[ubuntu/precise-security] libxml2 2.7.8.dfsg-5.1ubuntu4.17 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Mar 16 11:37:47 UTC 2017
libxml2 (2.7.8.dfsg-5.1ubuntu4.17) precise-security; urgency=medium
* SECURITY UPDATE: format string vulnerabilities
- fix format string warnings in HTMLparser.c, SAX2.c, catalog.c,
configure, configure.in, debugXML.c, encoding.c, entities.c, error.c,
include/libxml/parserInternals.h, include/libxml/xmlerror.h,
include/libxml/xmlstring.h, libxml.h, parser.c, parserInternals.c,
relaxng.c, schematron.c, testModule.c, valid.c, xinclude.c, xmlIO.c,
xmllint.c, xmlreader.c, xmlschemas.c, xmlstring.c, xmlwriter.c,
xpath.c, xpointer.c.
- 4472c3a5a5b516aaf59b89be602fbce52756c3e9
- 502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b
- d77e5fc4bcdb7da748c9cca116a601ae4df60d21
- debian/libxml2.symbols: added new symbol.
- CVE-2016-4448
* SECURITY UPDATE: use-after-free via namespace nodes in XPointer ranges
- disallow namespace nodes in XPointer ranges in xpointer.c.
- c1d1f7121194036608bf555f08d3062a36fd344b
- CVE-2016-4658
* SECURITY UPDATE: use-after-free in XPointer range-to function
- fix XPointer paths beginning with range-to and fix comparison with
root node in xmlXPathCmpNodesin xpath.c, xpointer.c.
- 9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
- a005199330b86dada19d162cae15ef9bdcb6baa8
- CVE-2016-5131
Date: 2017-03-15 17:38:14.999721+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.17
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list