[ubuntu/plucky-proposed] libxml2 2.12.7+dfsg+really2.9.14-0.2ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Jan 28 14:00:21 UTC 2025 

libxml2 (2.12.7+dfsg+really2.9.14-0.2ubuntu3) plucky; urgency=medium

  * SECURITY UPDATE: use-after-free in xmlXIncludeAddNode
    - debian/patches/CVE-2022-49043.patch: fix UaF in xinclude.c.
    - CVE-2022-49043
  * SECURITY UPDATE: buffer overread in xmllint
    - debian/patches/CVE-2024-34459.patch: fix buffer issue when using
      htmlout option in xmllint.c.
    - CVE-2024-34459

Date: Tue, 28 Jan 2025 08:14:36 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libxml2/2.12.7+dfsg+really2.9.14-0.2ubuntu3
-------------- next part --------------
Format: 1.8
Date: Tue, 28 Jan 2025 08:14:36 -0500
Source: libxml2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.12.7+dfsg+really2.9.14-0.2ubuntu3
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 libxml2 (2.12.7+dfsg+really2.9.14-0.2ubuntu3) plucky; urgency=medium
 .
   * SECURITY UPDATE: use-after-free in xmlXIncludeAddNode
     - debian/patches/CVE-2022-49043.patch: fix UaF in xinclude.c.
     - CVE-2022-49043
   * SECURITY UPDATE: buffer overread in xmllint
     - debian/patches/CVE-2024-34459.patch: fix buffer issue when using
       htmlout option in xmllint.c.
     - CVE-2024-34459
Checksums-Sha1:
 ed8b9d8e887fb84a19874680b5ea878ec9e30664 3109 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.dsc
 257f5001a02dc82f8b51f9fb5b2191db90fc94df 37156 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.debian.tar.xz
 c3e93068c09fa73f6e0f189d0786363a30c04249 6153 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3_source.buildinfo
Checksums-Sha256:
 caa1a3d77dd9d9427cabc3a5545e7d8374cb6d663d55e5cd767cb9ca8612de4c 3109 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.dsc
 ced46ff9ec27a393b8bc6911e1d886d3ad5c3f0665ae58e4d069687e53563743 37156 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.debian.tar.xz
 f8bf3e4f28e465be92b4e237e7fc871224d22a4d76052e2a49c84a6a0911a878 6153 libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3_source.buildinfo
Files:
 7af6b4444a359dd09f4f7b5f7225e7c1 3109 libs optional libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.dsc
 e090feedf304ba4eab22e4a98dbbd714 37156 libs optional libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3.debian.tar.xz
 ec534802079da5dfb6117dead8ebeebe 6153 libs optional libxml2_2.12.7+dfsg+really2.9.14-0.2ubuntu3_source.buildinfo
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>

More information about the plucky-changes mailing list