expat 2.4.1-2ubuntu0.1 source package in Ubuntu
Changelog
expat (2.4.1-2ubuntu0.1) impish-security; urgency=medium
* SECURITY UPDATE: Realloc misbehavior
- debian/patches/CVE-2021-45960.patch: detect and prevent troublesome
left shifts in function storeAtts in expat/lib/xmlparse.c.
- CVE-2021-45960
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2021-46143.patch: prevent integer overflow
on m_groupSize in function doProlog in expat/lib/xmlparse.c.
- CVE-2021-46143
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow
in multiple places in expat/lib/xmlparse.c.
- CVE-2022-22822
- CVE-2022-22823
- CVE-2022-22824
- CVE-2022-22825
- CVE-2022-22826
- CVE-2022-22827
* SECURITY UPDATE: Signed integer overflow
- debian/patches/CVE-2022-23852-*.patch: detect and prevent
integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and
adds test to cover it in expat/tests/runtests.c.
- CVE-2022-23852
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2022-23990.patch: prevent integer overflow in
doProlog in expat/lib/xmlparse.c.
- CVE-2022-23990
* SECURITY UPDATE: Incomplete validation encoding
- debian/patches/CVE-2022-25235-*.patch: adds missing validation
and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c.
- CVE-2022-25235
* SECURITY UPDATE: Namespace-separator insertions
- debian/patches/CVE-2022-25236-*.patch: Protect against malicious
namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c.
- CVE-2022-25236
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 17 Feb 2022 19:44:18 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Impish
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- text
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| expat_2.4.1.orig.tar.gz | 7.9 MiB | 660e5852b26125f4508183dfa134e18eb33a892dbd8e06786ea38d92dbbb5b07 |
| expat_2.4.1-2ubuntu0.1.debian.tar.xz | 17.5 KiB | e7122a2d7ac96f803e127f3f99d18471754455f816d9a884cf8efc5c3588cc65 |
| expat_2.4.1-2ubuntu0.1.dsc | 2.0 KiB | 5fa2940c8cac2226eb2df913f866020434979b00cb8c1cd75d878f80c3bf6481 |
Available diffs
Binary packages built by this source
- expat: No summary available for expat in ubuntu impish.
No description available for expat in ubuntu impish.
- expat-dbgsym: No summary available for expat-dbgsym in ubuntu impish.
No description available for expat-dbgsym in ubuntu impish.
- libexpat1: No summary available for libexpat1 in ubuntu impish.
No description available for libexpat1 in ubuntu impish.
- libexpat1-dbgsym: No summary available for libexpat1-dbgsym in ubuntu impish.
No description available for libexpat1-dbgsym in ubuntu impish.
- libexpat1-dev: No summary available for libexpat1-dev in ubuntu impish.
No description available for libexpat1-dev in ubuntu impish.
