Package "expat"

Name:	expat
Description:	XML parsing C library - example application
Latest version:	2.5.0-2ubuntu0.1
Release:	mantic (23.10)
Level:	security
Repository:	universe
Homepage:	https://libexpat.github.io/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "expat"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "expat" in Mantic

Repository	Area	Version
base	main	2.5.0-2
base	universe	2.5.0-2
security	main	2.5.0-2ubuntu0.1
updates	universe	2.5.0-2ubuntu0.1
updates	main	2.5.0-2ubuntu0.1

Changelog

Version: 2.5.0-2ubuntu0.1 2024-03-14 12:07:00 UTC

expat (2.5.0-2ubuntu0.1) mantic-security; urgency=medium * SECURITY UPDATE: denial-of-service - debian/patches/CVE-2023-52425.patch: Speed up parsing of big tokens. - CVE-2023-52425 * SECURITY UPDATE: denial-of-service - debian/patches/CVE-2024-28757.patch: Detect billion laughs attack with isolated external parser. - CVE-2024-28757 -- Fabian Toepfer <email address hidden> Wed, 13 Mar 2024 16:05:10 +0100

CVE-2023-52425	libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for w
CVE-2024-28757	libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCrea

About - Send Feedback to @ubuntu_updates

Package "expat"

Links

Download "expat"

Other versions of "expat" in Mantic

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates