[Touch-packages] [Bug 1483033] [NEW] Please sync expat 2.1.0-7 (main) from Debian unstable (main)

Hans Joachim Desserud Sun, 09 Aug 2015 11:51:06 -0700

Public bug reported:

Please sync expat  2.1.0-7 (main) from Debian unstable (main).


Explanation of the Ubuntu delta and why it can be droppped:

expat (2.1.0-6ubuntu1) utopic; urgency=medium

  * No-change rebuild to get debug symbols on all architectures.
 -- Brian Murray <br...@ubuntu.com>   Tue, 21 Oct 2014 11:56:11 -0700

Unless I'm missing something, this was just a rebuild without any
changes.

Changes in Debian since 2.1.0-6:
expat (2.1.0-7) unstable; urgency=high

  * Fix CVE-2015-1283, multiple integer overflows in the XML_GetBuffer
    function (closes: #793484).
  * Update Standards-Version to 3.9.6 .

 -- Laszlo Boszormenyi (GCS) <g...@debian.org>  Fri, 24 Jul 2015 14:48:45
+0000


Note that this includes fix for a CVE. I don't know what the policy is 
regarding syncs with the ongoing gcc5 transition, so please let me know if this 
will need to wait until that has been sorted out.

** Affects: expat (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: upgrade-software-version

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1283

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to expat in Ubuntu.
https://bugs.launchpad.net/bugs/1483033

Title:
  Please sync expat  2.1.0-7 (main) from Debian unstable (main)

Status in expat package in Ubuntu:
  New

Bug description:
  Please sync expat  2.1.0-7 (main) from Debian unstable (main).

  Explanation of the Ubuntu delta and why it can be droppped:

  expat (2.1.0-6ubuntu1) utopic; urgency=medium

    * No-change rebuild to get debug symbols on all architectures.
   -- Brian Murray <br...@ubuntu.com>   Tue, 21 Oct 2014 11:56:11 -0700

  Unless I'm missing something, this was just a rebuild without any
  changes.

  Changes in Debian since 2.1.0-6:
  expat (2.1.0-7) unstable; urgency=high

    * Fix CVE-2015-1283, multiple integer overflows in the XML_GetBuffer
      function (closes: #793484).
    * Update Standards-Version to 3.9.6 .

   -- Laszlo Boszormenyi (GCS) <g...@debian.org>  Fri, 24 Jul 2015
  14:48:45 +0000

  
  Note that this includes fix for a CVE. I don't know what the policy is 
regarding syncs with the ongoing gcc5 transition, so please let me know if this 
will need to wait until that has been sorted out.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1483033/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1483033] [NEW] Please sync expat 2.1.0-7 (main) from Debian unstable (main)

Reply via email to