[ubuntu/hardy-security] expat (delayed), expat 2.0.1-0ubuntu1.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Jan 20 19:04:09 GMT 2010 

expat (2.0.1-0ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - update lib/xmltok_impl.c to not access beyond end of input string
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
    - CVE-2009-2625
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - update lib/xmlparse.c to properly recognize the end of a token
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
    - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
    - CVE-2009-3560

Date: Tue, 19 Jan 2010 11:42:04 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/expat/2.0.1-0ubuntu1.1
-------------- next part --------------
Format: 1.7
Date: Tue, 19 Jan 2010 11:42:04 -0600
Source: expat
Binary: libexpat1-dev libexpat1 libexpat1-udeb lib64expat1-dev lib64expat1 expat
Architecture: source
Version: 2.0.1-0ubuntu1.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 expat      - XML parsing C library - example application
 lib64expat1 - XML parsing C library - runtime library (64bit)
 lib64expat1-dev - XML parsing C library - development kit (64bit)
 libexpat1  - XML parsing C library - runtime library
 libexpat1-dev - XML parsing C library - development kit
 libexpat1-udeb - XML parsing C library - runtime library
Changes: 
 expat (2.0.1-0ubuntu1.1) hardy-security; urgency=low
 .
   * SECURITY UPDATE: fix DoS via malformed XML
     - update lib/xmltok_impl.c to not access beyond end of input string
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
     - CVE-2009-2625
   * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
     - update lib/xmlparse.c to properly recognize the end of a token
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
     - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
     - CVE-2009-3560
Files: 
 c376cc0c6eab8b4e1516a28684d8db08 862 text optional expat_2.0.1-0ubuntu1.1.dsc
 d26a68fd717cbf13a232ae497013b6b8 10675 text optional expat_2.0.1-0ubuntu1.1.diff.gz
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>

More information about the Hardy-changes mailing list