Debian Package Tracker
Register | Log in
Subscribe

libxml2

GNOME XML library

Choose email to subscribe with

general
  • source: libxml2 (main)
  • version: 2.9.14+dfsg-1
  • maintainer: Debian XML/SGML Group (archive) (DMD)
  • uploaders: YunQiang Su [DMD] – Aron Xu [DMD]
  • arch: all any
  • std-ver: 4.6.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.9.4+dfsg1-2.2+deb9u2
  • o-o-sec: 2.9.4+dfsg1-2.2+deb9u7
  • oldstable: 2.9.4+dfsg1-7+deb10u2
  • old-sec: 2.9.4+dfsg1-7+deb10u4
  • old-p-u: 2.9.4+dfsg1-7+deb10u4
  • stable: 2.9.10+dfsg-6.7+deb11u2
  • stable-sec: 2.9.10+dfsg-6.7+deb11u2
  • testing: 2.9.14+dfsg-1
  • unstable: 2.9.14+dfsg-1
versioned links
  • 2.9.4+dfsg1-2.2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.4+dfsg1-2.2+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.4+dfsg1-7+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.4+dfsg1-7+deb10u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.10+dfsg-6.7+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.14+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libxml2 (26 bugs: 0, 22, 4, 0)
  • libxml2-dev (4 bugs: 0, 3, 1, 0)
  • libxml2-doc
  • libxml2-utils (13 bugs: 0, 8, 5, 0)
  • python3-libxml2
action needed
3 security issues in buster high

There are 3 open security issues in buster.

1 important issue:
  • CVE-2016-3709: Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
2 ignored issues:
  • CVE-2016-9318: libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.
  • CVE-2017-16932: parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Created: 2022-07-04 Last update: 2022-08-11 22:35
lintian reports 173 errors and 6 warnings high
Lintian reports 173 errors and 6 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2021-10-13 Last update: 2022-07-30 12:15
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2022-07-27 Last update: 2022-08-16 06:01
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit ba999848a81bed71780f93d57e5073f5f623e67b
Author: Mattia Rizzolo <mattia@debian.org>
Date:   Thu May 5 15:16:31 2022 +0200

    simplify list of html to install
    
    I just felt doing it, and then discovered upstream refactored the whole
    thing :(
    
    Signed-off-by: Mattia Rizzolo <mattia@debian.org>
Created: 2022-05-05 Last update: 2022-08-09 10:03
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2016-3709: (needs triaging) Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-31 Last update: 2022-08-11 22:35
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).
Created: 2022-05-11 Last update: 2022-05-11 23:25
news
[rss feed]
  • [2022-05-26] Accepted libxml2 2.9.4+dfsg1-7+deb10u4 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-05-26] Accepted libxml2 2.9.10+dfsg-6.7+deb11u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-05-22] Accepted libxml2 2.9.4+dfsg1-7+deb10u4 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-05-22] Accepted libxml2 2.9.10+dfsg-6.7+deb11u2 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-05-16] Accepted libxml2 2.9.4+dfsg1-2.2+deb9u7 (source) into oldoldstable (Markus Koschany)
  • [2022-05-11] libxml2 2.9.14+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2022-05-11] libxml2 2.9.14+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2022-05-05] Accepted libxml2 2.9.14+dfsg-1 (source) into unstable (Mattia Rizzolo)
  • [2022-04-08] Accepted libxml2 2.9.4+dfsg1-2.2+deb9u6 (source) into oldoldstable (Anton Gladky)
  • [2022-03-19] Accepted libxml2 2.9.4+dfsg1-7+deb10u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-03-19] Accepted libxml2 2.9.10+dfsg-6.7+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2022-03-02] libxml2 2.9.13+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2022-02-27] Accepted libxml2 2.9.13+dfsg-1 (source) into unstable (Mattia Rizzolo)
  • [2022-02-22] libxml2 2.9.12+dfsg-6 MIGRATED to testing (Debian testing watch)
  • [2022-02-19] Accepted libxml2 2.9.12+dfsg-6 (source) into unstable (Mattia Rizzolo)
  • [2021-09-24] libxml2 2.9.12+dfsg-5 MIGRATED to testing (Debian testing watch)
  • [2021-09-20] Accepted libxml2 2.9.12+dfsg-5 (source) into unstable (Mattia Rizzolo)
  • [2021-09-10] Accepted libxml2 2.9.12+dfsg-4 (source) into unstable (Mattia Rizzolo)
  • [2021-09-01] Accepted libxml2 2.9.12+dfsg-3 (source) into unstable (Mattia Rizzolo)
  • [2021-07-29] Accepted libxml2 2.9.12+dfsg-2 (source) into experimental (Mattia Rizzolo)
  • [2021-07-18] Accepted libxml2 2.9.12+dfsg-1 (source) into experimental (Mattia Rizzolo)
  • [2021-06-12] Accepted libxml2 2.9.4+dfsg1-7+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
  • [2021-05-30] Accepted libxml2 2.9.4+dfsg1-2.2+deb9u5 (source amd64 all) into oldstable (Thorsten Alteholz)
  • [2021-05-27] libxml2 2.9.10+dfsg-6.7 MIGRATED to testing (Debian testing watch)
  • [2021-05-22] Accepted libxml2 2.9.10+dfsg-6.7 (source) into unstable (Salvatore Bonaccorso)
  • [2021-05-11] libxml2 2.9.10+dfsg-6.6 MIGRATED to testing (Debian testing watch)
  • [2021-05-10] Accepted libxml2 2.9.4+dfsg1-2.2+deb9u4 (source) into oldstable (Emilio Pozuelo Monfort)
  • [2021-05-06] Accepted libxml2 2.9.10+dfsg-6.6 (source) into unstable (Salvatore Bonaccorso)
  • [2021-05-06] Accepted libxml2 2.9.10+dfsg-6.5 (source) into experimental (Salvatore Bonaccorso)
  • [2021-05-02] Accepted libxml2 2.9.10+dfsg-6.4 (source) into experimental (Salvatore Bonaccorso)
  • 1
  • 2
bugs [bug history graph]
  • all: 45
  • RC: 0
  • I&N: 35
  • M&W: 10
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian (173, 6)
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.9.14+dfsg-1
  • 20 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing