[ubuntu/dapper-security] python-xml_0.8.4-1ubuntu3.1_i386_translations.tar.gz, python-xml_0.8.4-1ubuntu3.1_hppa_translations.tar.gz, python-xml_0.8.4-1ubuntu3.1_ia64_translations.tar.gz, python-xml, python-xml_0.8.4-1ubuntu3.1_powerpc_translations.tar.gz, python-xml_0.8.4-1ubuntu3.1_amd64_translations.tar.gz, python-xml_0.8.4-1ubuntu3.1_sparc_translations.tar.gz (delayed) 0.8.4-1ubuntu3.1 (Accepted)

Tue Jan 26 19:03:13 GMT 2010

python-xml (0.8.4-1ubuntu3.1) dapper-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - update extensions/expat/lib/xmltok_impl.c to not access beyond end of
      input string
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - update extenstions/expat/lib/xmlparse.c to properly recognize the end of
      a token
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
    - CVE-2009-3560

Date: Mon, 25 Jan 2010 16:43:11 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Alexandre Fayolle <afayolle at debian.org>
https://launchpad.net/ubuntu/dapper/+source/python-xml/0.8.4-1ubuntu3.1
-------------- next part --------------
Format: 1.7
Date: Mon, 25 Jan 2010 16:43:11 -0600
Source: python-xml
Binary: python-xml xbel xbel-utils python2.4-xml
Architecture: source
Version: 0.8.4-1ubuntu3.1
Distribution: dapper-security
Urgency: low
Maintainer: Alexandre Fayolle <afayolle at debian.org>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 python-xml - XML tools for Python [dummy package]
 python2.4-xml - XML tools for Python (2.4.x)
 xbel       - XML Bookmark Exchange Language
 xbel-utils - XML Bookmark Exchange Language Utilities
Changes: 
 python-xml (0.8.4-1ubuntu3.1) dapper-security; urgency=low
 .
   * SECURITY UPDATE: fix DoS via malformed XML
     - update extensions/expat/lib/xmltok_impl.c to not access beyond end of
       input string
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
     - CVE-2009-3720
   * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
     - update extenstions/expat/lib/xmlparse.c to properly recognize the end of
       a token
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
     - CVE-2009-3560
Files: 
 064ad0d03d81132088df42f78850bfd7 663 python optional python-xml_0.8.4-1ubuntu3.1.dsc
 7b735067d5b8494bfa9479a38b1f971f 26092 python optional python-xml_0.8.4-1ubuntu3.1.diff.gz