[xml/sgml-pkgs] libxml2_2.7.8.dfsg-2+squeeze16_i386.changes ACCEPTED into squeeze-lts

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sat Dec 26 11:34:13 UTC 2015



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 25 Dec 2015 22:00:37 +0100
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: source i386 all
Version: 2.7.8.dfsg-2+squeeze16
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian at alteholz.de>
Description: 
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Changes: 
 libxml2 (2.7.8.dfsg-2+squeeze16) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * Patches taken from Wheezy, thanks to Salvatore Bonaccorso
   * Add Avoid-processing-entities-after-encoding-conversion-.patch patch.
     CVE-2015-7498: Heap-based buffer overflow in xmlParseXmlDecl.
   * Add CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch patch.
     CVE-2015-7497: Heap-based buffer overflow in xmlDictComputeFastQKey.
   * Add CVE-2015-5312-Another-entity-expansion-issue.patch patch.
     CVE-2015-5312: CPU exhaustion when processing specially crafted XML
     input.
   * Add patches to address CVE-2015-7499.
     CVE-2015-7499: Heap-based buffer overflow in xmlGROW.
     Add a specific parser error (XML_ERR_USER_STOP), backported from
     e50ba8164eee06461c73cd8abb9b46aa0be81869 upstream (commit to address
     CVE-2013-2877, the "Try to stop parsing as quickly as possible" was not
     backported).
   * Add CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch patch.
     CVE-2015-7500: Heap buffer overflow in xmlParseMisc.
Checksums-Sha1: 
 046fb737af27b0ab9607d135772fd36f8479607d 2311 libxml2_2.7.8.dfsg-2+squeeze16.dsc
 bf481743478da6899a65507a34b67731466960dd 3509930 libxml2_2.7.8.dfsg.orig.tar.gz
 eb06c2980305b64df51722d1f3f9baa44dd5c736 137574 libxml2_2.7.8.dfsg-2+squeeze16.diff.gz
 ec605a6d7f90bfb03fdac0620040e41136e89dbc 831366 libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 3dafcfc68087a26b9a45c5a4ee5a0259a9243417 92058 libxml2-utils_2.7.8.dfsg-2+squeeze16_i386.deb
 1fd3601bf9b30a287a0c0d8c7bf407574f9bfc26 754560 libxml2-dev_2.7.8.dfsg-2+squeeze16_i386.deb
 0e3ea3155b25e5fd40d791e2b655f50fd6c53fa6 992876 libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb
 9f4986d3a3bde3347c8d6952a8fec5b73b718912 1383838 libxml2-doc_2.7.8.dfsg-2+squeeze16_all.deb
 a31a370faec3f9e6d10d390d269dc73ba0a19d22 310658 python-libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 4d85047dbdb648c5e0fa4607cb0d1d2968e2f8b7 826112 python-libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb
Checksums-Sha256: 
 28cc20301a1f5cd97823fcd2bce5920c61dc9edcaf4a979e62c46f82090661df 2311 libxml2_2.7.8.dfsg-2+squeeze16.dsc
 9f5262963fda356708903b42ff862a816c714582d0cf41477a8b3839945f0e43 3509930 libxml2_2.7.8.dfsg.orig.tar.gz
 d10276d6970477da711001116af977b944225d15295d8c17f4b897f71f41700c 137574 libxml2_2.7.8.dfsg-2+squeeze16.diff.gz
 950095185e920f81356536038cf559a57bd99ab5419d9d6ac1dd8c71106c6c16 831366 libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 60470aa31ab5513659c49255f354b265f2e7077bf4c02804cff2e3e01cc025d2 92058 libxml2-utils_2.7.8.dfsg-2+squeeze16_i386.deb
 967a736ad6f0ca4794fa0c6af5ce523115ef1412607e4da642943fd76a3b2289 754560 libxml2-dev_2.7.8.dfsg-2+squeeze16_i386.deb
 2dded7b99a790616c4ba329b9057901aea99ada03de3e88a71ac5382164df9b7 992876 libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb
 23b1aff2bb6e1b33aefeece92690e70305d27f2dacf42d91da49b8ceb8250cac 1383838 libxml2-doc_2.7.8.dfsg-2+squeeze16_all.deb
 4fd538fe13305bc3653998896d292e3d847605836ed96584a2f24ac2235514b2 310658 python-libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 8d4d34ddd0ecd1a89bca3c8c2c4c37e70067fdf233b4de3905e94b914f0e43f8 826112 python-libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb
Files: 
 085e4d04a2172264325fdac14867b8c8 2311 libs optional libxml2_2.7.8.dfsg-2+squeeze16.dsc
 116fd86aa1b392dfe38d6b17613deebb 3509930 libs optional libxml2_2.7.8.dfsg.orig.tar.gz
 f0a7e6802bf6573c80991a60c86a2746 137574 libs optional libxml2_2.7.8.dfsg-2+squeeze16.diff.gz
 42bf93791c8855a7b2d2f846ad0cc94d 831366 libs standard libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 dbffecfda6cee89a9d4ed0a68942f42a 92058 text optional libxml2-utils_2.7.8.dfsg-2+squeeze16_i386.deb
 c91ba0ded9a18128d822e3fc4480538a 754560 libdevel optional libxml2-dev_2.7.8.dfsg-2+squeeze16_i386.deb
 a69d4fc0ce13543fce8cb7703c6b0879 992876 debug extra libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb
 a7f6b0f13c25d539f2698a7debb5f5f8 1383838 doc optional libxml2-doc_2.7.8.dfsg-2+squeeze16_all.deb
 c8f543034bde05c366a624380052e315 310658 python optional python-libxml2_2.7.8.dfsg-2+squeeze16_i386.deb
 73e8b278285a768caefd3c8275142e82 826112 debug extra python-libxml2-dbg_2.7.8.dfsg-2+squeeze16_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJWfnlgXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHg9IQALknPZJHR1bU9cIeCug8XUlW
1M/W0Jztz14uT+P2UA+6VbDWpbJpVGcZ1qkufgCDklb6OXSdcGotVdxTi2KCzCIO
1n8PNccFsIdmJ/BMMR7Aavk3eS1we1WzAQCeEtJY+MgmyTpv4U7JCa0Rgh1maig6
MaA6MY+jGCyQ64i06wEii0v1omZXKGAgGt/M5aLfSIvxmHhubjKge+iQWWU4jd7+
Vj0NAVnVnZ4D7UjIRhE88/123ONqp9BHeLKNk6IdbiXJnzITHIRj0XDC1eAUnrJ3
im/YEQ6/MhLFHHNFB/GbMgBJOfRJ/cjW5KA04YMrVqJRXnQfAPIY5/wOt3dfkeN2
SKBRyCkPdU/7D32V8eBkN6QGdFv205BsHPUju1CFipkcSDzlhua4QgUPHNPZKhFd
fbRuGeZOV/3tr+FNAHtvqwkAGC9JbzfadsRTZaG84PvWZ6fSZp4esz80e1y8AgUT
cs3tsAIosi9g1LvinAirw5x1tU39dCsI0nSRUfDt9Qxv8Sd0nZ+ikYWmQEzvoznh
iqyk9pCcy1cCzDhSDJM0itJSqRkJSyNRbDy6xI5/+IohnvAn/hkcf7/tKItyb9SG
Yfi/e5RSvgbls8akW6xrVk5XP3gGNQLUM+g/tm9rQxIVGjg59MZK1hnuz8CAV1/g
EgYPL5pexkXsfwtVSQpJ
=axiy
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the debian-xml-sgml-pkgs mailing list