News for package libxml2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: libxml2
Binary: libxml2, libxml2-utils, libxml2-utils-dbg, libxml2-dev, libxml2-dbg, libxml2-doc, python-libxml2, python-libxml2-dbg
Architecture: any all
Version: 2.8.0+dfsg1-7+wheezy4
Maintainer: Debian XML/SGML Group <[email protected]>
Uploaders: Aron Xu <[email protected]>, YunQiang Su <[email protected]>
Homepage: http://xmlsoft.org/
Standards-Version: 3.9.3
Vcs-Browser: http://git.debian.org/?p=debian-xml-sgml/libxml2.git
Vcs-Git: git://git.debian.org/debian-xml-sgml/libxml2.git
Build-Depends: debhelper (>= 9), perl, dh-autoreconf, autotools-dev, binutils (>= 2.14.90.0.7), python-all-dev (>= 2.6.6-3~), python-all-dbg, zlib1g-dev | libz-dev, liblzma-dev, libreadline-dev | libreadline6-dev
Package-List: 
 libxml2 deb libs standard
 libxml2-dbg deb debug extra
 libxml2-dev deb libdevel optional
 libxml2-doc deb doc optional
 libxml2-utils deb text optional
 libxml2-utils-dbg deb debug extra
 python-libxml2 deb python optional
 python-libxml2-dbg deb debug extra
Checksums-Sha1: 
 fcc1bca14d2c7dd73c71556cf0a223a73bd92305 3554683 libxml2_2.8.0+dfsg1.orig.tar.gz
 220c813f26f6284c15f0c52f65e2c120b40928a5 43067 libxml2_2.8.0+dfsg1-7+wheezy4.debian.tar.gz
Checksums-Sha256: 
 46f339843967e861e81f8427373ff2a3d0a8cb608022dea16aa1d345ddcee338 3554683 libxml2_2.8.0+dfsg1.orig.tar.gz
 d807f286f77babaf01bfa24e297281fb6b87d9f2f83e3a3eeb04a504702ca143 43067 libxml2_2.8.0+dfsg1-7+wheezy4.debian.tar.gz
Files: 
 008920f545a36da4eca363d0c1a0ffee 3554683 libxml2_2.8.0+dfsg1.orig.tar.gz
 581d8728c1afdb0c3714e8436ac30768 43067 libxml2_2.8.0+dfsg1-7+wheezy4.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVI+k9AAoJEAVMuPMTQ89EqqkP+gOrmqW6axKfVDE0C7/SjTNM
KCTl5vT4KCY5A2c5k/ziFuEhK9FiowtrM5EWTajKaEXK6BFfsTaa4OC2R3gVP/fC
0gPh0/bU1JNZB1wLPVKxQJQmZ6e80K+Z0569raSb2GubrE0iEWpqlIV5gaaYY2wS
Th6wa+NQKwK8ls2gUwERvfNv1qvGOkXCkdhVxYKkqpbBnBad2y1erelItRFzk0Pk
7aaJKK3QV91TXJn8W5dj5CSeSav0JnLkr/7GLY1KKW8GZ9C2G0CQQsHPMzOGE+4T
Om7t+usfFYJ5G8xdEuNJY9UdkXn6jkKp46ejz9GE/2guQjAwODiqfPRF9vEeF2Pf
n8xsU2gff7N95FaMJZH6+pQOZxU5QNWVjQ/Svqs3TcnCTHxUnTmNRIuxS/h6+bNb
hPZcry95+dREBAjt0hHz8gi9+4scM6NkAHWsiLizXEOmfcpVqZaizB6a+4vwdOJ0
NtuUa6HNf0/f5SJtqScsR7VzQ6oWhvZqU6+HfM78O1kxT5s6LoTxdfyTRRcsoIo+
RhEOyISWQC53b+R1ADBw8kMbfPmkAATGLD35FM4R26oHgUHYwRxZw92UeKq979aq
RFjg5i7ILnI3KPkgr8aMY49khmTxXI4UP+8xHMHExy7pWVq/pwkH8WtnR8Xu+4sp
RrpnoBL78VWmYYLXrUuG
=FlPu
-----END PGP SIGNATURE-----

Changes:
libxml2 (2.8.0+dfsg1-7+wheezy4) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add missing required patches for CVE-2014-3660.
    The two upstream commits a3f1e3e5712257fd279917a9158278534e8f4b72 and
    cff2546f13503ac028e4c1f63c7b6d85f2f2d777 are required in addition to the
    commit be2a7edaf289c5da74a4f9ed3a0b6c733e775230 to fix CVE-2014-3660 due
    to changes in the use of ent->checked.
    Fixes "libxml2: CVE-2014-3660 patch makes installation-guide FTBFS".
    (Closes: #774358)
  * Refresh cve-2014-3660.patch patch
  * Refresh cve-2014-3660-bis.patch patch

 -- Salvatore Bonaccorso <[email protected]>  Sat, 04 Apr 2015 11:01:18 +0200