[FFe] Sync expat 2.4.1-1 (main) from Debian experimental (main)
Bug #1943133 reported by
Rico Tzschichholz
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
expat (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
Please sync expat 2.4.1-1 (main) from Debian experimental (main)
https:/
CVE-2013-0340
https:/
Changelog entries since current impish version 2.3.0-1:
expat (2.4.1-1) experimental; urgency=high
* New upstream release:
- fix CVE-2013-0340: protect against billion laughs attacks
(
leveraging general entities or parameter entities or both).
* Update libexpat1 symbols.
-- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 24 May 2021 10:14:11 +0200
CVE References
Changed in expat (Ubuntu): | |
importance: | Undecided → Wishlist |
description: | updated |
description: | updated |
Changed in expat (Ubuntu): | |
importance: | Wishlist → High |
To post a comment you must log in.
Per our discussion in IRC given where we are in the release cycle this would require a Feature Freeze Exception.