expat 2.2.5-3ubuntu0.7 source package in Ubuntu

Changelog

expat (2.2.5-3ubuntu0.7) bionic-security; urgency=medium

  * SECURITY UPDATE: Stack exhaustion
    - debian/patches/CVE-2022-25313.patch: prevent
      stack exhaustion in build_model in expat/lib/xmlparse.c.
    - debian/patches/fix-build_model-regression.patch: fix build_model
      regression in expat/lib/xmlparse.c.
    - CVE-2022-25313
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-25314.patch: prevent integer overflow in
      copyString in expat/lib/xmlparse.c.
    - CVE-2022-25314
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-25315.patch: prevent integer overflow in
      storeRawNames in expat/lib/xmlparse.c.
    - CVE-2022-25315
  * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to
    RFC 3986 URI characters and possibly regressions
    - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI
      validation in expat/doc/reference.html, expat/lib/expat.h.
    - debian/patches/CVE-2022-25236-4.patch: document namespace separator
      effect right in header expat/lib/expat.h.
    - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests.
    - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to
      RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903)

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Mar 2022 09:28:37 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates main text
Bionic security main text

Downloads

File Size SHA-256 Checksum
expat_2.2.5.orig.tar.gz 7.9 MiB b3781742738611eaa737543ee94264dd511c52a3ba7e53111f7d705f6bff65a8
expat_2.2.5-3ubuntu0.7.debian.tar.xz 25.2 KiB a75eda766efd1d0cf458a69c227eefe7679482b8312fe88d8af55a49f3be8801
expat_2.2.5-3ubuntu0.7.dsc 2.2 KiB adb0b12dcc1f339517ceeebc866b38779dd7de0a025ff6344be9052a4c34e89c

View changes file

Binary packages built by this source

expat: XML parsing C library - example application

 This package contains xmlwf, an example application of expat, the C
 library for parsing XML. The arguments to xmlwf are one or more
 files which are each to be checked for XML well-formedness.

expat-dbgsym: debug symbols for expat
libexpat1: XML parsing C library - runtime library

 This package contains the runtime, shared library of expat, the C
 library for parsing XML. Expat is a stream-oriented parser in
 which an application registers handlers for things the parser
 might find in the XML document (like start tags).

libexpat1-dbgsym: debug symbols for libexpat1
libexpat1-dev: XML parsing C library - development kit

 This package contains the header file and development libraries of
 expat, the C library for parsing XML. Expat is a stream oriented XML
 parser. This means that you register handlers with the parser prior
 to starting the parse. These handlers are called when the parser
 discovers the associated structures in the document being parsed. A
 start tag is an example of the kind of structures for which you may
 register handlers.

libexpat1-udeb: XML parsing C library - runtime library

 This package contains the runtime, shared library of expat, the C
 library for parsing XML.