Narcissus/shredos.x86_64
2
0
Fork 0
mirror of https://github.com/PartialVolume/shredos.x86_64.git synced 2026-03-06 10:42:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fa33eb3199e2bf437cec8fcff04487f0d0f04daf
shredos.x86_64/package/expat
History
Peter Korsgaard 386794d02e package/expat: security bump to version 2.2.8 
Fixes the following security vulnerability:

CVE-2019-15903: In libexpat before 2.2.8, crafted XML input could fool the
parser into changing from DTD parsing to document parsing too early; a
consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber)
then resulted in a heap-based buffer over-read.

While we're at it, also change to use .tar.xz rather than the bigger
.tar.bz2.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-09-15 22:22:18 +02:00
..
Config.in
expat.hash
package/expat: security bump to version 2.2.8
2019-09-15 22:22:18 +02:00
expat.mk
package/expat: security bump to version 2.2.8
2019-09-15 22:22:18 +02:00