Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-security/expat
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

10. By Tyler Hicks

* SECURITY UPDATE: Denial of service via hash collisions
  - lib/xmlparse.c: Add random salt value to hash inputs
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - lib/xmlparse.c: Properly reallocate memory
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
  - CVE-2012-1148

9. By Jamie Strandboge

* SECURITY UPDATE: fix DoS via malformed XML
  - update lib/xmltok_impl.c to not access beyond end of input string
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
  - CVE-2009-2625
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
  - update lib/xmlparse.c to properly recognize the end of a token
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
  - CVE-2009-3560

8. By Matthias Klose

* New upstream version. LP: #133808.
* Remove the old libexpat.so.0 symlink; this bug predates Ubuntu (was
  fixed in version 1.95.5-1).
* Drop the extra build files in bcb5/.

7. By Matthias Klose

Build 64bit packages.

6. By Ardo van Rangelrooij <email address hidden>

* Acknowledged NMUs 1.95.8-3.1 - 1.95.8-3.4
  ( closes: Bug#355937, Bug#354244, Bug#342684)
* lib/expat.h: removed trailing comma from enum XML_Status
  (closes: Bug#344298)
* debian/control: removed 'Provides' from libexpat1-udeb stanza
  (closes: Bug#419606)
* xmlwf/xmlwf.1: removed incorrect statement on well-formedness
  (closes: Bug#412786
* debian/TODO: updated
* debian/control: upgraded to Debian Policy 3.7.2 (no changes)
  (thanks Bryan Donlan <email address hidden> !)
* debian/rules: replaced $(PWD) by $(CURDIR)
* debian/control: replaced ${Source-Version} by ${Source-Version}
  (thanks Bryan Donlan <email address hidden> !)

5. By Matthias Klose

Rebuild for changes in the amd64 toolchain.

4. By Aurelien Jarno

* Porter NMU.
* Libtool update (closes: bug#342684).

3. By Ardo van Rangelrooij <email address hidden>

* Makefile.in: added $(srcdir)/expat_config.h to APIHEADER
  (closes: Bug#302191)
* rebuild against latest libtool for kfreebsd-gnu
  (closes: Bug#295825)

2. By Ardo van Rangelrooij <email address hidden>

debian/control: removed unnecessary build dependency on autoconf

1. By Ardo van Rangelrooij <email address hidden>

Import upstream version 1.95.2

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.