[Bug 1943133] Re: [FFe] Sync expat 2.4.1-1 (main) from Debian experimental (main)
Sebastien Bacher
1943133 at bugs.launchpad.net
Mon Sep 13 14:06:01 UTC 2021
This bug was fixed in the package expat - 2.4.1-2
Sponsored for Rico Tzschichholz (ricotz)
---------------
expat (2.4.1-2) unstable; urgency=medium
* Upload to Sid.
-- Laszlo Boszormenyi (GCS) <gcs at debian.org> Thu, 09 Sep 2021 21:26:21
+0200
expat (2.4.1-1) experimental; urgency=high
* New upstream release:
- fix CVE-2013-0340: protect against billion laughs attacks
(denial-of-service; flavors targeting CPU time or RAM or both,
leveraging general entities or parameter entities or both).
* Update libexpat1 symbols.
-- Laszlo Boszormenyi (GCS) <gcs at debian.org> Mon, 24 May 2021 10:14:11
+0200
** Changed in: expat (Ubuntu)
Status: Triaged => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0340
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to expat in Ubuntu.
https://bugs.launchpad.net/bugs/1943133
Title:
[FFe] Sync expat 2.4.1-1 (main) from Debian experimental (main)
Status in expat package in Ubuntu:
Fix Released
Bug description:
Please sync expat 2.4.1-1 (main) from Debian experimental (main)
https://github.com/libexpat/libexpat/blob/R_2_4_1/expat/Changes
CVE-2013-0340
https://github.com/libexpat/libexpat/pull/466/files
Changelog entries since current impish version 2.3.0-1:
expat (2.4.1-1) experimental; urgency=high
* New upstream release:
- fix CVE-2013-0340: protect against billion laughs attacks
(denial-of-service; flavors targeting CPU time or RAM or both,
leveraging general entities or parameter entities or both).
* Update libexpat1 symbols.
-- Laszlo Boszormenyi (GCS) <gcs at debian.org> Mon, 24 May 2021
10:14:11 +0200
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1943133/+subscriptions
More information about the foundations-bugs
mailing list