Format: 1.8 Date: Mon, 21 Feb 2022 15:48:46 -0300 Source: expat Binary: expat libexpat1 libexpat1-dev libexpat1-udeb Architecture: armhf Version: 2.2.9-1ubuntu0.4 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.9-1ubuntu0.4) focal-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - debian/patches/protect-against-nested-element*: in expat/lib/xmlparse. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * removing duplicated tests - debian/patches/fix_test_dup.patch: removing tests were duplicated in expat/tests/runtests.c. Checksums-Sha1: 78c735613e1fbed7dfa637e2647b45be98cee6a9 29992 expat-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb 60f77313900f196ef3cd3aee661a5ffcbf3b15a1 7948 expat_2.2.9-1ubuntu0.4_armhf.buildinfo 62325b700562dec663a61498275a78a0d1380e7e 13760 expat_2.2.9-1ubuntu0.4_armhf.deb 251f659fa52d49e585fd47f194c5bbc3ead59225 286084 libexpat1-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb 3c3e4c7ccae331501cf5a44be44f83fdd77f1932 101184 libexpat1-dev_2.2.9-1ubuntu0.4_armhf.deb 292fc262c80495b4e66892e02e2dc9741963a34d 44344 libexpat1-udeb_2.2.9-1ubuntu0.4_armhf.udeb acf5694d2141af4e5685443a4da9f620619c1b0d 55108 libexpat1_2.2.9-1ubuntu0.4_armhf.deb Checksums-Sha256: 326aacf6c8a4ed9e136e7ca4c7ce8f2b29882975dd1b6821c138cf22f5a5d958 29992 expat-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb 7d538598325098e38f8edaa820e6766f4b5a81a9cfebd7700ed23b2ec09f6fe0 7948 expat_2.2.9-1ubuntu0.4_armhf.buildinfo cd06687aa22879a58b712fc5a8c6850068fe3f8ed165215c80c20f4e93bfe38a 13760 expat_2.2.9-1ubuntu0.4_armhf.deb 28b2641c43a7fe30dfe26c32312e731faa60929fb7c63f70d11022b6465b5095 286084 libexpat1-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb ca468b3e123893037c988290c75d20fcbc7301f6fd4c54690ac1780bd4eb460c 101184 libexpat1-dev_2.2.9-1ubuntu0.4_armhf.deb 953d9eb8e84f1200ad438b33f58e2769d5c7f5d1b43de94daa59ed3040cefbfb 44344 libexpat1-udeb_2.2.9-1ubuntu0.4_armhf.udeb 90ca9415e6264543c3b8a100da7bb7642dde75ab33fa2e4a76ae1b1b82112fb3 55108 libexpat1_2.2.9-1ubuntu0.4_armhf.deb Files: c9529f5766926f11ef81d0bbeda5335d 29992 debug optional expat-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb 610b208ba2c1d80d4cc7f1c764c3dff4 7948 text optional expat_2.2.9-1ubuntu0.4_armhf.buildinfo 5635ba925ff2546fa019ead292071cf5 13760 text optional expat_2.2.9-1ubuntu0.4_armhf.deb 312bfc1b3c74d0952c13361b00a68fe6 286084 debug optional libexpat1-dbgsym_2.2.9-1ubuntu0.4_armhf.ddeb 44eb2a90fb1131959ae3d5217e1096d4 101184 libdevel optional libexpat1-dev_2.2.9-1ubuntu0.4_armhf.deb 54223b57421efea3a7964da3cdf1cd24 44344 debian-installer optional libexpat1-udeb_2.2.9-1ubuntu0.4_armhf.udeb 4cafe715b77836d96c20efbab2782613 55108 libs optional libexpat1_2.2.9-1ubuntu0.4_armhf.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb