This bug was fixed in the package expat - 2.2.0-1
Sponsored for LocutusOfBorg (costamagnagianfranco)
---------------
expat (2.2.0-1) unstable; urgency=low
* New upstream release, update symbols accordingly.
* Use upstream manpage for xmlwf.
* Drop all patches as this release contains those.
-- Laszlo Boszormenyi (GCS) <g...@debian.org> Tue, 21 Jun 2016 15:29:58
+0000
expat (2.1.1-3) unstable; urgency=high
* Use upstream fix for the following security vulnerabilities:
- CVE-2012-6702, unanticipated internal calls to srand
- CVE-2016-5300, use of too little entropy
-- Laszlo Boszormenyi (GCS) <g...@debian.org> Sun, 05 Jun 2016 00:17:46
+0000
expat (2.1.1-2) unstable; urgency=high
* Avoid relying on undefined behavior in CVE-2015-1283 fix.
* Apply upstream patch to fix the root cause of CVE-2016-0718 and
CVE-2016-0719 vulnerabilities.
* Update Standards-Version to 3.9.8 .
-- Laszlo Boszormenyi (GCS) <g...@debian.org> Mon, 16 May 2016 05:35:08
+0000
** Changed in: expat (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-6702
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1283
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0718
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0719
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5300
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1600717
Title:
Sync expat 2.2.0-1 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/expat/+bug/1600717/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
