[ubuntu/yakkety-proposed] expat 2.1.1-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed May 18 11:47:15 UTC 2016 

expat (2.1.1-1ubuntu1) yakkety; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    malformed documents
    - debian/patches/CVE-2016-0718.patch: fix out of bounds memory access
      and integer overflow in lib/xmlparse.c, lib/xmltok.c, lib/xmltok.h,
      lib/xmltok_impl.c.
    - CVE-2016-0718
  * SECURITY UPDATE: integer overflows in XML_GetBuffer
    - debian/patches/CVE-2015-1283-refix.patch: improved existing fix in
      lib/xmlparse.c.
    - CVE-2015-1283

Date: Mon, 16 May 2016 12:31:20 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/expat/2.1.1-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 16 May 2016 12:31:20 -0400
Source: expat
Binary: lib64expat1-dev lib64expat1 libexpat1-dev libexpat1 libexpat1-udeb expat
Architecture: source
Version: 2.1.1-1ubuntu1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 expat      - XML parsing C library - example application
 lib64expat1 - XML parsing C library - runtime library (64bit)
 lib64expat1-dev - XML parsing C library - development kit (64bit)
 libexpat1  - XML parsing C library - runtime library
 libexpat1-dev - XML parsing C library - development kit
 libexpat1-udeb - XML parsing C library - runtime library (udeb)
Changes:
 expat (2.1.1-1ubuntu1) yakkety; urgency=medium
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed documents
     - debian/patches/CVE-2016-0718.patch: fix out of bounds memory access
       and integer overflow in lib/xmlparse.c, lib/xmltok.c, lib/xmltok.h,
       lib/xmltok_impl.c.
     - CVE-2016-0718
   * SECURITY UPDATE: integer overflows in XML_GetBuffer
     - debian/patches/CVE-2015-1283-refix.patch: improved existing fix in
       lib/xmlparse.c.
     - CVE-2015-1283
Checksums-Sha1:
 8355666c5acaed7d5af638bd002982c721ddb149 2360 expat_2.1.1-1ubuntu1.dsc
 43d952d457b717c433dd8317d637146d6ab3ee7a 15136 expat_2.1.1-1ubuntu1.debian.tar.xz
Checksums-Sha256:
 0dc249e84f0bca5b0d590438631c579eb9cee34fb062d76d30e28547c2dafdde 2360 expat_2.1.1-1ubuntu1.dsc
 558763264bc1ffcd09e6dc2e5d4f9ec5e51eda50f278510e53b258e3e95af958 15136 expat_2.1.1-1ubuntu1.debian.tar.xz
Files:
 3fad5d4c67293ae36731d19cc8074add 2360 text optional expat_2.1.1-1ubuntu1.dsc
 eaeb9bcc8fcffbbfe3a5ec9b53f339c3 15136 text optional expat_2.1.1-1ubuntu1.debian.tar.xz
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXPFWTAAoJEGVp2FWnRL6TFRkP/2Q/H6+AirYYuQEHM+kgSMb0
Cs07/gLb1mQa0gQfkgWx791EE8ublW50daQpuG+rVzGEK83SD8zg6mokgPOJsq9u
SRbNit33aXG7MDFHpip4XSw4BghRhVMXiAcFVO/kQqp8bq2yYlCp7sEsXNOO+aHw
FcGBYY4O1ABLQrwCJi/JOpSk25NKSNK1sV6AUI8R1bPhhvVqsrqYyvhCAEnAo4H7
16aElzP+bWIGYT3W44J46eWvl+Inz1quzRB2K7ZaArELfLXsMjaCKMFPH8qmqLhS
XgAbwoDz/JKxiObbUPNE2jk02NoldeOkGfMlpcIbiUUh/P/qny0Vk19FTo6rFqTv
SgqIS9tCkBohbBPY4QJk6w+fkTD9Tej7mK/MxurkrAokjDzDFP/XBChvmcxaIvFe
6WjkZNeLYCofvrRJkAwqVpPUI36lCt4Xi4tJH6ylUPK4wk+a5eR6lBCbmOpCzFcU
i37F9stcxOaGsrJS1CKucRbwzVe/vKZTyTO0yoctNZzQ0g8YapD+HqthqSgXPx2/
FI39JiVOfaBrcudIW+jzh24Hx6RR9+WWxTk9WwRJWWx36YJmEPXcpFunfPHWMyAg
MehCoarR6PUJwCBGhDi+Lr+dBDo6+TZxAH78l3aoG5iKyZU4B6wFe+8wV2I/1Zeu
xIUZGUp29S2iulD51zs9
=rTqO
-----END PGP SIGNATURE-----

More information about the Yakkety-changes mailing list