-
Committer:
Package Import Robot
-
Author(s):
Tyler Hicks
-
Date:
2012-08-09 12:05:43 UTC
-
Revision ID:
package-import@ubuntu.com-20120809120543-wn10yxwgbssps8sg
Tags: 2.0.1-0ubuntu1.2
* SECURITY UPDATE: Denial of service via hash collisions
- lib/xmlparse.c: Add random salt value to hash inputs
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
- CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
- lib/xmlparse.c: Properly reallocate memory
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
- CVE-2012-1148