Format: 1.8 Date: Mon, 21 Feb 2022 15:48:46 -0300 Source: expat Binary: expat libexpat1 libexpat1-dev libexpat1-udeb Architecture: ppc64el Version: 2.2.9-1ubuntu0.4 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.9-1ubuntu0.4) focal-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - debian/patches/protect-against-nested-element*: in expat/lib/xmlparse. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * removing duplicated tests - debian/patches/fix_test_dup.patch: removing tests were duplicated in expat/tests/runtests.c. Checksums-Sha1: b5ee586dee734b22d9ac57ee7876d2f9138e5bf9 31752 expat-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb e76faae2e8ab42c980853ca6973dfc5e1af8d876 8141 expat_2.2.9-1ubuntu0.4_ppc64el.buildinfo 35fd2b56852797938b63ee0f3d843aa4ecbfa4ad 16844 expat_2.2.9-1ubuntu0.4_ppc64el.deb 7fc8c7bc8f148816ce71797c15a619d126266bd6 332340 libexpat1-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb bf66f0b7c48aa36a1c865fd4335b0cac4b02912d 121124 libexpat1-dev_2.2.9-1ubuntu0.4_ppc64el.deb 1fab38c2a086673b6cd3529dffc695263912db36 59036 libexpat1-udeb_2.2.9-1ubuntu0.4_ppc64el.udeb 675cee8b8a6e3dce8593308a05471e3d59e428e5 77548 libexpat1_2.2.9-1ubuntu0.4_ppc64el.deb Checksums-Sha256: 6865c5c9d646ef7a867906560e17abcf71f385764c0a739814d5608d5c5c9787 31752 expat-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb f7d038ab4dc06723b70d4bb61380220c4262db7fe2f3f64c6061f65745219be5 8141 expat_2.2.9-1ubuntu0.4_ppc64el.buildinfo 3cc2eb9a33baea089ea806a5ac41b0e464595398fa25c11de9f2b77cdaeb9bd9 16844 expat_2.2.9-1ubuntu0.4_ppc64el.deb 102f95af74634b3b2f001a58b2e165ec493093066e5c7bc7a73d0b93d31c4a28 332340 libexpat1-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb 7adacf0950189fa4a0165584e25d2e10593707958116035fa67d6dc0ef71df53 121124 libexpat1-dev_2.2.9-1ubuntu0.4_ppc64el.deb 58792a5f0ce95c4ae6d78d4f3c71b7786b4a3ea19f632c2c8c07b2b071e65698 59036 libexpat1-udeb_2.2.9-1ubuntu0.4_ppc64el.udeb 842719eaa41c6a9d6527fe7792642b84e9b1601fdfa8cde101eb298942ac512b 77548 libexpat1_2.2.9-1ubuntu0.4_ppc64el.deb Files: 096171b0937f7d4d6c7d8e99558a29c8 31752 debug optional expat-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb e2a074ae488ab617d31fef712e467fbe 8141 text optional expat_2.2.9-1ubuntu0.4_ppc64el.buildinfo c599597f53644e812583bf2cece31465 16844 text optional expat_2.2.9-1ubuntu0.4_ppc64el.deb a1414bbbdf07c05be436ee710d6acce2 332340 debug optional libexpat1-dbgsym_2.2.9-1ubuntu0.4_ppc64el.ddeb f27d07c2fa671f941e1e5600d1cb4363 121124 libdevel optional libexpat1-dev_2.2.9-1ubuntu0.4_ppc64el.deb 9dda806e3c65120159b1b4163c58562c 59036 debian-installer optional libexpat1-udeb_2.2.9-1ubuntu0.4_ppc64el.udeb 2ec698eec5fd2e8a8e96e6dd0ad7bdef 77548 libs optional libexpat1_2.2.9-1ubuntu0.4_ppc64el.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb