Back to expat PTS page

Accepted expat 2.2.10-2+deb11u2 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted expat 2.2.10-2+deb11u2 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 26 Feb 2022 18:47:18 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nO26A-000IzR-IT@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 20 Feb 2022 17:08:18 +0100
Source: expat
Architecture: source
Version: 2.2.10-2+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1005894 1005895
Changes:
 expat (2.2.10-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent stack exhaustion in build_model (CVE-2022-25313)
   * Prevent integer overflow in storeRawNames (CVE-2022-25315)
   * Prevent integer overflow in copyString (CVE-2022-25314)
   * lib: Fix (harmless) use of uninitialized memory
   * lib: Protect against malicious namespace declarations (CVE-2022-25236)
     (Closes: #1005895)
   * tests: Cover CVE-2022-25236
   * lib: Drop unused macro UTF8_GET_NAMING
   * lib: Add missing validation of encoding (CVE-2022-25235)
     (Closes: #1005894)
   * lib: Add comments to BT_LEAD* cases where encoding has already been
     validated
   * tests: Cover missing validation of encoding (CVE-2022-25235)
   * Fix build_model regression.
   * tests: Protect against nested element declaration model regressions
Package-Type: udeb
Checksums-Sha1: 
 65b091ad484ca78f0d974ea87812286fb815ebbe 2175 expat_2.2.10-2+deb11u2.dsc
 4fe82dd3d1963aeddc0368890cd22fec8a62030c 25192 expat_2.2.10-2+deb11u2.debian.tar.xz
Checksums-Sha256: 
 6baf9313138838ef15bcc454e73c041c8cd0aef70e1f4e074c88f6caabc23fd3 2175 expat_2.2.10-2+deb11u2.dsc
 76a3b5cd539b299fac69502009dec3acbb3a4020732df548ddbde4344d8fa27e 25192 expat_2.2.10-2+deb11u2.debian.tar.xz
Files: 
 12361cd6e83af439a8a6d307993fe802 2175 text optional expat_2.2.10-2+deb11u2.dsc
 eda469432dd5c3d92fa1f761b39d69df 25192 text optional expat_2.2.10-2+deb11u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmISaGdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E/VkP/1c9KBW4loHGtkza9o5IV97sWhg28fNt
UuABjSUfXI4JbR2SyEg68VJ0Jczzr15UwOA3OUVNg9B0hNRg6aRuvb2hjeqVg8fj
CAjKQDFHS0Ww+evd1Zw7rPtzP9oa1K2lxJT7U7x6zeqDfC3eF1sPMiDWhVTBQZSu
/683dM7CvZP48c6p8D2Na0eyIpFO9AKRou9KqhOamNI0//UYH3zktxtS9RhV2G6L
9u/rgRRR2C1GKpxyIaXuyURyGMR5C/RoOZ9Yrz56AFLulnwQbfGeszFn6lv23+MK
MkzelMI5bwr9KdArRMYhfcql5vD0SFWRYIokXwI2m+NIR+mK35Pcahz+AXOYTYLi
TLuI903JyFVH4g+/ioOMsxSweIRoGJSHbxADc4UK8i1mm7l+BkFHNW6zBqXrcD7X
aM02rsDYSZ+fx4daEziH/Gl8yRu3W1De5+3QwtI1lLmtQaw5P39wwsU3W618SLMX
JK9WmBwnBU8ANb3kPY63wVcrT/FrP4DUlpM3m+a3gv5gTlsjtLI4S5n0ZFY994uE
6MzaBeaVu5DiRvv0c/aYSql/Lja+H7WLHXR4GNwNfFJPRp4Mysqe/oqDyQ4t3FLS
rRGm97aJ2B90ZGA3OpM6o5V8NIU6QqVO5uiF65ajKj8RoN2hMezgoam37sA7UmnI
xSaiIdOBoXZs
=A9aH
-----END PGP SIGNATURE-----