[ubuntu/lucid] expat 2.0.1-7ubuntu1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Tue Jan 19 16:45:43 GMT 2010 

expat (2.0.1-7ubuntu1) lucid; urgency=low

  * Merge from Debian testing. Remaining changes:
    - Install run-time libraries into /lib rather than /usr/lib, since
      dbus-daemon is in /bin and links to libexpat.

expat (2.0.1-7) unstable; urgency=low

  * debian/control (Depends): Fixed debhelper-but-no-misc-depends.
  * debian/patches/560901_CVE_2009_3560.dpatch: Adjusted.
    - lib/xmlparse.c (doProlog): Revised patch for CVE-2009-3560 after
      regressions have been detected (closes: #561658). Many thanks to
      Niko Tyni and Karl Waclawek for their help and the fix.

expat (2.0.1-6) unstable; urgency=medium

  * debian/patches/560901_CVE_2009_3560.dpatch: Added.
    - lib/xmlparse.c (doProlog): Fix DoS vulnerability CVE-2009-3560 (closes:
      #560901).
  * debian/patches/00list: Adjusted.

expat (2.0.1-5) unstable; urgency=medium

  * debian/control (Standards-Version): Bumped to 3.8.3.
    (Priority, Section): Fixed binary-control-field-duplicates-source.
    (Description): Fixed extended-description-is-probably-too-short and
    duplicate-long-description.
  * debian/rules (CFLAGS): Drop useless '-pthread -D_REENTRANT' from version
    1.95-8-1 (closes: #551079).
  * debian/README.source: Added for policy compliance.
  * debian/patches/551936_CVE_2009_2625.dpatch: Added.
    - lib/xmltok_impl.c (updatePosition): Fix DoS vulnerability CVE-2009-2625
      and CVE-2009-3720 (closes: #551936).
  * debian/patches/00list: Adjusted.

Date: Tue, 19 Jan 2010 09:59:07 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/expat/2.0.1-7ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 19 Jan 2010 09:59:07 -0600
Source: expat
Binary: lib64expat1-dev lib64expat1 libexpat1-dev libexpat1 libexpat1-udeb expat
Architecture: source
Version: 2.0.1-7ubuntu1
Distribution: lucid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 expat      - XML parsing C library - example application
 lib64expat1 - XML parsing C library - runtime library (64bit)
 lib64expat1-dev - XML parsing C library - development kit (64bit)
 libexpat1  - XML parsing C library - runtime library
 libexpat1-dev - XML parsing C library - development kit
 libexpat1-udeb - XML parsing C library - runtime library (udeb)
Closes: 551079 551936 560901 561658
Changes: 
 expat (2.0.1-7ubuntu1) lucid; urgency=low
 .
   * Merge from Debian testing. Remaining changes:
     - Install run-time libraries into /lib rather than /usr/lib, since
       dbus-daemon is in /bin and links to libexpat.
 .
 expat (2.0.1-7) unstable; urgency=low
 .
   * debian/control (Depends): Fixed debhelper-but-no-misc-depends.
   * debian/patches/560901_CVE_2009_3560.dpatch: Adjusted.
     - lib/xmlparse.c (doProlog): Revised patch for CVE-2009-3560 after
       regressions have been detected (closes: #561658). Many thanks to
       Niko Tyni and Karl Waclawek for their help and the fix.
 .
 expat (2.0.1-6) unstable; urgency=medium
 .
   * debian/patches/560901_CVE_2009_3560.dpatch: Added.
     - lib/xmlparse.c (doProlog): Fix DoS vulnerability CVE-2009-3560 (closes:
       #560901).
   * debian/patches/00list: Adjusted.
 .
 expat (2.0.1-5) unstable; urgency=medium
 .
   * debian/control (Standards-Version): Bumped to 3.8.3.
     (Priority, Section): Fixed binary-control-field-duplicates-source.
     (Description): Fixed extended-description-is-probably-too-short and
     duplicate-long-description.
   * debian/rules (CFLAGS): Drop useless '-pthread -D_REENTRANT' from version
     1.95-8-1 (closes: #551079).
   * debian/README.source: Added for policy compliance.
   * debian/patches/551936_CVE_2009_2625.dpatch: Added.
     - lib/xmltok_impl.c (updatePosition): Fix DoS vulnerability CVE-2009-2625
       and CVE-2009-3720 (closes: #551936).
   * debian/patches/00list: Adjusted.
Checksums-Sha1: 
 9afd720f2be7b4a645c48d24ea8fd0b10e9521e2 1524 expat_2.0.1-7ubuntu1.dsc
 a3172711b0c2807b6d64d1093ec3cc8ed300df27 134551 expat_2.0.1-7ubuntu1.diff.gz
Checksums-Sha256: 
 becc0b28148498b95e29a772e7d4e0988c217d252beca98af412da17405aa86e 1524 expat_2.0.1-7ubuntu1.dsc
 e2ebdd3086b50b646b3693b7864e04458422e7ee6b05842b7ddd8982a0b6f179 134551 expat_2.0.1-7ubuntu1.diff.gz
Files: 
 391c1e4b6c627def373513a5a70a8937 1524 text optional expat_2.0.1-7ubuntu1.dsc
 8eff742ed376bd0aa5161aff33cd60de 134551 text optional expat_2.0.1-7ubuntu1.diff.gz
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktV4RMACgkQW0JvuRdL8BpPHgCfWOyQdThEl8FmmaTr7yYa4EEG
dX0AmQHug5scCZBA11Adi0SqIUD74ac/
=HcqK
-----END PGP SIGNATURE-----

More information about the Lucid-changes mailing list