-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 08 Sep 2024 08:44:19 +0200 Source: expat Binary: expat expat-dbgsym libexpat1 libexpat1-dbgsym libexpat1-dev libexpat1-udeb Architecture: armhf Version: 2.5.0-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: arm Build Daemon (arm-conova-02) Changed-By: Laszlo Boszormenyi (GCS) Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Closes: 1080149 1080150 1080152 Changes: expat (2.5.0-1+deb12u1) bookworm-security; urgency=medium . * Backport security fix for CVE-2024-45490: reject negative len for XML_ParseBuffer() (closes: #1080149). * Backport security fix for CVE-2024-45491: detect integer overflow in dtdCopy() (closes: #1080150). * Backport security fix for CVE-2024-45492: detect integer overflow in function nextScaffoldPart() (closes: #1080152). Checksums-Sha1: a49169db52d2b221076f93c687f20523e3915b53 32024 expat-dbgsym_2.5.0-1+deb12u1_armhf.deb 99f700d8d49f50116ea2b725710c17a69f3e0bde 8618 expat_2.5.0-1+deb12u1_armhf-buildd.buildinfo 22c8b46b92aa69ea1d9a6fd2f7f2ef48f76f7eff 38272 expat_2.5.0-1+deb12u1_armhf.deb b05d0a79184a3db58e95fa3180c357a1c3cab109 305560 libexpat1-dbgsym_2.5.0-1+deb12u1_armhf.deb 6f96db4806fa9c02bb50c1f31d1903685d10ba25 133416 libexpat1-dev_2.5.0-1+deb12u1_armhf.deb d97afd2a12323926293c4bf48578696942b603c2 46784 libexpat1-udeb_2.5.0-1+deb12u1_armhf.udeb f5c2e818f4009b0cf01ac59851c5b93cf4d1a058 79576 libexpat1_2.5.0-1+deb12u1_armhf.deb Checksums-Sha256: 2ce2c5aa21859e87496c67d4c3953e05afe4799ac0ab9bbb63b2a29f50eb299b 32024 expat-dbgsym_2.5.0-1+deb12u1_armhf.deb 95965337061d2dc8cc8b851f85714d18b4378727b9961b2bec84b85269f59585 8618 expat_2.5.0-1+deb12u1_armhf-buildd.buildinfo 1385a9fe47c6da10d27a2a10c59641ef3253d4bebc35d4d0683afaa28155302f 38272 expat_2.5.0-1+deb12u1_armhf.deb 4c3177eaa177c244af98b11db3f533b3f7470f37689ec061e5411fef1dccffb6 305560 libexpat1-dbgsym_2.5.0-1+deb12u1_armhf.deb d3aa1aba190cb0aeb4727b6587bc3b213fe2ac13f47090b3b1beef0a519026a8 133416 libexpat1-dev_2.5.0-1+deb12u1_armhf.deb a88b7a9ba137c62c8e9633124f70e21133c7765648a73687543f10f96cab2710 46784 libexpat1-udeb_2.5.0-1+deb12u1_armhf.udeb d4582f6496a1450c9cda50ab0413ea1541b8deda9618084cf5d96178b7ba9b31 79576 libexpat1_2.5.0-1+deb12u1_armhf.deb Files: a1c1027166cea224cc9ef95ad5017784 32024 debug optional expat-dbgsym_2.5.0-1+deb12u1_armhf.deb 9eb343e5cd812b909086b917dedf6b1e 8618 text optional expat_2.5.0-1+deb12u1_armhf-buildd.buildinfo 00018e26a62d2102ffa10568e9742f91 38272 text optional expat_2.5.0-1+deb12u1_armhf.deb 257f49c74ec68b618b8e73431ec13bc1 305560 debug optional libexpat1-dbgsym_2.5.0-1+deb12u1_armhf.deb 4cd868c4c63e7987ad8e74a190fc5f00 133416 libdevel optional libexpat1-dev_2.5.0-1+deb12u1_armhf.deb 61be96d41a572c5826d1d422425d7195 46784 debian-installer optional libexpat1-udeb_2.5.0-1+deb12u1_armhf.udeb 58d4fe46c7f91d4f5b218cdcbd85a404 79576 libs optional libexpat1_2.5.0-1+deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKAzExpjGvTI78ZO8LARVyvnD3xkFAmblS6AACgkQLARVyvnD 3xluyA//SS988ROTG0W/oNiqclBcMBjau2OrlwtVp89Yw9Vvrld8jq+QWUb1LMvc asTfDxrQetU8yVOF6HxKZOn226OszqD8bbj0sMpHB9gT7HOweBIbKQMpc7DJB6uF jQVhe1myKWa5ZjWk+HQGdjxjUO/HugtcFNx26SeVIdfMNzDaNK8CYvLar2ZsF4OP yDdqecTq4uU2kVk3hTbXIX7VtBZTeEUFwu7Q/7ffSPcrsfIQDqgwd+Efo+nQAZlt fpwaNbxg1afYrjpmDDivFBccYx9jU5HuZkeRMD7Z+ylxZBDnkV5kyIW/ACbj1kra ALPaAy6P6d0unyrnZU7t7yZQPMAhQSXRjpSVb5iDX/RvqnI9Las5TcYEGP2y7Nrq wPvoKnzfUnIWRiwhuUWpZkZU9SRH1MkXdUYDJOH7XLYQjDdkfDlIaOTqCPj2Ir+B woTgIhkCsGI697omydjFSjz3uAuLSV6k1FB1nyTWJzTKlU3pcoE0MokKqYqGEHCZ BLwz+jZg+Psvs9R3NojouPQgtyzpsfRN9QNnZDvPnF6+h3i41kSRT2vltcIDxEvi oAMcmDD1ZkXRig53NagWy98GssnZ68eeBUUrECdtZz1x3kiy+FAqpKmK4ZFm+cTv 9YHyBD9oLut6qPmQF9EvjjmCK8aIXom5dPcAunmd2W1dJCDBadA= =/Yz+ -----END PGP SIGNATURE-----