Your message dated Wed, 08 Jun 2011 01:55:11 +0000
with message-id <[email protected]>
and subject line Bug#628537: fixed in libxml2 2.7.8.dfsg-2+squeeze1
has caused the Debian Bug report #628537,
regarding libxml2: overflow issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
628537: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: libxml2
version: 2.7.8.dfsg-2
severity: serious
tag: security
some overflow issues were disclosed for libxml2. see:
http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html
best wishes,
mike
--- End Message ---
--- Begin Message ---
Source: libxml2
Source-Version: 2.7.8.dfsg-2+squeeze1
We believe that the bug you reported is fixed in the latest version of
libxml2, which is due to be installed in the Debian FTP archive:
libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
libxml2-dev_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/libxml2-dev_2.7.8.dfsg-2+squeeze1_amd64.deb
libxml2-doc_2.7.8.dfsg-2+squeeze1_all.deb
to main/libx/libxml2/libxml2-doc_2.7.8.dfsg-2+squeeze1_all.deb
libxml2-utils_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/libxml2-utils_2.7.8.dfsg-2+squeeze1_amd64.deb
libxml2_2.7.8.dfsg-2+squeeze1.diff.gz
to main/libx/libxml2/libxml2_2.7.8.dfsg-2+squeeze1.diff.gz
libxml2_2.7.8.dfsg-2+squeeze1.dsc
to main/libx/libxml2/libxml2_2.7.8.dfsg-2+squeeze1.dsc
libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
python-libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/python-libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
python-libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
to main/libx/libxml2/python-libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mike Hommey <[email protected]> (supplier of updated libxml2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 04 Jun 2011 10:40:06 +0900
Source: libxml2
Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc
python-libxml2 python-libxml2-dbg
Architecture: source amd64 all
Version: 2.7.8.dfsg-2+squeeze1
Distribution: stable-security
Urgency: low
Maintainer: Debian XML/SGML Group <[email protected]>
Changed-By: Mike Hommey <[email protected]>
Description:
libxml2 - GNOME XML library
libxml2-dbg - Debugging symbols for the GNOME XML library
libxml2-dev - Development files for the GNOME XML library
libxml2-doc - Documentation for the GNOME XML library
libxml2-utils - XML utilities
python-libxml2 - Python bindings for the GNOME XML library
python-libxml2-dbg - Python bindings for the GNOME XML library (debug
extension)
Closes: 628537
Changes:
libxml2 (2.7.8.dfsg-2+squeeze1) stable-security; urgency=low
.
* xpath.c: Fix some potential problems on reallocation failures.
Closes: #628537.
Checksums-Sha1:
57693c0eef8d30cd316f1da3fb52afb54d07fa3e 2186 libxml2_2.7.8.dfsg-2+squeeze1.dsc
bf481743478da6899a65507a34b67731466960dd 3509930 libxml2_2.7.8.dfsg.orig.tar.gz
62c3a550e89412e6c7bb164aa8a68f6f02ea83fd 111143
libxml2_2.7.8.dfsg-2+squeeze1.diff.gz
d3b21e19fa1408512b2bb85066190258e8656fab 872212
libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
96d94fab584e58403f507010785f11309b218490 93366
libxml2-utils_2.7.8.dfsg-2+squeeze1_amd64.deb
f63bf28ff249796f7b370c91cee8f20a26d061be 828958
libxml2-dev_2.7.8.dfsg-2+squeeze1_amd64.deb
3d7ec55be6713c9bc31e7a05f2c5f5627fce4917 989018
libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
9a2b6e2fc7d5afd9ebebef46979096cb036fc0cd 1343946
libxml2-doc_2.7.8.dfsg-2+squeeze1_all.deb
d7f820b89f9e747fa049140f526099e919c2fbf0 337494
python-libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
b9edc2555dc1c980e518ccf098f19ee72c0d1628 871108
python-libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
Checksums-Sha256:
0a68f784eeb901cba8300ad7229d3378698efd380adaf1e353e5761830c0e5d6 2186
libxml2_2.7.8.dfsg-2+squeeze1.dsc
9f5262963fda356708903b42ff862a816c714582d0cf41477a8b3839945f0e43 3509930
libxml2_2.7.8.dfsg.orig.tar.gz
498e3d777cdccc5b53357a7a1d6ea04d9df2f86da9e692eb9038ad46d70f3103 111143
libxml2_2.7.8.dfsg-2+squeeze1.diff.gz
a947cedfcad7edfc6a95db19019869e6254ed7ee1eb914851719f792c7885ac7 872212
libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
8c6d847f2631a7e9f3dc18358ec04cd175ac67ff8bfef3807fbe4d60f9635bf3 93366
libxml2-utils_2.7.8.dfsg-2+squeeze1_amd64.deb
95f6af0ccdc2c16dcd80fd64b4f853235c73ca9a432e5a5c3b20382cd24c908e 828958
libxml2-dev_2.7.8.dfsg-2+squeeze1_amd64.deb
4a6b08e3d56243ab51433a21776150a858d840f6c45de8032476ae7473f3c8b3 989018
libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
15c754650e73a1e1c6dae958d956df46de322806d86e36fc1e1e1243092e7dba 1343946
libxml2-doc_2.7.8.dfsg-2+squeeze1_all.deb
6bd4202ba8e10bcc6f9a3f440ba31a640f6039390ab6dcb49af5bb540e708c85 337494
python-libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
e89aef6a631e9f2f0149e0d4c6b1af5b76582ab4a7615ae3d0b71895252f06d1 871108
python-libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
Files:
7ba9c1c537c8198087f912a59139730c 2186 libs optional
libxml2_2.7.8.dfsg-2+squeeze1.dsc
116fd86aa1b392dfe38d6b17613deebb 3509930 libs optional
libxml2_2.7.8.dfsg.orig.tar.gz
48bd4ae957dac6f6ee6ec60b71f363da 111143 libs optional
libxml2_2.7.8.dfsg-2+squeeze1.diff.gz
cef27444c26da0d6ff09c9ffc5053868 872212 libs standard
libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
a467cbd5bd5e807dfc1fad3207a77935 93366 text optional
libxml2-utils_2.7.8.dfsg-2+squeeze1_amd64.deb
d07c67a26ab4ddfe960eebc103ebc428 828958 libdevel optional
libxml2-dev_2.7.8.dfsg-2+squeeze1_amd64.deb
808c8cd72ff02362d80141c9e081e8cb 989018 debug extra
libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
d80e39ffea46964838b382b373be197c 1343946 doc optional
libxml2-doc_2.7.8.dfsg-2+squeeze1_all.deb
19cd6a65bb4cf6e67d7f5c61c92179f5 337494 python optional
python-libxml2_2.7.8.dfsg-2+squeeze1_amd64.deb
a89227c1415efd3e14db3f445f677f75 871108 debug extra
python-libxml2-dbg_2.7.8.dfsg-2+squeeze1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIVAwUBTemR0+QqoE+mqoxyAQhr/hAArs8K2aWKtc2Kx2Eof8Xn7w9tRS/2wgv8
CmqNPo//OMmd/5eCEuMB9Vph71kC7X5ebKKc3ZEzHhdhlk4iGtnK2wDe+jrra/GV
5k5MSVdjZECqMhzAvu/g0+hZVXFSAk+8GquO8/eMWP3N+/gqdYQgmw88cO3H6X5i
pl3zWGif90mwUJQXPiJPNz/bPAmz/wSx252+JMybrrdYE9MxsTJ/cU+Uj14r81X4
kAc+E+zZ4tZD9pNrndjnjW96E3GEKnIIv9Si1u+dzwSdQ+ZM+rPI7QviFQWn/Viz
HDWGlMS0Fibl48olPkiIjHAQA8PKEzgsai2r8doLGADwe2hN0sXrB7IqnkCn1/76
bTEP/W+rijXZf2vACgeQeo30L6vDHlX/VhlCfP+HppE4gs3+F0iCIP2XI1B/VkAq
D2b+IY/VroL/PTEaXhyazqmDBb0eXrA1QS49MO7Q4Su0Lh8dWLOFOWqgiLBaYYHK
sMW0fYR1QtvivAQjeyYc1vyM/iCpLyu65KDu/mBdDlmm/QuQyjwnN3YVMMqT/lb6
jjHo3OU2Y1LkxC8iQ9TxWlyJBzYDEc56GogdgguFr2kJCxQpgsOuxqQskdcD90MZ
UL4mTRDSwDOg7+3zwUdfwi8+CY8ucAR//H34FEH+qUEnByvliDQYNdElyhL9B8qA
ZaLuP8mmR2k=
=no55
-----END PGP SIGNATURE-----
--- End Message ---
