expat 2.4.1-2ubuntu0.1 source package in Ubuntu
Changelog
expat (2.4.1-2ubuntu0.1) impish-security; urgency=medium * SECURITY UPDATE: Realloc misbehavior - debian/patches/CVE-2021-45960.patch: detect and prevent troublesome left shifts in function storeAtts in expat/lib/xmlparse.c. - CVE-2021-45960 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-46143.patch: prevent integer overflow on m_groupSize in function doProlog in expat/lib/xmlparse.c. - CVE-2021-46143 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow in multiple places in expat/lib/xmlparse.c. - CVE-2022-22822 - CVE-2022-22823 - CVE-2022-22824 - CVE-2022-22825 - CVE-2022-22826 - CVE-2022-22827 * SECURITY UPDATE: Signed integer overflow - debian/patches/CVE-2022-23852-*.patch: detect and prevent integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and adds test to cover it in expat/tests/runtests.c. - CVE-2022-23852 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-23990.patch: prevent integer overflow in doProlog in expat/lib/xmlparse.c. - CVE-2022-23990 * SECURITY UPDATE: Incomplete validation encoding - debian/patches/CVE-2022-25235-*.patch: adds missing validation and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c. - CVE-2022-25235 * SECURITY UPDATE: Namespace-separator insertions - debian/patches/CVE-2022-25236-*.patch: Protect against malicious namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c. - CVE-2022-25236 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 17 Feb 2022 19:44:18 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Impish
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- text
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
expat_2.4.1.orig.tar.gz | 7.9 MiB | 660e5852b26125f4508183dfa134e18eb33a892dbd8e06786ea38d92dbbb5b07 |
expat_2.4.1-2ubuntu0.1.debian.tar.xz | 17.5 KiB | e7122a2d7ac96f803e127f3f99d18471754455f816d9a884cf8efc5c3588cc65 |
expat_2.4.1-2ubuntu0.1.dsc | 2.0 KiB | 5fa2940c8cac2226eb2df913f866020434979b00cb8c1cd75d878f80c3bf6481 |
Available diffs
Binary packages built by this source
- expat: No summary available for expat in ubuntu impish.
No description available for expat in ubuntu impish.
- expat-dbgsym: No summary available for expat-dbgsym in ubuntu impish.
No description available for expat-dbgsym in ubuntu impish.
- libexpat1: No summary available for libexpat1 in ubuntu impish.
No description available for libexpat1 in ubuntu impish.
- libexpat1-dbgsym: No summary available for libexpat1-dbgsym in ubuntu impish.
No description available for libexpat1-dbgsym in ubuntu impish.
- libexpat1-dev: No summary available for libexpat1-dev in ubuntu impish.
No description available for libexpat1-dev in ubuntu impish.