[ubuntu/oneiric-security] expat 2.0.1-7ubuntu3.11.10.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Fri Aug 10 03:34:36 UTC 2012


expat (2.0.1-7ubuntu3.11.10.1) oneiric-security; urgency=low

  * SECURITY UPDATE: Denial of service via hash collisions
    - debian/patches/577777_CVE_2012_0876.dpatch: Add random salt value to
      hash inputs. Based on upstream patch.
    - CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak
    - debian/patches/588888_CVE_2012_1148.dpatch: Properly reallocate memory.
      Based on upstream patch.
    - CVE-2012-1148

Date: Thu, 09 Aug 2012 11:49:00 -0700
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/expat/2.0.1-7ubuntu3.11.10.1
-------------- next part --------------
Format: 1.8
Date: Thu, 09 Aug 2012 11:49:00 -0700
Source: expat
Binary: lib64expat1-dev lib64expat1 libexpat1-dev libexpat1 libexpat1-udeb expat
Architecture: source
Version: 2.0.1-7ubuntu3.11.10.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 expat      - XML parsing C library - example application
 lib64expat1 - XML parsing C library - runtime library (64bit)
 lib64expat1-dev - XML parsing C library - development kit (64bit)
 libexpat1  - XML parsing C library - runtime library
 libexpat1-dev - XML parsing C library - development kit
 libexpat1-udeb - XML parsing C library - runtime library (udeb)
Changes: 
 expat (2.0.1-7ubuntu3.11.10.1) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: Denial of service via hash collisions
     - debian/patches/577777_CVE_2012_0876.dpatch: Add random salt value to
       hash inputs. Based on upstream patch.
     - CVE-2012-0876
   * SECURITY UPDATE: Denial of service via memory leak
     - debian/patches/588888_CVE_2012_1148.dpatch: Properly reallocate memory.
       Based on upstream patch.
     - CVE-2012-1148
Checksums-Sha1: 
 050591c42e27caa88707ca215f6e38e2170fc833 2239 expat_2.0.1-7ubuntu3.11.10.1.dsc
 d606f67c471dd4ee97719e719e991070681620c4 145576 expat_2.0.1-7ubuntu3.11.10.1.diff.gz
Checksums-Sha256: 
 a50830d7d1913bf978f398314b3c7408bfe62de4f0a8e4d675e4d523d7d6e890 2239 expat_2.0.1-7ubuntu3.11.10.1.dsc
 cfa07e0c2610c359f84266474b38db2a4bd6d58df4e389e46ea97c0c1329d2e0 145576 expat_2.0.1-7ubuntu3.11.10.1.diff.gz
Files: 
 1d6c3b705a1e7c41d129f807256a7866 2239 text optional expat_2.0.1-7ubuntu3.11.10.1.dsc
 23e0c8e24ef566de1e7cc74707ff97d1 145576 text optional expat_2.0.1-7ubuntu3.11.10.1.diff.gz
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>


More information about the Oneiric-changes mailing list