[ubuntu/noble-proposed] libxml2 2.9.14+dfsg-1.3ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Feb 15 16:25:13 UTC 2024 

libxml2 (2.9.14+dfsg-1.3ubuntu1) noble; urgency=medium

  * SECURITY UPDATE: use-after-free via XInclude expansion
    - debian/patches/CVE-2024-25062.patch: don't expand XIncludes when
      backtracking in xmlreader.c.
    - CVE-2024-25062

Date: Thu, 15 Feb 2024 11:00:50 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 15 Feb 2024 11:00:50 -0500
Source: libxml2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.9.14+dfsg-1.3ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 libxml2 (2.9.14+dfsg-1.3ubuntu1) noble; urgency=medium
 .
   * SECURITY UPDATE: use-after-free via XInclude expansion
     - debian/patches/CVE-2024-25062.patch: don't expand XIncludes when
       backtracking in xmlreader.c.
     - CVE-2024-25062
Checksums-Sha1:
 2f18ae9f2e85edfd18ab58d3daa1cbcb8c4323b4 3030 libxml2_2.9.14+dfsg-1.3ubuntu1.dsc
 684582b2575ada14ada7e98492746e0249d7f40a 35640 libxml2_2.9.14+dfsg-1.3ubuntu1.debian.tar.xz
 1fdc9fa043d82f8b0ea9d8c41a02b0de941f87a4 6526 libxml2_2.9.14+dfsg-1.3ubuntu1_source.buildinfo
Checksums-Sha256:
 80e83c4494df6ac2297c521fa2d813d5e0cbb22053b0a8e507b409e128a73358 3030 libxml2_2.9.14+dfsg-1.3ubuntu1.dsc
 91280cf86177cde301d6388d5bb61de6e583860eb4ea97ee1fb4b84c0cf98b4a 35640 libxml2_2.9.14+dfsg-1.3ubuntu1.debian.tar.xz
 477fba79cd0d2ae4c8c1a72f961844fbe15b3b60558eb583562cc0e1daa49746 6526 libxml2_2.9.14+dfsg-1.3ubuntu1_source.buildinfo
Files:
 48c2c13276a1751e41015d9d749c15c7 3030 libs optional libxml2_2.9.14+dfsg-1.3ubuntu1.dsc
 4bd213f7676c6347f6a91819bb2c4e44 35640 libs optional libxml2_2.9.14+dfsg-1.3ubuntu1.debian.tar.xz
 5a18a4aa2ff3a5953c87d37e23a69e71 6526 libs optional libxml2_2.9.14+dfsg-1.3ubuntu1_source.buildinfo
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>

More information about the noble-changes mailing list