Format: 1.8 Date: Thu, 17 Feb 2022 20:38:16 -0300 Source: expat Binary: libexpat1-dev libexpat1 libexpat1-udeb expat Architecture: ppc64el Version: 2.2.5-3ubuntu0.4 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Changes: expat (2.2.5-3ubuntu0.4) bionic-security; urgency=medium . * SECURITY UPDATE: Realloc misbehavior - debian/patches/CVE-2021-45960.patch: detect and prevent troublesome left shifts in function storeAtts in expat/lib/xmlparse.c. - CVE-2021-45960 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-46143.patch: prevent integer overflow on m_groupSize in function doProlog in expat/lib/xmlparse.c. - CVE-2021-46143 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow in multiple places in expat/lib/xmlparse.c. - CVE-2022-22822 - CVE-2022-22823 - CVE-2022-22824 - CVE-2022-22825 - CVE-2022-22826 - CVE-2022-22827 * SECURITY UPDATE: Signed integer overflow - debian/patches/CVE-2022-23852-*.patch: detect and prevent integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and adds test to cover it in expat/tests/runtests.c. - CVE-2022-23852 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-23990.patch: prevent integer overflow in doProlog in expat/lib/xmlparse.c. - CVE-2022-23990 * SECURITY UPDATE: Incomplete validation encoding - debian/patches/CVE-2022-25235-*.patch: adds missing validation and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c. - CVE-2022-25235 * SECURITY UPDATE: Namespace-separator insertions - debian/patches/CVE-2022-25236-*.patch: Protect against malicious namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c. - CVE-2022-25236 Checksums-Sha1: a5d15a74c29ba8e3fce694e5e5cd5524ba4dcae2 28996 expat-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb b86c42c033655bbfe4b94b646a77b1596c6617a2 8116 expat_2.2.5-3ubuntu0.4_ppc64el.buildinfo d83d16a762bc6e1ba400cd1541448f885ca96413 16688 expat_2.2.5-3ubuntu0.4_ppc64el.deb 041829b54da7642d44ec3a123d0c332912328e4f 272340 libexpat1-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb 5826e44895b02fa6407e6ddb68b1e49c1901aeac 133124 libexpat1-dev_2.2.5-3ubuntu0.4_ppc64el.deb 6bd8eabc4798c97d5188ef0293854711e22c7a08 68840 libexpat1-udeb_2.2.5-3ubuntu0.4_ppc64el.udeb d9dfbc78b6fb738e8e76b57e7cf443850b833b77 90224 libexpat1_2.2.5-3ubuntu0.4_ppc64el.deb Checksums-Sha256: ad508030192287c91881cf64bcf3b16f5d93b75f52391c60633721fedb71fc4f 28996 expat-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb cbe85fc13feb8ae84cb673e53995b64eb861b8c8777f5b246f731260b5b598cd 8116 expat_2.2.5-3ubuntu0.4_ppc64el.buildinfo 27296b77659eeb57ebe01849e757709681a76b83f192eb44b4b30ef402900edd 16688 expat_2.2.5-3ubuntu0.4_ppc64el.deb 31b7e7821903dbb3dbda1a83626bffc7d1605aff4b815f56c03cf0c0bce4255a 272340 libexpat1-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb 2fdfaae19a0d74e3f28cd209ddfb0c65e24698bcf78cc5f3f7f508ad0001925f 133124 libexpat1-dev_2.2.5-3ubuntu0.4_ppc64el.deb 84d19d7fad563acf362182328e00ac3e54a45c2fcf525ea6d3c843ce02369881 68840 libexpat1-udeb_2.2.5-3ubuntu0.4_ppc64el.udeb 986fdf379b6335a25bb647b27f517e64c57a3eaba8f96b5e30eedd1887b4ca27 90224 libexpat1_2.2.5-3ubuntu0.4_ppc64el.deb Files: e3745bf8ccc0f4d8bb50bf7d548f8011 28996 debug optional expat-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb fdd36fd5322c2f239f9ab60d62872e7e 8116 text optional expat_2.2.5-3ubuntu0.4_ppc64el.buildinfo 9c19c4917db2ff0c186b272c1d6208c4 16688 text optional expat_2.2.5-3ubuntu0.4_ppc64el.deb 5557cc9320a09932cd186a2fc305cc46 272340 debug optional libexpat1-dbgsym_2.2.5-3ubuntu0.4_ppc64el.ddeb d1f665c86b7b0575fad44f0292d33d61 133124 libdevel optional libexpat1-dev_2.2.5-3ubuntu0.4_ppc64el.deb 0c92586a87d44cfd8103d9fdb6788b4b 68840 debian-installer optional libexpat1-udeb_2.2.5-3ubuntu0.4_ppc64el.udeb cd29795ca535a037bd04b399a74d546d 90224 libs optional libexpat1_2.2.5-3ubuntu0.4_ppc64el.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb