libxml2 (2.9.1+dfsg1-3ubuntu4.8) trusty-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overread in xmlNextChar
- debian/patches/CVE-2016-1762.patch: return after error in parser.c.
- CVE-2016-1762
* SECURITY UPDATE: heap-based buffer overread in htmlCurrentChar
- debian/patches/CVE-2016-1833-pre.patch: clear up NULL deref in
parserInternals.c.
- debian/patches/CVE-2016-1833-pre2.patch: handle 0-length entities in
parserInternals.c.
- debian/patches/CVE-2016-1833.patch: fix tests in parserInternals.c.
- CVE-2016-1833
* SECURITY UPDATE: heap-buffer-overflow in xmlStrncat
- debian/patches/CVE-2016-1834.patch: check for negative lengths in
xmlstring.c.
- CVE-2016-1834
* SECURITY UPDATE: heap use-after-free in xmlSAX2AttributeNs
- debian/patches/CVE-2016-1835.patch: add check to parser.c, add tests
to result/errors/759020.xml.err, result/errors/759020.xml.str,
test/errors/759020.xml.
- CVE-2016-1835
* SECURITY UPDATE: heap use-after-free in xmlDictComputeFastKey
- debian/patches/CVE-2016-1836.patch: prevent stale pointer usage in
parser.c, added tests to result/errors/759398.xml.err,
result/errors/759398.xml.str, test/errors/759398.xml.
- CVE-2016-1836
* SECURITY UPDATE: heap use-after-free in htmlParsePubidLiteral and
htmlParseSystemiteral
- debian/patches/CVE-2016-1837.patch: prevent stable pointer usage in
HTMLparser.c.
- CVE-2016-1837
* SECURITY UPDATE: heap-based buffer overread in
xmlParserPrintFileContextInternal
- debian/patches/CVE-2016-1838.patch: add bounds check to parser.c,
add tests to result/errors/758588.xml.err,
result/errors/758588.xml.str, test/errors/758588.xml.
- CVE-2016-1838
* SECURITY UPDATE: heap-based buffer overread in xmlDictAddString
- debian/patches/CVE-2016-1839.patch: add bounds check to HTMLparser.c.
- CVE-2015-8806
- CVE-2016-1839
- CVE-2016-2073
* SECURITY UPDATE: heap-buffer-overflow in xmlFAParsePosCharGroup
- debian/patches/CVE-2016-1840.patch: properly handle error in
xmlregexp.c.
- CVE-2016-1840
* SECURITY UPDATE: avoid building recursive entities
- debian/patches/CVE-2016-3627.patch: properly handle recursion in
parser.c, tree.c.
- CVE-2016-3627
* SECURITY UPDATE: recursion depth counter issue
- debian/patches/CVE-2016-3705.patch: properly could recursion depth in
parser.c.
- CVE-2016-3705
* SECURITY UPDATE: heap-based buffer-underreads due to xmlParseName
- debian/patches/CVE-2016-4447.patch: improve error handling in
parser.c.
- CVE-2016-4447
* SECURITY UPDATE: inappropriate fetch of entities content
- debian/patches/CVE-2016-4449.patch: fix another external entity fetch
in parser.c.
- CVE-2016-4449
* SECURITY UPDATE: out of bound access when serializing malformed strings
- debian/patches/CVE-2016-4483.patch: improve string handling in
xmlsave.c.
- CVE-2016-4483
-- Marc Deslauriers <email address hidden> Fri, 03 Jun 2016 08:59:55 -0400
|
CVE-2016-1762 |
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before 9.1, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute a |
CVE-2016-1833 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-1834 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-1835 |
libxml2, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to execute arbitrary code or cause a denial of service (m |
CVE-2016-1836 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-1837 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-1838 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-1839 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2015-8806 |
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected characte |
CVE-2016-2073 |
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML doc |
CVE-2016-1840 |
libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbi |
CVE-2016-3627 |
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a d |
CVE-2016-3705 |
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth |
|