Bug#766884: marked as done (libxml2: "validity error : ID ... already defined" errors with xmllint --noent)
Your message dated Tue, 25 Aug 2015 22:21:45 + with message-id and subject line Bug#766884: fixed in libxml2 2.9.2+really2.9.1+dfsg1-0.1 has caused the Debian Bug report #766884, regarding libxml2: "validity error : ID ... already defined" errors with xmllint --noent to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 766884: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766884 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libxml2 Version: 2.9.2+dfsg1-1 Severity: grave Justification: renders package unusable A major regression: when I use the --valid xmllint option, I get lots of "validity error : ID ... already defined" errors. If you can't reproduce the error, I'll try to provide a simple testcase (my files are huge). -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-3-amd64 (SMP w/2 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libxml2 depends on: ii libc6 2.19-12 ii liblzma5 5.1.1alpha+20120614-2 ii multiarch-support 2.19-12 ii zlib1g 1:1.2.8.dfsg-2 Versions of packages libxml2 recommends: ii xml-core 0.13+nmu2 libxml2 suggests no packages. -- debconf-show failed --- End Message --- --- Begin Message --- Source: libxml2 Source-Version: 2.9.2+really2.9.1+dfsg1-0.1 We believe that the bug you reported is fixed in the latest version of libxml2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 766...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Raphaël Hertzog (supplier of updated libxml2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 25 Aug 2015 22:31:29 +0200 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg Architecture: source amd64 all Version: 2.9.2+really2.9.1+dfsg1-0.1 Distribution: unstable Urgency: medium Maintainer: Debian XML/SGML Group Changed-By: Raphaël Hertzog Description: libxml2- GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Closes: 766884 782782 782985 783010 Changes: libxml2 (2.9.2+really2.9.1+dfsg1-0.1) unstable; urgency=medium . * Non-maintainer upload. * Go back to 2.9.1+dfsg1 upstream sources so that xmllint works again. Closes: #766884 * Restore all patches available in 2.9.1+dfsg1-5 in stretch, ensuring CVE-2014-3660 is fixed too. * Fix 3 security issues by adding 4 patches: - CVE-2015-1819: The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Closes: #782782 - Out-of-bounds access when parsing unclosed HTML comment https://bugzilla.gnome.org/show_bug.cgi?id=746048 Closes: #782985 - Out-of-bounds memory access https://bugzilla.gnome.org/show_bug.cgi?id=744980 Closes: #783010 * Add dh-python to Build-Depends for dh_python2 Checksums-Sha1: a64ba3b2d1e0a8d751d04b17027e3a52bafdb203 2375 libxml2_2.9.2+really2.9.1+dfsg1-0.1.dsc 357366e7afc9dd03ba883c605d5c369decb2b2e1 3793894 libxml2_2.9.2+really2.9.1+dfsg1.orig.tar.gz ee0b0aa9016e5b4fb2540c9e313da13cfadbc59d 44304 libxml2_2.9.2+really2.9.1+dfsg1-0.1.debian.tar.xz 0ce53f22f8b37fa2c53bfa990539e68175b6defe 1725594 libxml2-dbg_2.9.2+really2.9.1+dfsg1-0.1_amd64.deb d90a5a909dda1a468ee8dabd0ce461371f247a84 798456 libxml2-dev_2.9.2+really2.9.1+dfsg1-0.1_amd64.deb c6adce6ac2fa03d28082fb4fe1bc95cb4ead923b 815636 libxml2-doc_2.9.2+really2.9.1+dfsg
Bug#766884: marked as done (libxml2: "validity error : ID ... already defined" errors with xmllint --noent)
Your message dated Tue, 22 Sep 2015 09:21:05 + with message-id and subject line Bug#766884: fixed in libxml2 2.9.2+zdfsg1-4 has caused the Debian Bug report #766884, regarding libxml2: "validity error : ID ... already defined" errors with xmllint --noent to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 766884: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766884 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libxml2 Version: 2.9.2+dfsg1-1 Severity: grave Justification: renders package unusable A major regression: when I use the --valid xmllint option, I get lots of "validity error : ID ... already defined" errors. If you can't reproduce the error, I'll try to provide a simple testcase (my files are huge). -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-3-amd64 (SMP w/2 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libxml2 depends on: ii libc6 2.19-12 ii liblzma5 5.1.1alpha+20120614-2 ii multiarch-support 2.19-12 ii zlib1g 1:1.2.8.dfsg-2 Versions of packages libxml2 recommends: ii xml-core 0.13+nmu2 libxml2 suggests no packages. -- debconf-show failed --- End Message --- --- Begin Message --- Source: libxml2 Source-Version: 2.9.2+zdfsg1-4 We believe that the bug you reported is fixed in the latest version of libxml2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 766...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aron Xu (supplier of updated libxml2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 22 Sep 2015 16:31:48 +0800 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-utils-dbg libxml2-dev libxml2-dbg libxml2-doc python-libxml2 python-libxml2-dbg Architecture: source amd64 all Version: 2.9.2+zdfsg1-4 Distribution: unstable Urgency: medium Maintainer: Debian XML/SGML Group Changed-By: Aron Xu Description: libxml2- GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-utils - XML utilities libxml2-utils-dbg - XML utilities (debug extension) python-libxml2 - Python bindings for the GNOME XML library python-libxml2-dbg - Python bindings for the GNOME XML library (debug extension) Closes: 754424 766884 768089 781232 782782 783010 798642 Changes: libxml2 (2.9.2+zdfsg1-4) unstable; urgency=medium . * Revert everything in N'ACKed NMU revert to 2.9.1. - Resolving regression, Closes: #754424 - Drop the following NMU, not needed in 2.9.2, Closes: #781232 - Drop not approved patch for GNOME #746048 * Revert icu dbg drop, but don't hardcode version, thanks Matthias Klose , Closes: #798642 * Cherry pick upstream post release patches: - Fix for regression triggered by CVE-2014-3660, Closes: #768089 - Fix for the spurious ID already defined error, Closes: #766884 - Fix for CVE-2015-1819, Closes: #782782 - Fix for GNOME #744980, Closes: #783010 - Several fixes for memory related issues. Checksums-Sha1: fef5b2b802b43aba45213e3fb3224c6d2f124f1f 2236 libxml2_2.9.2+zdfsg1-4.dsc 6dc1815cd83ecda87988d7528fc918f2aca91cfc 2473592 libxml2_2.9.2+zdfsg1.orig.tar.xz 59f7236eee66d9975ca16f736021d3541e2e08c6 28912 libxml2_2.9.2+zdfsg1-4.debian.tar.xz ec2365bda47ee6a263dd4b1fe174e76cc2effeea 1725030 libxml2-dbg_2.9.2+zdfsg1-4_amd64.deb 3e74587a1a7e3b0deaa9a3d781b533da84f01ffd 803722 libxml2-dev_2.9.2+zdfsg1-4_amd64.deb efbeaa35c8fa8ef27d9021785ee648132ded5f13 822922 libxml2-doc_2.9.2+zdfsg1-4_all.deb 387ac35b99ac530865d2a1ac3270adc081fc00c8 137928 libxml2-utils-dbg_2.9.2+zdfsg1-4_amd64.deb 70d5e126077feb769c5f9cd2a38956b4698682a7 102052 libxml2-utils_2.9.2+zdfsg1-4_amd64.deb a6e6f93309f7deda98c7252c0bf28acc4aef1819 911438 libxml2_2.9.2+zdfsg1-4_amd6
