-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 08 Sep 2024 08:44:19 +0200 Source: expat Binary: expat expat-dbgsym libexpat1 libexpat1-dbgsym libexpat1-dev libexpat1-udeb Architecture: arm64 Version: 2.5.0-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-02) Changed-By: Laszlo Boszormenyi (GCS) Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Closes: 1080149 1080150 1080152 Changes: expat (2.5.0-1+deb12u1) bookworm-security; urgency=medium . * Backport security fix for CVE-2024-45490: reject negative len for XML_ParseBuffer() (closes: #1080149). * Backport security fix for CVE-2024-45491: detect integer overflow in dtdCopy() (closes: #1080150). * Backport security fix for CVE-2024-45492: detect integer overflow in function nextScaffoldPart() (closes: #1080152). Checksums-Sha1: 07aba00f7e670b454481a20b9c11bc2115115870 32724 expat-dbgsym_2.5.0-1+deb12u1_arm64.deb cb99305fea68df29a61c9a0a766adff3bea40fa0 8742 expat_2.5.0-1+deb12u1_arm64-buildd.buildinfo 87a3405ea95c7212b234457c13ed6f77cee30f08 39468 expat_2.5.0-1+deb12u1_arm64.deb 74f8b3d06485790186db3beeaae9c52d569679da 308796 libexpat1-dbgsym_2.5.0-1+deb12u1_arm64.deb 647a2fc29ebd7285eb286d9f4d91603448ed6f59 134432 libexpat1-dev_2.5.0-1+deb12u1_arm64.deb d1a00fdefc7298b3a6dcc4800662dac91341f05e 49956 libexpat1-udeb_2.5.0-1+deb12u1_arm64.udeb a68be8e16b84610da93c626705d9515692ebf5eb 84588 libexpat1_2.5.0-1+deb12u1_arm64.deb Checksums-Sha256: aa6649b65122f1b8ac1eeef3bf87b42130fa827bb0bd97b044ad49beed6809b1 32724 expat-dbgsym_2.5.0-1+deb12u1_arm64.deb 857cad72f9437bf785de78b5fc03f089ed69dc2db10181357cb6ec0906f1868b 8742 expat_2.5.0-1+deb12u1_arm64-buildd.buildinfo f362d89a28c15f587c5fbc27a8a72b7b30b2c5ea5540f9f90867c3b148e4fae6 39468 expat_2.5.0-1+deb12u1_arm64.deb 291bcabe277c0744b9c03e23d99d92daf2a70b87c28d74613aad464044736fe3 308796 libexpat1-dbgsym_2.5.0-1+deb12u1_arm64.deb 9b97212619e93ec00d28dd6a5a7eb5cffc1bff985a5e9c41896b06afd54d54f8 134432 libexpat1-dev_2.5.0-1+deb12u1_arm64.deb bc2b38a937b817be6b894b29bed90997f0dc7f65e8c7dfcf3dfec8c4dd7a7ec7 49956 libexpat1-udeb_2.5.0-1+deb12u1_arm64.udeb 01e2a9ebd2197b1466283723ee1795713de765a3c3cef29549e6136e4c77d65e 84588 libexpat1_2.5.0-1+deb12u1_arm64.deb Files: 262bf751863a071acbc618b1ca9cccd9 32724 debug optional expat-dbgsym_2.5.0-1+deb12u1_arm64.deb 644cd8d79b903334764cc99c7a5fc959 8742 text optional expat_2.5.0-1+deb12u1_arm64-buildd.buildinfo a2a54e318a09065b2465c81729cb5745 39468 text optional expat_2.5.0-1+deb12u1_arm64.deb 29905f5451d3199618b2e078763b8683 308796 debug optional libexpat1-dbgsym_2.5.0-1+deb12u1_arm64.deb b55da248c20f3af43f90a2c6fd87071c 134432 libdevel optional libexpat1-dev_2.5.0-1+deb12u1_arm64.deb d7444e6748ea9fb8d57fb816475fd4e6 49956 debian-installer optional libexpat1-udeb_2.5.0-1+deb12u1_arm64.udeb fc73024d84c69f7b7ff21db7ac20e71f 84588 libs optional libexpat1_2.5.0-1+deb12u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE9C4sZYDxwNo9XoUDaRWK3AIe28EFAmblTAEACgkQaRWK3AIe 28G6aQ/9FNpH6vjqem91bPuisSqSSF/r298zowhwye3VZJL6UNt9PJyH5LJNvrwm zoAC7WTSYW4tABnZ++tmadXfQ3kfSRjJTsn4whAal4tiA97KKW8UHGHX0qJfGw8u NN62VmIWuxHuwtsNokJFy+ChK0kpvudaXaIvmMchpMPWzHoDCmS4aXZgdTsoUaqB CmiExmt1WE1Hyko+lq3oU8eGGyi+NilzgfZOQ4WI+X7HX2Y5Bll9Id1BPpW9kn8C yIrgbdvZbEJo2IEqp4//kWnk7FCeSAhvUABEyP2iSbruM+8RvE/M00I5aKy52Hqm 2e75r0LGPuuCpgYjNYBr2LUv7MbVvrNTPwB0M9yps5O4yDT5V2S/Sy7JgbrTg9WZ tr0oSPLBELGQqxHYKefy34mwu+6tXAQi36xLJTLLw+zGgwwU4XZQYSn1bYV7ysTK ledyJxI4ycHHaWvhfAiF9FLCKbmtpv1th8zL62sXE1OAwSsAXIeUDX8w4zXESHPo noaR7O46NRCB3Vyri6teMbexJEkjoWs288ty7TMZ1eKGzqumjJizavIPCxez86aM NEdkefUtLQ5oOmxEl1EYjpElgXyM+kESrrFQDNgcKe+bgxUrsJ2WQMYsqE9Iyd4S fbmxg4qMgGE+yFvPlhE8NIeN1F2U1tCMXW2p1YDJcGijvtYzwRg= =r+zj -----END PGP SIGNATURE-----