Format: 1.8 Date: Mon, 21 Feb 2022 15:48:46 -0300 Source: expat Binary: expat libexpat1 libexpat1-dev libexpat1-udeb Architecture: i386 Version: 2.2.9-1ubuntu0.4 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.9-1ubuntu0.4) focal-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - debian/patches/protect-against-nested-element*: in expat/lib/xmlparse. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * removing duplicated tests - debian/patches/fix_test_dup.patch: removing tests were duplicated in expat/tests/runtests.c. Checksums-Sha1: 595b69f8475f373f9c47278b13dfec09611920a0 26120 expat-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb 90209aa0f60214be08c1f6f69c0fb00a8c6848c5 8000 expat_2.2.9-1ubuntu0.4_i386.buildinfo 239cd5c6d26ef2aa54cb0b15aa0bae6e23351c95 16392 expat_2.2.9-1ubuntu0.4_i386.deb 0ad679bbb30116ed3acae37ef54ae4425ce17087 270884 libexpat1-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb bf21cdefef353f777c7d7e5594100660d5db20ed 124116 libexpat1-dev_2.2.9-1ubuntu0.4_i386.deb 5a7782f8fdb77865dc1e2723bbbf23eca38ec41f 57692 libexpat1-udeb_2.2.9-1ubuntu0.4_i386.udeb e93fee88f60fcee352940c5541bee5592cd9ac7c 77552 libexpat1_2.2.9-1ubuntu0.4_i386.deb Checksums-Sha256: 46edb6d25ff4f15b6f5fd33c9dd482fe8965a9509dbd9da8735acc7a7910b2a2 26120 expat-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb 260997336d114722ec1555604551c1f435b586beaa37ca8387c2b016db007630 8000 expat_2.2.9-1ubuntu0.4_i386.buildinfo b0cf8e569f0eb467d0d234c518560b6010d20248bd2ce3f3cbd5f59ba1788070 16392 expat_2.2.9-1ubuntu0.4_i386.deb 9cd1ad03f9bb7df7391a0e599958c615b82e6d922da5b8217ebd7fece99c9b0a 270884 libexpat1-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb f79b036a71db1986c2d60ca8dd45e08a7dba1a18f083d4e864a3d4ba2b3c40dd 124116 libexpat1-dev_2.2.9-1ubuntu0.4_i386.deb 9e6cfa97ca114691a4901e5d4c2203bc6d28fbaddda39988ce760f6ab9a00ad5 57692 libexpat1-udeb_2.2.9-1ubuntu0.4_i386.udeb ed729e80a187e4b83bad4d1b8ab28d2dd46638dbe653acdd9c215c00e15b6bd8 77552 libexpat1_2.2.9-1ubuntu0.4_i386.deb Files: dbb742d23ead7d16e1727dcae6ac5b89 26120 debug optional expat-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb f861e499cd927ed545333529c778202b 8000 text optional expat_2.2.9-1ubuntu0.4_i386.buildinfo 23b9428a59045d508894d1c28471b563 16392 text optional expat_2.2.9-1ubuntu0.4_i386.deb b85bff7be5b84b4733eef90595cc2e54 270884 debug optional libexpat1-dbgsym_2.2.9-1ubuntu0.4_i386.ddeb 44749da04680b66cb5c088ca6dcd3c88 124116 libdevel optional libexpat1-dev_2.2.9-1ubuntu0.4_i386.deb 2b6cdd5f509835bae94072d116e94ebe 57692 debian-installer optional libexpat1-udeb_2.2.9-1ubuntu0.4_i386.udeb 02aa2fb2901fa071181ef7ecc2fa11c9 77552 libs optional libexpat1_2.2.9-1ubuntu0.4_i386.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb