-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 08 Sep 2024 08:44:19 +0200 Source: expat Binary: expat expat-dbgsym libexpat1 libexpat1-dbgsym libexpat1-dev libexpat1-udeb Architecture: ppc64el Version: 2.5.0-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-conova-01) Changed-By: Laszlo Boszormenyi (GCS) Description: expat - XML parsing C library - example application libexpat1 - XML parsing C library - runtime library libexpat1-dev - XML parsing C library - development kit libexpat1-udeb - XML parsing C library - runtime library (udeb) Closes: 1080149 1080150 1080152 Changes: expat (2.5.0-1+deb12u1) bookworm-security; urgency=medium . * Backport security fix for CVE-2024-45490: reject negative len for XML_ParseBuffer() (closes: #1080149). * Backport security fix for CVE-2024-45491: detect integer overflow in dtdCopy() (closes: #1080150). * Backport security fix for CVE-2024-45492: detect integer overflow in function nextScaffoldPart() (closes: #1080152). Checksums-Sha1: f5e09110b051bfd29cc91a8fb2c8c0c36b092c6d 32944 expat-dbgsym_2.5.0-1+deb12u1_ppc64el.deb fd40a78803fe94b395512cd45364f3dfe0135cd0 8763 expat_2.5.0-1+deb12u1_ppc64el-buildd.buildinfo 54f8e10a18b54207af758af8623604fbc8eb2349 41724 expat_2.5.0-1+deb12u1_ppc64el.deb f862caed134fbac74325ef222adfa4dcea60af6c 313184 libexpat1-dbgsym_2.5.0-1+deb12u1_ppc64el.deb fb388df4db25e87e1161143cd3263fb23ea1aec6 146208 libexpat1-dev_2.5.0-1+deb12u1_ppc64el.deb ab04153d86c689b9aee2ffabe02530bbe6376480 58332 libexpat1-udeb_2.5.0-1+deb12u1_ppc64el.udeb ff76a54501f3c524ffb1d18f8d30950d23038d59 95504 libexpat1_2.5.0-1+deb12u1_ppc64el.deb Checksums-Sha256: eba84aa694a1b4aa6a6f56e9ed4d855c3fcefbd64c3db55e5ddbb1541955ee93 32944 expat-dbgsym_2.5.0-1+deb12u1_ppc64el.deb a9ff95c9e5b2a297f3c78e24e69e9348a80b7bfab62acbeac320aa8a999bb3aa 8763 expat_2.5.0-1+deb12u1_ppc64el-buildd.buildinfo b5f0f16087c323d1c11abab6df22c412a354745ccfcb04c6436fa5b9f975b050 41724 expat_2.5.0-1+deb12u1_ppc64el.deb 0ddceaee2267429c66a089e4b7c2d86ddeebd3b44524a92532fb779bdb6fdf37 313184 libexpat1-dbgsym_2.5.0-1+deb12u1_ppc64el.deb 76632073f07c8ae5e588ff87cbd7d2afc9bc3a95da041daa59e7afc9f1ad8f8b 146208 libexpat1-dev_2.5.0-1+deb12u1_ppc64el.deb 3ba74a89301f929822b2cb56b366cc36e5f0022d99d82729c61f4b67c7aa7b67 58332 libexpat1-udeb_2.5.0-1+deb12u1_ppc64el.udeb 4dd7db69361384c5ee43a7453db3141a642074c012f933b569483e7fbb4c376c 95504 libexpat1_2.5.0-1+deb12u1_ppc64el.deb Files: 212ca9ba75fef13dac23c41d029f7313 32944 debug optional expat-dbgsym_2.5.0-1+deb12u1_ppc64el.deb 61696619b466d85ffe82a3fd6b10debe 8763 text optional expat_2.5.0-1+deb12u1_ppc64el-buildd.buildinfo 1496a3321da0f9b2daf2bca2e07ea4d9 41724 text optional expat_2.5.0-1+deb12u1_ppc64el.deb e25048f0d4d19925353387f104d69a56 313184 debug optional libexpat1-dbgsym_2.5.0-1+deb12u1_ppc64el.deb 48386418e194dd197c7dc027760a1112 146208 libdevel optional libexpat1-dev_2.5.0-1+deb12u1_ppc64el.deb adb60391e27614de484a44305b5c2645 58332 debian-installer optional libexpat1-udeb_2.5.0-1+deb12u1_ppc64el.udeb 06b3a396a58af57f50610337fc54ca5f 95504 libs optional libexpat1_2.5.0-1+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE8YyVP0bbbFwKPsGN0jKBgzfto4IFAmblS3sACgkQ0jKBgzft o4Jiqg//Yi1VP+InMk5e2kayDrYhWR9Yhffi/XiD/IFvDWSOwPPB4lo14/p85kzj 8xx7vrC4WGhpCv9DN8qrpO4Op9XlDle43+UAenVzsRMr1LVohTup4nCOSXcqz/yJ OVl2umbJ9TyiKuz1KNb8O2gOxWQDIpQS1M/Gv7p+KnbgQS78NZ4V+ZsnL4bJH+wN /I4NhjGSBB90u8DuCgubQHLYfhmbinZPXCx9L3USTPj/sdo+Wxdwe2GCsNVAybIq SuFGByD9A6WaU8HlEnJGzpcae6+Ei9j3d9Csf2ssIH9v3HIf+AFP4A8LSK5BcC7F 5kyaNNlAjt3DvU5LHAOE349nEbLC6PiPh3FbjgQpxmRG5svavAM1Xzxx0UespipG RqMM61WGctY4qCvUbZ3qzgWTH+Ebpl2c03mKat2sLC93JUjrwZIpzWa0JL9kPvsP YEnXoFOT5nwl/MCtn5B7RNtGbdHa0HDiwjfR+8xYjc3RGAwG3A7Ehm0M4ha36+jq 9seqXcM0/e2/CcoU7It9E8UUqKhJDYH60rHIJ6yv599yOkiBgnCEC+QdOjzfS5IY 0GKX+h3j9uwfn1CCE9gK+MlaDbtAUpjoclRmTASQiJK7PC/0bNTCtamJFiVHBy5+ J7q27SToncn8VQaRSMbZiCqv6rOM7IPCuCdDHOk+NcTLWnMrD5Q= =rWGD -----END PGP SIGNATURE-----