Format: 1.8 Date: Mon, 21 Feb 2022 15:48:46 -0300 Source: expat Binary: expat libexpat1 libexpat1-dev libexpat1-udeb Architecture: riscv64 Version: 2.2.9-1ubuntu0.4 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.9-1ubuntu0.4) focal-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - debian/patches/protect-against-nested-element*: in expat/lib/xmlparse. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * removing duplicated tests - debian/patches/fix_test_dup.patch: removing tests were duplicated in expat/tests/runtests.c. Checksums-Sha1: 2be42045b1843ebbc0b6516ce051373a571d0937 28584 expat-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb 0179ee6d265827931d60f4b79d803f241fb402ee 7871 expat_2.2.9-1ubuntu0.4_riscv64.buildinfo 3c15edb8162ca6ef10797c4764351b9471423437 14756 expat_2.2.9-1ubuntu0.4_riscv64.deb 3654945b1d8ebbdc2eb151f0742e4aa6c31b9c8c 254448 libexpat1-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb 0d8060c83a9b8562ef8dad915f5b4fa400606c30 224800 libexpat1-dev_2.2.9-1ubuntu0.4_riscv64.deb ea33af47fb0fb50bb78bec00b725a83b32a3e55b 53408 libexpat1-udeb_2.2.9-1ubuntu0.4_riscv64.udeb b84edb342de40897f4877793b6779db68e3b6691 70536 libexpat1_2.2.9-1ubuntu0.4_riscv64.deb Checksums-Sha256: 582d23d138e6e799f75ed992f18217044c5568432238a4f51fa447dbe868091c 28584 expat-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb f7db398c1c185150fd581c811d1968667c38df47180ff110ddb05f001c46697f 7871 expat_2.2.9-1ubuntu0.4_riscv64.buildinfo cfe51d35a5417958044c3006708c02fc4ed5191be469cc0885838bced6990d3a 14756 expat_2.2.9-1ubuntu0.4_riscv64.deb 160a452a37dde3a0281e16a7c8154cb1410e459d1e73c963f0b223cddd3f5689 254448 libexpat1-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb 601e01dddc31ed5ce535f6c4f18cf93bf8dc1ef5ccaa10406183659ef3f7ad29 224800 libexpat1-dev_2.2.9-1ubuntu0.4_riscv64.deb 2a8900de91c986da277e0308a4e57446ff163b2b2edfcba2910765b9b87a4f26 53408 libexpat1-udeb_2.2.9-1ubuntu0.4_riscv64.udeb c3e25b8902ba3a0f4499ca18b08a9c5a4481f6eb94569b6471be723c44ac4d09 70536 libexpat1_2.2.9-1ubuntu0.4_riscv64.deb Files: 7468253f20ea803254833ed45537c727 28584 debug optional expat-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb 095b360d6e570a7df50d2e39e882f8b4 7871 text optional expat_2.2.9-1ubuntu0.4_riscv64.buildinfo 0dfd56552ec9b3d2e14a3ba16bf8b03b 14756 text optional expat_2.2.9-1ubuntu0.4_riscv64.deb 75d09a83c2934660fdd38ff35cf5e058 254448 debug optional libexpat1-dbgsym_2.2.9-1ubuntu0.4_riscv64.ddeb 7c50caf11a7251cacd333dc00371228d 224800 libdevel optional libexpat1-dev_2.2.9-1ubuntu0.4_riscv64.deb 827f300bb3eb48086039d1ca2162cbd9 53408 debian-installer optional libexpat1-udeb_2.2.9-1ubuntu0.4_riscv64.udeb e3a0827312cb30d990700eccf1916ecd 70536 libs optional libexpat1_2.2.9-1ubuntu0.4_riscv64.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb