-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 May 2016 06:56:40 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: amd64
Version: 2.9.1+dfsg1-5+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: amd64 Build Daemon (binet) <buildd-binet@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Closes: 812807 813613 819006 823405 823414
Changes:
 libxml2 (2.9.1+dfsg1-5+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
   * heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
   * Add missing increments of recursion depth counter to XML parser
     (CVE-2016-3705) (Closes: #823414)
   * Avoid an out of bound access when serializing malformed strings
     (CVE-2016-4483) (Closes: #823405)
   * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
   * Heap-based buffer overread in xmlParserPrintFileContextInternal
     (CVE-2016-1838)
   * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
     CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
   * Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
   * Fix inappropriate fetch of entities content (CVE-2016-4449)
   * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
     (CVE-2016-1837)
   * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
   * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
   * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
   * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)
Checksums-Sha1:
 a34ecb5bb7af94f1b19e4f907187288ca2686d8f 801928 libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 8ee5e389a566e8b7ce9dc72bc1ee6ff0e8526224 91476 libxml2-utils_2.9.1+dfsg1-5+deb8u2_amd64.deb
 d057f57577ad19a709e9dba3c9a8020ca2214496 121666 libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 0c31244ee78cb9dab3f3978df908fef1d2330ca2 694980 libxml2-dev_2.9.1+dfsg1-5+deb8u2_amd64.deb
 1af962f37d93749573080b0978d3d54e4b116029 1233354 libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 ff7c519d03faf8f47a879aa74ca61437fb178efe 194670 python-libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 0dcf9d21537cd0a3d69e0d7902b89209ec218ef5 319768 python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
Checksums-Sha256:
 f28c249d5531d1470cef51f57dd81f00e7291c021c4429a6d0e844ef1526cbbc 801928 libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 c2826286b1fbf5548bc554f1cc7d20bf04d8bd7bdb8aacf4e66a93d24a59565e 91476 libxml2-utils_2.9.1+dfsg1-5+deb8u2_amd64.deb
 2994ab9e3030b84c965e9d12cccde74a6633d6148fe9a5b25668529b84ee435c 121666 libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 626170d8117e56859e8ba31fa08a2b1d25b9e1ebaf468f480020a1e186d020e2 694980 libxml2-dev_2.9.1+dfsg1-5+deb8u2_amd64.deb
 ec6c41c296334b3a4c201f05cd7f8301851e6ed0963a4db69477776e2882872b 1233354 libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 657e13d80b2d57418b5143b7e6662a86a9ab29c121e7049dec898389413da0be 194670 python-libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 4a7b692cec48f4d59225ee7e3e0927242c6d976a77427b68ac0836e533215d47 319768 python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
Files:
 f3fc40accf9d0a62e2cf19d4df8b366a 801928 libs standard libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 446110d80a701c13d16554806fbb31a5 91476 text optional libxml2-utils_2.9.1+dfsg1-5+deb8u2_amd64.deb
 964116df3fed5820784f4ebd6f579196 121666 debug extra libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 55f42a6897daf0bd0059dcd48abf16e5 694980 libdevel optional libxml2-dev_2.9.1+dfsg1-5+deb8u2_amd64.deb
 6e53efb53bf2f565b8c403dc6cbb2215 1233354 debug extra libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb
 3b67c8e367c4c15f4fe9c240ec14385c 194670 python optional python-libxml2_2.9.1+dfsg1-5+deb8u2_amd64.deb
 d6cdd1b0fc43ad7a633cbed2ca02759d 319768 debug extra python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXS/ziAAoJEEQSPqnl82l3jDEP/j1gkpBjb0+oTBF5jucywZhQ
y8W+6feBupehHXgTEfmNpyKrFJq7RTC7A0DMjP8xh0NgkmNwztc0sYeGkNdWT0J3
uvoDAiw3zggSqcRKwU82bfBFlUI6/kKkORWwhHzE5kWeDhtVS7wP6M0FlqKznVJJ
OQyWOGYYqG6nadcDsqFEeXq8CIDlUXf4q9vW4uDfq4n2akrmnVaUfO99Yi3SbHLx
41JARmcfCdkBDS+5fwRg6N7OlSFXVF7mLHwm1EiB2D2lQJASXR8xYs6rkrakhE1/
yhekwe++O5w1M/QsbbPYWy3pog+e9x9EDRT5BVgtemzud5tTcs+bMOVrlNNF41mw
Qvm9Vg/kY8ECtnmucs0nj+Y6fLmiGcP+kfNJ+EqIyp7j6t9g0W3jwm03u+u2Kga9
KBb8b7jwBFPVRx30F6JD2iPxx3f8pKRFuYC+QUpWPbZ3alI4yogF/8wfgLRGW6dE
q3oOamb+Jqy6iqMyr8AE7ozCevBtYyCSULMyeZkDtwDIqqWmcG991T0nDpfUW8xr
ilRUL6VCuawMBI1SLnjvvEkwf67d3iPTsug2dWfBO1OhMPfZYUGIh45EDh9qcuB2
EgArYCJef051P4FTqids+ulHlBIaZwpYBpaDhpN7D19ip572OYpzCTHJNZycUb6B
zHNSCTsGT6iTMlg2Tl/0
=fhIA
-----END PGP SIGNATURE-----