This bug was fixed in the package expat - 2.2.0-1 Sponsored for LocutusOfBorg (costamagnagianfranco)
--------------- expat (2.2.0-1) unstable; urgency=low * New upstream release, update symbols accordingly. * Use upstream manpage for xmlwf. * Drop all patches as this release contains those. -- Laszlo Boszormenyi (GCS) <g...@debian.org> Tue, 21 Jun 2016 15:29:58 +0000 expat (2.1.1-3) unstable; urgency=high * Use upstream fix for the following security vulnerabilities: - CVE-2012-6702, unanticipated internal calls to srand - CVE-2016-5300, use of too little entropy -- Laszlo Boszormenyi (GCS) <g...@debian.org> Sun, 05 Jun 2016 00:17:46 +0000 expat (2.1.1-2) unstable; urgency=high * Avoid relying on undefined behavior in CVE-2015-1283 fix. * Apply upstream patch to fix the root cause of CVE-2016-0718 and CVE-2016-0719 vulnerabilities. * Update Standards-Version to 3.9.8 . -- Laszlo Boszormenyi (GCS) <g...@debian.org> Mon, 16 May 2016 05:35:08 +0000 ** Changed in: expat (Ubuntu) Status: New => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-6702 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1283 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-0718 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-0719 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-5300 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1600717 Title: Sync expat 2.2.0-1 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1600717/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs