-
expat (2.0.1-0ubuntu1.2) hardy-security; urgency=low
* SECURITY UPDATE: Denial of service via hash collisions
- lib/xmlparse.c: Add random salt value to hash inputs
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
- CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
- lib/xmlparse.c: Properly reallocate memory
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
- CVE-2012-1148
-- Tyler Hicks <email address hidden> Thu, 09 Aug 2012 12:05:43 -0700
-
expat (2.0.1-0ubuntu1.1) hardy-security; urgency=low
* SECURITY UPDATE: fix DoS via malformed XML
- update lib/xmltok_impl.c to not access beyond end of input string
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
- CVE-2009-2625
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
- update lib/xmlparse.c to properly recognize the end of a token
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
- CVE-2009-3560
-- Jamie Strandboge <email address hidden> Tue, 19 Jan 2010 11:42:04 -0600
-
expat (2.0.1-0ubuntu1) hardy; urgency=low
* New upstream version. LP: #133808.
* Remove the old libexpat.so.0 symlink; this bug predates Ubuntu (was
fixed in version 1.95.5-1).
* Drop the extra build files in bcb5/.
-- Matthias Klose <email address hidden> Wed, 05 Dec 2007 17:37:50 +0100
-
expat (1.95.8-4ubuntu1) gutsy; urgency=low
* Build 64bit packages.
-- Matthias Klose <email address hidden> Sat, 22 Sep 2007 10:00:04 +0200