[ubuntu/hardy-security] expat (delayed), expat 2.0.1-0ubuntu1.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Jan 20 19:04:09 GMT 2010
expat (2.0.1-0ubuntu1.1) hardy-security; urgency=low
* SECURITY UPDATE: fix DoS via malformed XML
- update lib/xmltok_impl.c to not access beyond end of input string
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
- CVE-2009-2625
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
- update lib/xmlparse.c to properly recognize the end of a token
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
- CVE-2009-3560
Date: Tue, 19 Jan 2010 11:42:04 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/expat/2.0.1-0ubuntu1.1
-------------- next part --------------
Format: 1.7
Date: Tue, 19 Jan 2010 11:42:04 -0600
Source: expat
Binary: libexpat1-dev libexpat1 libexpat1-udeb lib64expat1-dev lib64expat1 expat
Architecture: source
Version: 2.0.1-0ubuntu1.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
expat - XML parsing C library - example application
lib64expat1 - XML parsing C library - runtime library (64bit)
lib64expat1-dev - XML parsing C library - development kit (64bit)
libexpat1 - XML parsing C library - runtime library
libexpat1-dev - XML parsing C library - development kit
libexpat1-udeb - XML parsing C library - runtime library
Changes:
expat (2.0.1-0ubuntu1.1) hardy-security; urgency=low
.
* SECURITY UPDATE: fix DoS via malformed XML
- update lib/xmltok_impl.c to not access beyond end of input string
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
- CVE-2009-2625
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
- update lib/xmlparse.c to properly recognize the end of a token
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
- CVE-2009-3560
Files:
c376cc0c6eab8b4e1516a28684d8db08 862 text optional expat_2.0.1-0ubuntu1.1.dsc
d26a68fd717cbf13a232ae497013b6b8 10675 text optional expat_2.0.1-0ubuntu1.1.diff.gz
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list