Expat 2.4.0 (and 2.4.1) with security fixes released

To: sebastian%pipping.org@localhost
Subject: Expat 2.4.0 (and 2.4.1) with security fixes released
From: Sebastian Pipping <sebastian%pipping.org@localhost>
Date: Mon, 24 May 2021 01:01:35 +0200

Hello everyone!


Expat 2.4.0 (and 2.4.1) most importantly brings protection against
Billion Laughs Attacks (CVE-2013-0340).  There is a blog post [1] and
the change log with more details.

If you have patches for Expat that are still required with version
2.4.1, please send them my way.  Thank you!

Best



Sebastian


[1]
https://blog.hartwork.org/posts/cve-2013-0340-billion-laughs-fixed-in-expat-2-4-0/
[2] https://github.com/libexpat/libexpat/blob/R_2_4_1/expat/Changes

Prev by Date: Regarding pkgsrc/mail/s-mailx submittal
Next by Date: diff from 2021-05-22 14:12 to 2021-05-24 12:38
Previous by Thread: Regarding pkgsrc/mail/s-mailx submittal
Next by Thread: default mysql -> mariadb
Indexes:

Home | Main Index | Thread Index | Old Index