[ubuntu/hardy-security] expat 2.0.1-0ubuntu1.2 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Fri Aug 10 02:45:16 UTC 2012
expat (2.0.1-0ubuntu1.2) hardy-security; urgency=low
* SECURITY UPDATE: Denial of service via hash collisions
- lib/xmlparse.c: Add random salt value to hash inputs
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
- CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
- lib/xmlparse.c: Properly reallocate memory
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
- CVE-2012-1148
Date: 2012-08-09 20:15:38.271862+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/hardy/+source/expat/2.0.1-0ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hardy-changes
mailing list