2009-2416
* SECURITY UPDATE: heap overflow in entity name parsing
- parser.c: reintroduce the security fix for CVE-2008-3529 that got
lost somehow
- CVE-2008-3529 - 32. By Sebastien Bacher
-
error.c: use svn change to fix error handling issues leading to pidgin crash
when connecting jabber (lp: #357949) - 29. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: create a udeb for debian-installer, correct libxml2-dev
Depends to include zlib1g-dev.
- Build a python-libxml2-dbg package.
- Link using -Bsymbolic-functions. - 28. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: create a udeb for debian-installer, correct libxml2-dev
Depends to include zlib1g-dev.
- Build a python-libxml2-dbg package.
- Link using -Bsymbolic-functions. - 27. By Kees Cook
-
* SECURITY UPDATE: heap overflow in entity name parsing.
* parser.c: upstream fixes thanks to Tomas Hoger.
* include/libxml/ parser. h, parser.c: improvements to CVE-2008-3281 fix,
thanks to Tomas Hoger.
* References
CVE-2008-3529 - 26. By Kees Cook
-
* SECURITY UPDATE: DoS via recursive entity evaluation.
* entities.c, include/libxml/ parser. h, parser.c, parserInternals.c:
non-ABI-breaking version of upstream changes, thanks to Mike Hommey.
* References
CVE-2008-3281 - 25. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: create a udeb for debian-installer, correct libxml2-dev
Depends to include zlib1g-dev.
- Build a python-libxml2-dbg package.
- Link using -Bsymbolic-functions. - 24. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: create a udeb for debian-installer, correct libxml2-dev
Depends to include zlib1g-dev.
- Build a python-libxml2-dbg package.
- Link using -Bsymbolic-functions.
* Fixed: USN-569-1, denial of service bug in UTF-8 handling. LP: #181985.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/libxml2