expat 2.4.5-1 source package in Ubuntu

Changelog

expat (2.4.5-1) unstable; urgency=high

  * New upstream release:
    - fixes CVE-2022-25235: certain validation of encoding, such as checks
      for whether a UTF-8 character is valid can cause code execution
      (closes: #1005894),
    - fixes CVE-2022-25236: passing namespace separator characters can cause
      code execution (closes: #1005895),
    - fixes CVE-2022-25313: an attacker can trigger stack exhaustion in
      build_model via a large nesting depth in the DTD element,
    - fixes CVE-2022-25314: integer overflow in function copyString() ,
    - fixes CVE-2022-25315: integer overflow in function storeRawNames() .

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sat, 19 Feb 2022 07:34:25 +0100

Upload details

Uploaded by:
Laszlo Boszormenyi
Uploaded to:
Sid
Original maintainer:
Laszlo Boszormenyi
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
expat_2.4.5-1.dsc 1.9 KiB c8fd4daf9d8ff8be7c4bf22776332e6861383c889098a4b43c54e8d39409709c
expat_2.4.5.orig.tar.gz 7.9 MiB c53865ca8bb7159500ab819ee141eb30da56277b9921047f800b633ae8e5f12c
expat_2.4.5-1.debian.tar.xz 12.2 KiB 03d5fde1333193d8ad480ce9640a23b59b5484e475e3e6f5211db366e14432cb

Available diffs

No changes file available.

Binary packages built by this source

expat: XML parsing C library - example application

 This package contains xmlwf, an example application of expat, the C
 library for parsing XML. The arguments to xmlwf are one or more
 files which are each to be checked for XML well-formedness.

expat-dbgsym: debug symbols for expat
libexpat1: XML parsing C library - runtime library

 This package contains the runtime, shared library of expat, the C
 library for parsing XML. Expat is a stream-oriented parser in
 which an application registers handlers for things the parser
 might find in the XML document (like start tags).

libexpat1-dbgsym: debug symbols for libexpat1
libexpat1-dev: XML parsing C library - development kit

 This package contains the header file and development libraries of
 expat, the C library for parsing XML. Expat is a stream oriented XML
 parser. This means that you register handlers with the parser prior
 to starting the parse. These handlers are called when the parser
 discovers the associated structures in the document being parsed. A
 start tag is an example of the kind of structures for which you may
 register handlers.