[xml/sgml-pkgs] Bug#551936: expat: CVE-2009-2625
Daniel Leidert
daniel.leidert at wgdd.de
Sun Oct 25 22:05:30 UTC 2009
Hi security team,
I recently received this bug report:
Am Mittwoch, den 21.10.2009, 18:38 -0400 schrieb Michael Gilbert:
> package: expat
> version: 1.95.8-3
> severity: serious
> tags: security
>
> hello, a security issue has been disclosed for expat. see [0],[1].
> this affects all supported debian releases, so please coordinate with
> the security team to prepare DSAs.
>
> mike
>
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625
> [1] https://bugs.gentoo.org/show_bug.cgi?id=280615
The dpatch patch is already available at
http://svn.debian.org/wsvn/debian-xml-sgml/packages/expat/trunk/debian/patches/551936_CVE_2009_2625.dpatch
Shall I prepare the packages (I'm registered as DM for expat > 2.0.1,
but not for expat in oldstable) or do you want to do this?
Regards, Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.alioth.debian.org/pipermail/debian-xml-sgml-pkgs/attachments/20091025/afde7e8f/attachment.pgp>
More information about the debian-xml-sgml-pkgs
mailing list