expat (2.4.7-1ubuntu0.5) jammy-security; urgency=medium
* SECURITY UPDATE: denial-of-service via XML_ResumeParser
- debian/patches/CVE-2024-50602-1.patch: Make function XML_StopParser of
expat/lib/xmlparse.c refuse to stop/suspend an unstarted parser
- debian/patches/CVE-2024-50602-2.patch: Add XML_PARSING case to parser
state in function XML_StopParser of expat/lib/xmlparse.c
- debian/patches/CVE-2024-50602-3.patch: Add tests for CVE-2024-50602 to
expat/tests/runtests.c
- CVE-2024-50602
-- Nicolas Campuzano Jimenez <nicolas.campuzano@canonical.com> Sun, 01 Dec 2024 15:51:42 -0500
expat (2.4.7-1ubuntu0.4) jammy-security; urgency=medium
* SECURITY UPDATE: invalid input length
- CVE-2024-45490-*.patch: adds a check to the XML_ParseBuffer function of
expat/lib/xmlparse.c to identify and error out if a negative length is
provided.
- CVE-2024-45490
* SECURITY UPDATE: integer overflow
- CVE-2024-45491.patch: adds a check to the dtdCopy function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45491
* SECURITY UPDATE: integer overflow
- CVE-2024-45492.patch: adds a check to the nextScaffoldPart function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45492
-- Ian Constantin <ian.constantin@canonical.com> Tue, 10 Sep 2024 13:17:45 +0300
expat (2.4.7-1ubuntu0.3) jammy-security; urgency=medium
* SECURITY UPDATE: denial-of-service
- debian/patches/CVE-2023-52425.patch: Speed up parsing of big tokens.
- CVE-2023-52425
* SECURITY UPDATE: denial-of-service
- debian/patches/CVE-2024-28757.patch: Detect billion laughs attack with
isolated external parser.
- CVE-2024-28757
-- Fabian Toepfer <fabian.toepfer@canonical.com> Wed, 13 Mar 2024 14:28:54 +0100
expat (2.4.7-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free
- debian/patches/CVE-2022-43680-1.patch: adds tests to cover
DTD destruction in XML_ExternalEntityParserCreate in
expat/tests/runtests.c.
- debian/patches/CVE-2022-43680-2.patch: fix overeager DTD
destruction in XML_ExternalEntityParserCreate in
expat/lib/xmlparse.c.
- CVE-2022-43680
-- David Fernandez Gonzalez <david.fernandezgonzalez@canonical.com> Fri, 18 Nov 2022 12:21:42 +0100
expat (2.4.7-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Use-after-free in doContent
- debian/patches/CVE-2022-40674.patch: ensure storeRawNames()
is always called in func internalEntityProcessor if handling
unbalanced tags in expat/lib/xmlparse.c.
- CVE-2022-40674
-- David Fernandez Gonzalez <david.fernandezgonzalez@canonical.com> Tue, 15 Nov 2022 16:01:53 +0100
expat (2.4.7-1) unstable; urgency=medium
* New upstream release:
- relax fix to CVE-2022-25236 with regard to all valid URI characters
(RFC 3986).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 05 Mar 2022 07:11:48 +0100
expat (2.4.6-1) unstable; urgency=medium
* New upstream release.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Mon, 21 Feb 2022 21:08:18 +0100
expat (2.4.5-2) unstable; urgency=medium
* Fix build_model regression (closes: #1006162).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sun, 20 Feb 2022 16:26:07 +0100
expat (2.4.5-1) unstable; urgency=high
* New upstream release:
- fixes CVE-2022-25235: certain validation of encoding, such as checks
for whether a UTF-8 character is valid can cause code execution
(closes: #1005894),
- fixes CVE-2022-25236: passing namespace separator characters can cause
code execution (closes: #1005895),
- fixes CVE-2022-25313: an attacker can trigger stack exhaustion in
build_model via a large nesting depth in the DTD element,
- fixes CVE-2022-25314: integer overflow in function copyString() ,
- fixes CVE-2022-25315: integer overflow in function storeRawNames() .
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 19 Feb 2022 07:34:25 +0100
expat (2.4.4-1) unstable; urgency=medium
* New upstream release.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Tue, 01 Feb 2022 18:51:12 +0100
# For older changelog entries, run 'apt-get changelog libexpat1'
Generated by dwww version 1.14 on Sun Feb 2 13:29:27 CET 2025.