-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 28 Nov 2017 19:30:02 +0100 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg Architecture: source amd64 all Version: 2.8.0+dfsg1-7+wheezy11 Distribution: wheezy-security Urgency: high Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Changes: libxml2 (2.8.0+dfsg1-7+wheezy11) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. * CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. Checksums-Sha1: cd487bd93cb2df00da9f15f3b93d2f8d9442e573 2677 libxml2_2.8.0+dfsg1-7+wheezy11.dsc fcc1bca14d2c7dd73c71556cf0a223a73bd92305 3554683 libxml2_2.8.0+dfsg1.orig.tar.gz b7f6cbe58371beae43679dcd3e29cebc92d5e8e0 76428 libxml2_2.8.0+dfsg1-7+wheezy11.debian.tar.gz a94050f5b811a5092a2b99a5a19407e1ac88c1c4 907230 libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb 771762d05c64abc0a7a680a9cd3beaaca3b36314 99262 libxml2-utils_2.8.0+dfsg1-7+wheezy11_amd64.deb 743d81a6ac5a87e74dbe0a3d3c735e1b22d734d5 129906 libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb f4068bf6ccd5a1b6d058085eebda57eec47f7f5b 904002 libxml2-dev_2.8.0+dfsg1-7+wheezy11_amd64.deb 6125c301340ebb2483be044af6abe28e906e2bc5 1404726 libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb 6fb90d3ad4c895215bf3af6c45057d96b17ab311 1387950 libxml2-doc_2.8.0+dfsg1-7+wheezy11_all.deb fcc580c82f540c33ca7a05b60fd72e477b9243e2 348148 python-libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb 9cdf89de17607a71f9ca22c83de9fb6a12ada5d7 731542 python-libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb Checksums-Sha256: f78d122c23f94e5e71d1d825ed95626cf793600fdc9494e0a04ba8abc8c630c1 2677 libxml2_2.8.0+dfsg1-7+wheezy11.dsc 46f339843967e861e81f8427373ff2a3d0a8cb608022dea16aa1d345ddcee338 3554683 libxml2_2.8.0+dfsg1.orig.tar.gz 57b35fd778ee0c11e3cfcc9795d699d8193ea128c101ecdc3e3d94dadd5b705d 76428 libxml2_2.8.0+dfsg1-7+wheezy11.debian.tar.gz 78f74cb08e3a899e56a3d1f3d105dd4cf3e2dffaa22c662d058311548a937dc9 907230 libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb baeaa293f9a30f24050519ac02bf6e0b2070750213cd704005ad8a87426b7523 99262 libxml2-utils_2.8.0+dfsg1-7+wheezy11_amd64.deb 0422f0bb3846dde815f13d21b69d2a6f4c8485910807c126781855a0acb613cd 129906 libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb cec78e18e778a217aff9a1210c150d6257ac05401f6082e8d5d56c34737152a6 904002 libxml2-dev_2.8.0+dfsg1-7+wheezy11_amd64.deb eb99f07fc8d7d4d63b9e9640db592763e7b8c053544d61a31effed2af6bdb59e 1404726 libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb 763f0d7a7ac853f937551dddf5ed718c7c0ceea9e2b9177915aee59a0b1900b8 1387950 libxml2-doc_2.8.0+dfsg1-7+wheezy11_all.deb 45ca68ceec460aec6a0e42ec2a35120c57346467811ef50ab9dc9d373a5f52f4 348148 python-libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb c8361097ffe2ca109223b85beb55b4e06306860eb35700cb0c3bfa1cd1793fb4 731542 python-libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb Files: 2054b6c500120787408286aada3f3a7b 2677 libs optional libxml2_2.8.0+dfsg1-7+wheezy11.dsc 008920f545a36da4eca363d0c1a0ffee 3554683 libs optional libxml2_2.8.0+dfsg1.orig.tar.gz f1bb4108b97079be9316e074e7e7b718 76428 libs optional libxml2_2.8.0+dfsg1-7+wheezy11.debian.tar.gz 0dde74925163f46ef55c2925c7ff60cc 907230 libs standard libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb ecafdd0bf182e5ec1ab5b301a42de108 99262 text optional libxml2-utils_2.8.0+dfsg1-7+wheezy11_amd64.deb 59e17312e7e804b51a8a6c2e368a3fe4 129906 debug extra libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb 608d5c908eedd1e8a00d13412550d083 904002 libdevel optional libxml2-dev_2.8.0+dfsg1-7+wheezy11_amd64.deb 38e935990761cf4082be70300e641dd1 1404726 debug extra libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb 025c4a5e349d856458b68deee51b645e 1387950 doc optional libxml2-doc_2.8.0+dfsg1-7+wheezy11_all.deb f2ca272401363701f427b18260cf753c 348148 python optional python-libxml2_2.8.0+dfsg1-7+wheezy11_amd64.deb 7af0f0eb6ef3cf65ab7036ef44e0e9a3 731542 debug extra python-libxml2-dbg_2.8.0+dfsg1-7+wheezy11_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlof5+ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR2FUD/91CNVPWWESJNc/3nc9Qm/Ef39QK8I/ ZUKtjiMhgZyiy3ALR06K6gA/CemHFYEQZn5XDvDubD3fiVtKOpHf7cZ/E5P7SLzF mWJgz9zvVkpQcjl9+cC5jQabxrlBIvndL70f0soHZW3kuXXsrSlVaCGQNhRTuw31 8cjEcAQRtjlTlkrNWhGTPARzrpGUHY7h1cAA60UeZ2uqyGzIZ03ekH+YTLPmkk1H SapKB26EVIDcN2QYliq92mSXeOmtBZJM6N/op8r0i1ZJZRtU63QAJPnYeUnybjBD ae6SjpGwIU1mG04mhkqV7ydCXaVU/1Q8y795wwc0HJ2zzWMtO9xiKZthX3t5FgjK cGY0FfygD1KDDdRmPUcufh8VzEWmRXRwg1VcNNA1cyImcSAlpL+TzOhs+ifwDiaF r6r77memdWthuAsTwv5RltYPsfpL2WVZJ8Hr6eNQRTaw9BLX11ZrGXDce/kCT9CP EA6BQ+xJsok99SQicOpXZyF7erozM8F1drxJTrEdIa7PtgerX7VRjtHIRHXuFwRY NR13wCopzcGAmQv8umWuKsJ12ggLvO6eOJUvUQlL2kX1y+ntYHCFPSwu74UJlNzS yErCle/VqiuRRtgqZ/vcow4OwBYNS58nC8KWTbim0vrXLlPQoXLM+6xODpnJOrof 8YThWXZ4heHSKg== =53tU -----END PGP SIGNATURE-----