Package "expat"

Name:	expat
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: XML parsing C library - runtime library XML parsing C library - development kit
Latest version:	2.5.0-2ubuntu0.1
Release:	mantic (23.10)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "expat" in Mantic

Repository	Area	Version
base	main	2.5.0-2
base	universe	2.5.0-2
security	main	2.5.0-2ubuntu0.1
security	universe	2.5.0-2ubuntu0.1
updates	universe	2.5.0-2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2.5.0-2ubuntu0.1 2024-03-14 15:06:58 UTC

expat (2.5.0-2ubuntu0.1) mantic-security; urgency=medium * SECURITY UPDATE: denial-of-service - debian/patches/CVE-2023-52425.patch: Speed up parsing of big tokens. - CVE-2023-52425 * SECURITY UPDATE: denial-of-service - debian/patches/CVE-2024-28757.patch: Detect billion laughs attack with isolated external parser. - CVE-2024-28757 -- Fabian Toepfer <email address hidden> Wed, 13 Mar 2024 16:05:10 +0100

CVE-2023-52425	libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for w
CVE-2024-28757	libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCrea

About - Send Feedback to @ubuntu_updates

Package "expat"

Links

Other versions of "expat" in Mantic

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates