Format: 1.8 Date: Mon, 21 Feb 2022 15:48:46 -0300 Source: expat Binary: expat libexpat1 libexpat1-dev libexpat1-udeb Architecture: arm64 Version: 2.2.9-1ubuntu0.4 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.9-1ubuntu0.4) focal-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - debian/patches/protect-against-nested-element*: in expat/lib/xmlparse. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * removing duplicated tests - debian/patches/fix_test_dup.patch: removing tests were duplicated in expat/tests/runtests.c. Checksums-Sha1: e1ed8daa771af693c502609475db97d96c52f17e 30548 expat-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb f50ed06800bad83525867e5aea1bc99903e2ad11 8056 expat_2.2.9-1ubuntu0.4_arm64.buildinfo f93bc1bc9cbce2d1418d02dcac000ddad174ddc2 14956 expat_2.2.9-1ubuntu0.4_arm64.deb d057178768d99e0afc7454340056e815585e2951 287504 libexpat1-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb 4f92a959fa3c13318dbf5b0e1b17528d00251989 103772 libexpat1-dev_2.2.9-1ubuntu0.4_arm64.deb cad81dc7a60280e79b593294e7bc337ab52ff6ac 50308 libexpat1-udeb_2.2.9-1ubuntu0.4_arm64.udeb 1ef05e0bb5f443a254744fada95b8c16f6e9a9f3 62604 libexpat1_2.2.9-1ubuntu0.4_arm64.deb Checksums-Sha256: 05d98ef262c1d3e3b8761bc26586d209b0f1e47ee4709db1ea6f0fa5f6910fe3 30548 expat-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb de4d00424383902b82100dc6ccacc701f99981f30d3b2b07c5ceb1c8360171ec 8056 expat_2.2.9-1ubuntu0.4_arm64.buildinfo 6e7cf1211d27af587e0334cd95015a730e3630240c97c8fd56cecf4d6c2cc06d 14956 expat_2.2.9-1ubuntu0.4_arm64.deb 9cec6fc8d787f6138aede9629640377406fba8424de3f8d12a365dd5dd30df2a 287504 libexpat1-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb e74b5586d9f4aae38686ed48eb7c6811c7a12a82f369e4a4809c41ccdddba83d 103772 libexpat1-dev_2.2.9-1ubuntu0.4_arm64.deb a8ee96ea577d1d40f1510a1b69bf3e93d8a650bdcde086e7592459c66db03b76 50308 libexpat1-udeb_2.2.9-1ubuntu0.4_arm64.udeb b4c9cdcb9a24733d60faa9562486ff759b3efaab4093da7ab6bf853c584eeb7f 62604 libexpat1_2.2.9-1ubuntu0.4_arm64.deb Files: 8485100aaa4da627fcdeff8f97099763 30548 debug optional expat-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb d42c2c113ce7bf9fdb213231e30f5488 8056 text optional expat_2.2.9-1ubuntu0.4_arm64.buildinfo 8c725c821ddea98baec74501fe3f0091 14956 text optional expat_2.2.9-1ubuntu0.4_arm64.deb 22ed05d2b0ad015c4fa807b6d2e4b636 287504 debug optional libexpat1-dbgsym_2.2.9-1ubuntu0.4_arm64.ddeb 4b897e9c3143b91f20692bc71e099425 103772 libdevel optional libexpat1-dev_2.2.9-1ubuntu0.4_arm64.deb b2dcce826719ce28ae1419466ccae6d4 50308 debian-installer optional libexpat1-udeb_2.2.9-1ubuntu0.4_arm64.udeb 460a5d20f6e5bacf2fb6468352d272d2 62604 libs optional libexpat1_2.2.9-1ubuntu0.4_arm64.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb