Change logs for expat source package in Artful

expat (2.2.3-1) unstable; urgency=medium

  * New upstream release.
  * Remove dh-autoreconf build dependency.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Wed, 02 Aug 2017 19:54:40 +0000

expat (2.2.2-2) unstable; urgency=medium

  * Build with libbsd on Hurd as well.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sun, 16 Jul 2017 14:23:03 +0000

expat (2.2.2-1) unstable; urgency=high

  * New upstream release:
    - fix non-NULL parser parameter validation in XML_Parse; resulted in
      NULL dereference.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Thu, 13 Jul 2017 22:46:33 +0000

expat (2.2.1-3) unstable; urgency=medium

  * Add libbsd-dev dependency to libexpat1-dev on kFreeBSD architectures
    (closes: #867252).

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Wed, 05 Jul 2017 17:45:36 +0000

expat (2.2.1-2) unstable; urgency=medium

  * Fix mis-detection of getrandom() on kFreeBSD.
  * Utilize libbsd for arc4random_buf() on kFreeBSD.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Thu, 22 Jun 2017 21:05:46 +0000

expat (2.2.1-1) unstable; urgency=high

  * New upstream release:
    - upstream fix for CVE-2016-9063 to prevent undefined behavior from signed
      integer overflow,
    - fix CVE-2017-9233: external entity infinite loop DoS,
    - fix regression from fix to CVE-2016-0718 cutting off longer tag names,
    - use high quality entropy for hash initialization for part of
      CVE-2016-5300,
    - change hash algorithm to William Ahern's version of SipHash to go
      further with fixing CVE-2012-0876.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sat, 17 Jun 2017 20:48:02 +0000

expat (2.2.0-2) unstable; urgency=high

  * Use fix from Mozilla for CVE-2016-9063: integer overflow during the
    parsing of XML.
  * Replace deprecated -s debhelper switch with the -a one.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Mon, 02 Jan 2017 21:12:32 +0000