ubuntu/+source/expat:ubuntu/xenial-updates

Last commit made on 2017-07-19
Get this branch:
git clone -b ubuntu/xenial-updates https://git.launchpad.net/ubuntu/+source/expat
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/xenial-updates
Repository:
lp:ubuntu/+source/expat

Recent commits

93841e9... by Marc Deslauriers on 2017-06-27

Import patches-unapplied version 2.1.0-7ubuntu0.16.04.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 39ba2aba884199177940fd471f9794dd2ab0b87c

New changelog entries:
  * SECURITY UPDATE: external entity infinite loop
    - debian/patches/CVE-2017-9233.patch: add check to lib/xmlparse.c.
    - CVE-2017-9233

39ba2ab... by Marc Deslauriers on 2016-06-10

Import patches-unapplied version 2.1.0-7ubuntu0.16.04.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9d66a1224d70a47c371cbb88067446759203d866

New changelog entries:
  * SECURITY UPDATE: unanticipated internal calls to srand
    - debian/patches/CVE-2012-6702-1.patch: remove srand, use more entropy
      in lib/xmlparse.c.
    - debian/patches/CVE-2012-6702-2.patch: use a prime that fits 32bits on
      32bit platforms in lib/xmlparse.c.
    - CVE-2012-6702
  * SECURITY UPDATE: use of too little entropy
    - debian/patches/CVE-2016-5300-1.patch: extract method
      gather_time_entropy in lib/xmlparse.c.
    - debian/patches/CVE-2016-5300-2.patch: extract entropy from XML_Parser
      address in lib/xmlparse.c.
    - CVE-2016-5300

9d66a12... by Marc Deslauriers on 2016-05-16

Import patches-unapplied version 2.1.0-7ubuntu0.16.04.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 78e195ce6ffe0a0671aac957fe5096198115c4b3

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    malformed documents
    - debian/patches/CVE-2016-0718.patch: fix out of bounds memory access
      and integer overflow in lib/xmlparse.c, lib/xmltok.c, lib/xmltok.h,
      lib/xmltok_impl.c.
    - CVE-2016-0718
  * SECURITY UPDATE: integer overflows in XML_GetBuffer
    - debian/patches/CVE-2015-1283-refix.patch: improved existing fix in
      lib/xmlparse.c.
    - CVE-2015-1283

78e195c... by Laszlo Boszormenyi on 2015-07-24

Import patches-unapplied version 2.1.0-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e264354f2a5855192d8c01e4b48db0be60ec39d3

New changelog entries:
  * Fix CVE-2015-1283, multiple integer overflows in the XML_GetBuffer
    function (closes: #793484).
  * Update Standards-Version to 3.9.6 .

e264354... by Laszlo Boszormenyi on 2014-06-04

Import patches-unapplied version 2.1.0-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: dac77b79e50f2db70c29747a3055db8c212c48e6

New changelog entries:
  * Really do the Ubuntu sync (closes: #748250).

dac77b7... by Laszlo Boszormenyi on 2014-05-18

Import patches-unapplied version 2.1.0-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 358e8d7c9b17c3057cdea8b11fec027a81d57ba1

New changelog entries:
  * Move to Standards-Version 3.9.5 and to debhelper level 9 .
  * Sync with Ubuntu.
  [ Matthias Klose <email address hidden> ]
  * Use dh-autoreconf (closes: #748250).
  * Enable parallel builds.

358e8d7... by Laszlo Boszormenyi on 2013-07-07

Import patches-unapplied version 2.1.0-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 56501817bbee0bbe490646138061d47a90c25179

New changelog entries:
  * New maintainer (closes: #660681).
  * Update to Standards-Version 3.9.4 , no changes needed.
  * Move to compat level 8 .

5650181... by Matthias Klose on 2013-05-08

Import patches-unapplied version 2.1.0-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 135cd0bb85508cf1975d3deb942b5a9a60d1b65b

New changelog entries:
  * QA upload, set maintainer address to the QA team.
  * Move expat_config.h into the multiarch include location.
  * Make libexpat1-dev Multi-Arch: same.
  * Update config.{guess,sub} for aarch64 (Wookey). Closes: #689619.
  * Don't ship the pkgconfig file in lib64expat1-dev. Closes: #706932.

135cd0b... by Matthias Klose on 2012-04-04

Import patches-unapplied version 2.1.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2f232cec83b63a9d47f9190831f1bca738cd5772

New changelog entries:
  * QA upload.
  * expat 2.1.0 release.

2f232ce... by Matthias Klose on 2012-03-23

Import patches-unapplied version 2.1.0~beta3-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a906816c3a655be69186425c4282cc8e79be54ea

New changelog entries:
  * Fix symbol version for XML_SetHashSalt. Addresses #665362.