-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 08 Sep 2024 08:44:19 +0200 Source: expat Binary: expat expat-dbgsym libexpat1 libexpat1-dbgsym libexpat1-dev libexpat1-udeb Architecture: armel Version: 2.5.0-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Laszlo Boszormenyi (GCS) Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Closes: 1080149 1080150 1080152 Changes: expat (2.5.0-1+deb12u1) bookworm-security; urgency=medium . * Backport security fix for CVE-2024-45490: reject negative len for XML_ParseBuffer() (closes: #1080149). * Backport security fix for CVE-2024-45491: detect integer overflow in dtdCopy() (closes: #1080150). * Backport security fix for CVE-2024-45492: detect integer overflow in function nextScaffoldPart() (closes: #1080152). Checksums-Sha1: 48b30a3e4975aaffdb7a62830d9e7ecbd02b0f2d 31976 expat-dbgsym_2.5.0-1+deb12u1_armel.deb 0233f98da799450d4fb86caadd9335e78df08b6d 8616 expat_2.5.0-1+deb12u1_armel-buildd.buildinfo 8888da35c49e548527273bc64cac1c731fbf72a8 38576 expat_2.5.0-1+deb12u1_armel.deb a632eda821465cd7e33b159ece3c42abe5f504c5 299936 libexpat1-dbgsym_2.5.0-1+deb12u1_armel.deb 9c21c7f8fbb9b9fd6cd1a38eaa0ec7c9dc8b58e4 129500 libexpat1-dev_2.5.0-1+deb12u1_armel.deb f4e89c3c62efb3613ceb1a07ff4d53b43ed0a816 45256 libexpat1-udeb_2.5.0-1+deb12u1_armel.udeb a9a67b7c8d76a19fbee9d1f95b13e5e9f4f947aa 77644 libexpat1_2.5.0-1+deb12u1_armel.deb Checksums-Sha256: 67a038d98093b6e7ce45dec9f46be2d1515dc7d3b05bce8a43d19bff224ba2d5 31976 expat-dbgsym_2.5.0-1+deb12u1_armel.deb a978b090ec8f4749297625ddd8a1284adda958bfc492c154734bbfacf82f9106 8616 expat_2.5.0-1+deb12u1_armel-buildd.buildinfo 6a350bab2ec9c44a92363a1ec0670db33775872c07563fa8246072863450da65 38576 expat_2.5.0-1+deb12u1_armel.deb 77e0975e33a6c5b3b518ef1f4fd55552f76596c2ab5feb62851463af81723394 299936 libexpat1-dbgsym_2.5.0-1+deb12u1_armel.deb 7006a8e60d06562ecdadfb1e26069966be50bbb34b3c2cc7225b2ec3188a4437 129500 libexpat1-dev_2.5.0-1+deb12u1_armel.deb 590032728a126575233e42f2dcf3608f4a902a9b766fdc759549896af6ae3dab 45256 libexpat1-udeb_2.5.0-1+deb12u1_armel.udeb 0e5e75ae10fd9816c30e2765e2f291b0e7325f41d7df47b1bf53426887d78e3a 77644 libexpat1_2.5.0-1+deb12u1_armel.deb Files: 3a5cb693a5d0e66a9e92a697114e6e15 31976 debug optional expat-dbgsym_2.5.0-1+deb12u1_armel.deb 66887a4f6ca6b9f60b3635dd24e0f6ba 8616 text optional expat_2.5.0-1+deb12u1_armel-buildd.buildinfo f524f1a4eeb57c7df18eaeddc856f266 38576 text optional expat_2.5.0-1+deb12u1_armel.deb 412b80b0f75efe163b68deb0e9600633 299936 debug optional libexpat1-dbgsym_2.5.0-1+deb12u1_armel.deb 1a2307c9e7f4c32dbede4f1268e829af 129500 libdevel optional libexpat1-dev_2.5.0-1+deb12u1_armel.deb 35f11c2f52d886f39ae33cbdc75fa905 45256 debian-installer optional libexpat1-udeb_2.5.0-1+deb12u1_armel.udeb f6b228da4d4e48385792f08bd355dc9d 77644 libs optional libexpat1_2.5.0-1+deb12u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAmblTDYACgkQ/9j0ct/+ ZwzEtg/7Bb5fGIG4c4yLJ2z3Azei7ZPmx0QMUT/3lxQP1G3uW+EaQwCFNDbA7hxc MEhWxKzmNpGg0FPTpNQI99IAMVa4U5y02pw2IxCT3dvd2+tFbhzrBlHVp3YpBccr n+evrNeZj/jL4JIptZaAqALoKODYnWoavmMCuyQbRSpVtLnMXn4IJnwW1UbkyBHQ Fb3W3MpnAmIuLBC4CyANiauAg1h1yk4+CIDZdPbKxRXt81aSZmIeVs9JDUmAgJgJ PB3VRM0T7D4sLTauDvr4DZleSYCmV5ejziHmC3U5pLW/XeeSY+q51AmSdUGwX/yD Xl1oRSFmcFIeR2YL4e25K5DttelKy6YzLWk5OS4/LDJfbhYI6Pr7ATp+4tg9x9mh Cc4hFClVra4KK+Vl67okIp2T0L3xxtTdKdss8wqT3Lyrl86SIvIsXiN//j8ZyGL4 uQShAXU+jjbBnbXPab0C/sv1ALqcSShHEKInh3FJuLqfIcxWX3AMzvARhIGT84jO yicSlUDLb+xR2s+IdplrY1RKN6x23ybdt229JXUhl7VPWnPz6Wtt+VI2/Yrht5Ug NPp1a7N6c121RdtsG1KDum1Z9Tfk6bgVJzN9r5Un1vcs4iLPgteanrfeKxq3lvzD QUV9Lovw8gMzTpFjo/9ddr/FmmpZY6o1b/ohFcuKbUZZyJkPegU= =XooY -----END PGP SIGNATURE-----