-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 May 2016 06:56:40 +0200
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg
Architecture: i386
Version: 2.9.1+dfsg1-5+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dbg - Debugging symbols for the GNOME XML library
 libxml2-dev - Development files for the GNOME XML library
 libxml2-doc - Documentation for the GNOME XML library
 libxml2-utils - XML utilities
 libxml2-utils-dbg - XML utilities (debug extension)
 python-libxml2 - Python bindings for the GNOME XML library
 python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension)
Closes: 812807 813613 819006 823405 823414
Changes:
 libxml2 (2.9.1+dfsg1-5+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
   * heap-buffer-overflow in xmlStrncat (CVE-2016-1834)
   * Add missing increments of recursion depth counter to XML parser
     (CVE-2016-3705) (Closes: #823414)
   * Avoid an out of bound access when serializing malformed strings
     (CVE-2016-4483) (Closes: #823405)
   * Heap-buffer-overflow in xmlFAParsePosCharGroup (CVE-2016-1840)
   * Heap-based buffer overread in xmlParserPrintFileContextInternal
     (CVE-2016-1838)
   * Heap-based buffer overread in xmlDictAddString (CVE-2016-1839
     CVE-2015-8806 CVE-2016-2073) (Closes: #813613, #812807)
   * Heap use-after-free in xmlDictComputeFastKey (CVE-2016-1836)
   * Fix inappropriate fetch of entities content (CVE-2016-4449)
   * Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral
     (CVE-2016-1837)
   * Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
   * Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
   * Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
   * Avoid building recursive entities (CVE-2016-3627) (Closes: #819006)
Checksums-Sha1:
 22acda4fdaa6f6c84bd7fb8bbf236358f005b676 835050 libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 d68011a6db2eb7de24e0a87d18154932015e2e70 92070 libxml2-utils_2.9.1+dfsg1-5+deb8u2_i386.deb
 ce757d6e908f738e045b4331391aee119a210ac5 114772 libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 a2c5b84256163118b2a8b9fb9d7bd796ef93b399 744656 libxml2-dev_2.9.1+dfsg1-5+deb8u2_i386.deb
 25f777051daed82737e4e65b28a199029ab98efb 990228 libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 964c3f035390fb0249381da1879ec4d12eb2c9b4 192288 python-libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 d1f3856659665ed3a69487d4f1461e2feaae30e2 277230 python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
Checksums-Sha256:
 4368ca759127e4d91c034e50ac98efc87a9dc3587acb307287c599ea20182de3 835050 libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 59d58d8daae578cf9084cb09205a7d1230b2bf4cdee6d8c6dec488edb05fb67c 92070 libxml2-utils_2.9.1+dfsg1-5+deb8u2_i386.deb
 b685c179c2f016cd799adf1e1f225c9b0b1a9d2c3d943e120c900fcbd6accb32 114772 libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 6af44758b2c6e9eafa4bca3923d53b39fdf1cf907c9a21d7b86ca561e85d9e97 744656 libxml2-dev_2.9.1+dfsg1-5+deb8u2_i386.deb
 b543c6d04ab87de0aac833865a3b7f127bf8e10a1af97f9a3a83c59fd06b1520 990228 libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 114ab9cfc2b8e070b48c7264399d7952d9b9755ffb9928e9ad94025b9f54a3aa 192288 python-libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 a83116b3dda75157796e07dadba2e872c7489df01c17f775e7e0c35d5e93688e 277230 python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
Files:
 cb70d2987a5c3305845f9aca1dd1dad9 835050 libs standard libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 69df313576d21eaecab8d89aecc7dd7f 92070 text optional libxml2-utils_2.9.1+dfsg1-5+deb8u2_i386.deb
 58d23c91109c190ed4381e99d0f16200 114772 debug extra libxml2-utils-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 1f0e64d70116a934edd95ca7ff9fd7b3 744656 libdevel optional libxml2-dev_2.9.1+dfsg1-5+deb8u2_i386.deb
 f3c06ec1eb93ebde7715b15b299c1c83 990228 debug extra libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb
 82faa2cd1ae9a29dbf07326c6a8a0c47 192288 python optional python-libxml2_2.9.1+dfsg1-5+deb8u2_i386.deb
 caba0345ecd8e6eb690fb9533e8edc89 277230 debug extra python-libxml2-dbg_2.9.1+dfsg1-5+deb8u2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXS/y6AAoJEOILY6pqA4IhQ7cP/3zaQpDZffbCIt4N48GjR8kG
TFILQgdp+A87DgxKXZjjSgxGR3Rj/CVJYGlQr+6UzGGAYvcYJPZjgIDp4Iakk5Ph
XOGSHl8QYQJDFbNe/NcRiZd/KArjBV0Ng/vx27JBEZ/h05YydVPN1UbBwyajyzIg
EhWI+6IkCsbCzfCf/EtfaR9dj5LyCS5GWFVQ7mZhAUVvS+tHGAz3G6yQBk7Du0XM
wS5zi4ydCr8yhE2xFyaCYCZUIwitA2ZhahnOradjOZdY04d6X6z89uxc56Go+PeU
l3Ltb+psxMgaq1ck7Z/SRBJs7nbIg7pbB9KKollJVGryZ0oLM4nkneOLc5iLNEXV
PhSyrY8JHbq5UQximptX3tx96vx9vPAmgkP/u/HdbdJnUsCMD3T9ViUdjylLwDw3
qTX7LIiPqG57vkCJVBi/3xvKQvaO6WHiEZKeNDye26QKFpBM/Vr/EkZLgrXQx7/9
6lqd/XLSaHqNosFMZTtFndT8JnKC+01bi7HD11AfcuU8jbR/1aNt4XIjZ6r8zFUa
fj0NhbTp6wjmpS1QRUcxkwaG9n05LcBblRxMPCj+cZgGSY6BC920zj2wY3me15XL
y/IRDNwtuRg+IYWotsfcps32oDhCD2JqKdCSd5wz5ShxkNuzyAzUp1m5qFt5NIGx
gmwfqYz4R4at/xZzAHvv
=msZ8
-----END PGP SIGNATURE-----