[ubuntu/cosmic-proposed] libxml2 2.9.4+dfsg1-7ubuntu1 (Accepted)

[Leonidas S. Barbosa]

libxml2 (2.9.4+dfsg1-7ubuntu1) cosmic; urgency=medium

  * SECURITY UPDATE: XXE attacks
    - debian/patches/CVE-2016-9318.patch: fix in parser.c.
    - CVE-2016-9318
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-18258.patch: fix in xzlib.c.
    - CVE-2017-18258
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14404.patch: fix in xpath.c.
    - CVE-2018-14404
  * SECURITY UPDATE: Infinite loop in LZMA decompression
    - debian/patches/CVE-2018-14567.patch: fix in xzlib.c.
    - CVE-2018-14567
  * SECURITY UPDATE: Infinite recursion/Denial of service
    - debian/patches/CVE-2017-16932.patch: fix in parser.c and
      add some error check files result/errors/759579.xml,
      result/errors/759579.xml.err, result/errors/759579.xml.str,
      test/errors/759579.xml.
    - CVE-2017-16932

Date: Thu, 16 Aug 2018 12:02:31 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-7ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 16 Aug 2018 12:02:31 -0300
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg python3-libxml2 python3-libxml2-dbg
Architecture: source
Version: 2.9.4+dfsg1-7ubuntu1
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
 python3-libxml2 - Python3 bindings for the GNOME XML library
 python3-libxml2-dbg - Python3 bindings for the GNOME XML library (debug extension)
Changes:
 libxml2 (2.9.4+dfsg1-7ubuntu1) cosmic; urgency=medium
 .
   * SECURITY UPDATE: XXE attacks
     - debian/patches/CVE-2016-9318.patch: fix in parser.c.
     - CVE-2016-9318
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2017-18258.patch: fix in xzlib.c.
     - CVE-2017-18258
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2018-14404.patch: fix in xpath.c.
     - CVE-2018-14404
   * SECURITY UPDATE: Infinite loop in LZMA decompression
     - debian/patches/CVE-2018-14567.patch: fix in xzlib.c.
     - CVE-2018-14567
   * SECURITY UPDATE: Infinite recursion/Denial of service
     - debian/patches/CVE-2017-16932.patch: fix in parser.c and
       add some error check files result/errors/759579.xml,
       result/errors/759579.xml.err, result/errors/759579.xml.str,
       test/errors/759579.xml.
     - CVE-2017-16932
Checksums-Sha1:
 3544d6f4084de0c5a19b88da7232a32db94ac800 3083 libxml2_2.9.4+dfsg1-7ubuntu1.dsc
 71bfbdfc17dc202e51c3934d69ff484f631685c1 38912 libxml2_2.9.4+dfsg1-7ubuntu1.debian.tar.xz
 21aa7cfb1349f094aa7b87a6f549df8c1a7d3b6d 8757 libxml2_2.9.4+dfsg1-7ubuntu1_source.buildinfo
Checksums-Sha256:
 051da9aae7e4ca57c91f9d9b8576cb2103d849c2425dd68b8dbf2b63da5473e4 3083 libxml2_2.9.4+dfsg1-7ubuntu1.dsc
 5919ae6c22d7521107f3d005c6e131e67b7409435c157cc47b4c220a48b58f32 38912 libxml2_2.9.4+dfsg1-7ubuntu1.debian.tar.xz
 247f0ef47eaf272ce2a977b97dd5c1eb435c35d934f783f92be770e3927acf0a 8757 libxml2_2.9.4+dfsg1-7ubuntu1_source.buildinfo
Files:
 da3973ce959aa38d3dde7b8f5905abe2 3083 libs optional libxml2_2.9.4+dfsg1-7ubuntu1.dsc
 1701b2d916fe380a2aa4f343d36b636b 38912 libs optional libxml2_2.9.4+dfsg1-7ubuntu1.debian.tar.xz
 f567ec7beb674b6ffa5cfb461be973c9 8757 libs optional libxml2_2.9.4+dfsg1-7ubuntu1_source.buildinfo
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAluWenwACgkQZWnYVadE
vpM5GRAAsBE9VJW0C6EGABuxggavxjFXdJIR9Y5O6wSkDjdcyD5caULNc8hmybp0
ULKFHlf2cd5AceIqj4Vv4vjrhPinu9qKuSivn3LUwtEY7u+Ro4msA6ELhlm7ioOP
3/L/YtrYoUZuCrsEyi0b0yueTfJODZG9UMdign2JBgS1YDvu/Z9VKS4l2DeJHNJ/
sBoLnI+F5e0To8KqSzHD2d2RsTrr8Tj0f/rjYQ06O2BO/swCN4ZCRC1M3q3kun44
z6A6RG75AxVkIxFwhnIhvT8aP0c4bOcUrrI58EzZ5jfA150R4taXdH990RYayiq4
jy6nRNMFepqXdBQT1PbsRW5aQ0x31wLWr6i9GH8WOCzTAFUSbnWU5M7qkYs7VlIg
pnJRRA2CbGAEW+0cKr5SfQnqjJ9EEyl/8QVNQVFLOEBLLGKdiDQQDazEkfFJn803
YUDuz5btkDifXNVG5JuTqVm6KaEsVIB4pqiU2oFhmgV6s8kxpBP+VJGiSmC1OvGD
9uD2lMF1iCXqEu1MkAXM5ITo1Y5yl8KECE8Ryns6AK81kR09WkTN9AmmP/tWma4D
yk6Yc69JUcZCEntYvTtthxv35SwXBlsGFFePQ7IWbob3ksQAA1KOc4/myMS3tTQX
gMuHDE7EsRvc/cOFZfZYVHdD0+QcVpJrSIENtfSEXCjBevotarY=
=x5jT
-----END PGP SIGNATURE-----