Format: 1.8 Date: Tue, 08 Mar 2022 09:28:37 -0300 Source: expat Binary: libexpat1-dev libexpat1 libexpat1-udeb expat Architecture: armhf Version: 2.2.5-3ubuntu0.7 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas Da Silva Barbosa Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Launchpad-Bugs-Fixed: 1963903 Changes: expat (2.2.5-3ubuntu0.7) bionic-security; urgency=medium . * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25314.patch: prevent integer overflow in copyString in expat/lib/xmlparse.c. - CVE-2022-25314 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) Checksums-Sha1: 8d638bfa393345eb2a8febcf7749c7cc111d371a 25852 expat-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb 77569e7e304880ef4ad356a60b73dc900e022c96 8006 expat_2.2.5-3ubuntu0.7_armhf.buildinfo c3889beaf7417d803bff1f05f0bb60c0d35ee563 13256 expat_2.2.5-3ubuntu0.7_armhf.deb db4d748fe5c63e33402a77fe047a3038f9c409b9 232120 libexpat1-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb 5151b9a1b9430200b529e1c555504d40115be01c 106752 libexpat1-dev_2.2.5-3ubuntu0.7_armhf.deb 6c2d2cfedf54725205385d75072642e7f0e63617 49992 libexpat1-udeb_2.2.5-3ubuntu0.7_armhf.udeb 251ac1eebe71ed2dc5b0164b90abe5d227e47deb 60864 libexpat1_2.2.5-3ubuntu0.7_armhf.deb Checksums-Sha256: 704a973a085f9c0991e7802499c37e03a9e84a688513806eee17a59f895f4b38 25852 expat-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb e47339b028495c3c01e3527977beadf5b7e027c47bfb36796b0dc5271d63527e 8006 expat_2.2.5-3ubuntu0.7_armhf.buildinfo 1dc37bf1177883a02cd9e08575da8872ab0a88f90ca21c6c0fa2446b315aab9e 13256 expat_2.2.5-3ubuntu0.7_armhf.deb ad6565065b8dc0cab60af6a933cce8421a02d6a34e4de78c2da2adaca903d725 232120 libexpat1-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb 4cd90546811cc7a8ee9f7afe3acbf3cbb81e52c9a84532bd9312be50ec81c971 106752 libexpat1-dev_2.2.5-3ubuntu0.7_armhf.deb 440bb803f52d702af7744486ea50c3751de08067164b93f9f3cdf0777f4d2456 49992 libexpat1-udeb_2.2.5-3ubuntu0.7_armhf.udeb a3e0636ba00343f66ec521fba99fb6afc7ea1ec4c3beda08c7ea0a08ae43f829 60864 libexpat1_2.2.5-3ubuntu0.7_armhf.deb Files: 9925de2aa5f587fbb67fce581ad54afe 25852 debug optional expat-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb ff7c26cd25f7ea3024a76018d7ead235 8006 text optional expat_2.2.5-3ubuntu0.7_armhf.buildinfo 7b02d62dcb4dde296b3d56d6a03a4517 13256 text optional expat_2.2.5-3ubuntu0.7_armhf.deb d1dfab769747438ed2a3f07e637fe0c9 232120 debug optional libexpat1-dbgsym_2.2.5-3ubuntu0.7_armhf.ddeb 643570e2a8b887e99f3ae7030ea13b13 106752 libdevel optional libexpat1-dev_2.2.5-3ubuntu0.7_armhf.deb 66a7a629bc7338fb3e48b74f7138394e 49992 debian-installer optional libexpat1-udeb_2.2.5-3ubuntu0.7_armhf.udeb c2003559b8361eff1c6f957a4caa8f53 60864 libs optional libexpat1_2.2.5-3ubuntu0.7_armhf.deb Original-Maintainer: Laszlo Boszormenyi (GCS) Package-Type: udeb