Public bug reported: Please sync expat 2.1.0-7 (main) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be droppped: expat (2.1.0-6ubuntu1) utopic; urgency=medium * No-change rebuild to get debug symbols on all architectures. -- Brian Murray <[email protected]> Tue, 21 Oct 2014 11:56:11 -0700 Unless I'm missing something, this was just a rebuild without any changes. Changes in Debian since 2.1.0-6: expat (2.1.0-7) unstable; urgency=high * Fix CVE-2015-1283, multiple integer overflows in the XML_GetBuffer function (closes: #793484). * Update Standards-Version to 3.9.6 . -- Laszlo Boszormenyi (GCS) <[email protected]> Fri, 24 Jul 2015 14:48:45 +0000 Note that this includes fix for a CVE. I don't know what the policy is regarding syncs with the ongoing gcc5 transition, so please let me know if this will need to wait until that has been sorted out. ** Affects: expat (Ubuntu) Importance: Undecided Status: New ** Tags: upgrade-software-version ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1283 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1483033 Title: Please sync expat 2.1.0-7 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1483033/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
