Ubuntu
expat package

expat 2.2.5-3ubuntu0.8 source package in Ubuntu

Changelog

expat (2.2.5-3ubuntu0.8) bionic-security; urgency=medium

  * SECURITY UPDATE: use-after-free
    - debian/patches/CVE-2022-40674.patch: adds a conditional call to
      storeRawNames() in func internalEntityProcessor following a call
      to doCOntent() that could result in unbalanced tags upon returning.
    - CVE-2022-40674
  * SECURITY UPDATE: use-after-free
    - debian/patches/CVE-2022-43680-1.patch: adds tests to cover
      DTD destruction in XML_ExternalEntityParserCreate in
      expat/tests/runtests.c.
    - debian/patches/CVE-2022-43680-2.patch: fix overeager DTD
      destruction in XML_ExternalEntityParserCreate in
      expat/lib/xmlparse.c.
    - CVE-2022-43680

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Nov 2022 07:13:44 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
expat_2.2.5.orig.tar.gz 7.9 MiB b3781742738611eaa737543ee94264dd511c52a3ba7e53111f7d705f6bff65a8
expat_2.2.5-3ubuntu0.8.debian.tar.xz 26.8 KiB b27e917707f8c393d74e5ab933e1f2f4ef5728f8bc4c2a46b24cfa92373f13a7
expat_2.2.5-3ubuntu0.8.dsc 2.2 KiB e4d8c08abb6068e6d7ec66c3acca2fccb0b476b606dd666a854cae308067d47b

View changes file

Binary packages built by this source

expat: XML parsing C library - example application

 This package contains xmlwf, an example application of expat, the C
 library for parsing XML. The arguments to xmlwf are one or more
 files which are each to be checked for XML well-formedness.

expat-dbgsym: debug symbols for expat
libexpat1: XML parsing C library - runtime library

 This package contains the runtime, shared library of expat, the C
 library for parsing XML. Expat is a stream-oriented parser in
 which an application registers handlers for things the parser
 might find in the XML document (like start tags).

libexpat1-dbgsym: debug symbols for libexpat1
libexpat1-dev: XML parsing C library - development kit

 This package contains the header file and development libraries of
 expat, the C library for parsing XML. Expat is a stream oriented XML
 parser. This means that you register handlers with the parser prior
 to starting the parse. These handlers are called when the parser
 discovers the associated structures in the document being parsed. A
 start tag is an example of the kind of structures for which you may
 register handlers.

libexpat1-udeb: XML parsing C library - runtime library

 This package contains the runtime, shared library of expat, the C
 library for parsing XML.