1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5085-2] expat regression update

    From Salvatore Bonaccorso@21:1/5 to All on Sun Mar 13 16:20:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5085-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    March 13, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : expat

    The update for expat released as DSA 5085-1 introduced regressions for applications using URI characters (':' in particular) for a namespace
    separator (while the HTML API docs of function XML_ParserCreateNS have
    been advising against their use). Updated expat packages are now
    available which relax the fix for CVE-2022-25236 with regard to RFC 3986
    URI characters.

    For the oldstable distribution (buster), this problem has been fixed
    in version 2.2.6-2+deb10u4.

    For the stable distribution (bullseye), this problem has been fixed in
    version 2.2.10-2+deb11u3.

    We recommend that you upgrade your expat packages.

    For the detailed security status of expat please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/expat

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmIuCg1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0T4Qg/9FtaNcCnoiyq8BwF4PCakVyzNS3wtnYgzrrG7mT1K9cxBEw9soLFEvEGE Lxig6KVBzIcFS1iXVJCXLu8yAYGuNDSXeZpitzZgwjP7eo/zYQwhVmwUsDiDCQGb CaxFlGGPV/KnWSkKJ5M0AF+kz8fHFm6RYyN/KxahL8z6iYlQN26P7YvDAAdY5r8q IDiQ17x69gwGb3rHByFidMXRZSYeZYdoFdz+g+gjVNExe/9cQ/c2DxoElSK2pKOL VKG6hVZA+ieQX286VqrCbjqmzwyHO2mEv1OdVgLzPvl8bvPiQJM2pv7hlEA/WdjR XMbqCEwrsTkcl26m5zWdCzUC0b5UEWnBz5/uLGMHemmPUFo6cccX/Ozbzxucl5JI eqfAlTgsk/DQZY+soHCPfu0PrtnXGRMEpeaU+LFfGNHeHGKcFIWan1sQ5lBjP3Lu Jw7ewDtkpoiV5TMeMsc3kFOVlWNbI0AMiEtzx31IjMfvgsqKiYTH3R69YEx4Fm5L CDsTFsxrIVD7O9yyqIrqD8ZYuYRcLm9lwv8Ib0hIDZk9au8612Cr2JYJPlJqAkVi /exZ8bj5FAZ6wB5sU+CLcDt9kLe/Nj46i0PZJIfR6uHRy6SrhLxp8hP69+LXM+oP 33wNIvyGXSlzIL/ep7HvOn03areJmh514U2eL9EHPchp2Cqi5sQ=
    =kJLT
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)