-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2010-01-19 11:42:04 UTC
-
Revision ID:
james.westby@ubuntu.com-20100119114204-nf5xwkcrbkhd1qui
Tags: 2.0.1-0ubuntu1.1
* SECURITY UPDATE: fix DoS via malformed XML
- update lib/xmltok_impl.c to not access beyond end of input string
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13
- CVE-2009-2625
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
- update lib/xmlparse.c to properly recognize the end of a token
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165
- CVE-2009-3560