|
From: | Sebastian Pipping |
Subject: | Expat 2.4.0 (and 2.4.1) with security fixes released |
Date: | Mon, 24 May 2021 01:01:35 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 |
Hello everyone! Expat 2.4.0 (and 2.4.1) most importantly brings protection against Billion Laughs Attacks (CVE-2013-0340). There is a blog post [1] and the change log with more details. If you have patches for Expat that are still required with version 2.4.1, please send them my way. Thank you! Best Sebastian [1] https://blog.hartwork.org/posts/cve-2013-0340-billion-laughs-fixed-in-expat-2-4-0/ [2] https://github.com/libexpat/libexpat/blob/R_2_4_1/expat/Changes
[Prev in Thread] | Current Thread | [Next in Thread] |