News for package expat

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: expat
Binary: lib64expat1-dev, lib64expat1, libexpat1-dev, libexpat1, libexpat1-udeb, expat
Architecture: any
Version: 2.2.0-2+deb9u1
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Homepage: http://expat.sourceforge.net
Standards-Version: 3.9.8
Vcs-Browser: http://svn.debian.org/wsvn/debian-xml-sgml/packages/expat/trunk/
Vcs-Svn: svn://svn.debian.org/svn/debian-xml-sgml/packages/expat/trunk/
Build-Depends: debhelper (>= 9), docbook-to-man, dh-autoreconf, dpkg-dev (>= 1.16.0), gcc-multilib [i386 powerpc sparc s390]
Package-List:
 expat deb text optional arch=any
 lib64expat1 deb libs optional arch=i386,powerpc,sparc,s390
 lib64expat1-dev deb libdevel optional arch=i386,powerpc,sparc,s390
 libexpat1 deb libs optional arch=any
 libexpat1-dev deb libdevel optional arch=any
 libexpat1-udeb udeb debian-installer extra arch=any
Checksums-Sha1:
 8453bc52324be4c796fd38742ec48470eef358b3 414352 expat_2.2.0.orig.tar.bz2
 0baf1b767d271bc01928e7265728888c49764024 11448 expat_2.2.0-2+deb9u1.debian.tar.xz
Checksums-Sha256:
 d9e50ff2d19b3538bd2127902a89987474e1a4db8e43a66a4d1a712ab9a504ff 414352 expat_2.2.0.orig.tar.bz2
 d3e171fc4d2e6173945daab7d7df46d640fa23134c9474080f6d1b65d494b0a5 11448 expat_2.2.0-2+deb9u1.debian.tar.xz
Files:
 2f47841c829facb346eb6e3fab5212e2 414352 expat_2.2.0.orig.tar.bz2
 b1691bad32efeff7e2ef4c33cb9a22d1 11448 expat_2.2.0-2+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAllMDXEACgkQ3OMQ54ZM
yL/eow/8CB+RSqRKQki9ir6H5fdis8LKCKf++p1cLDUBArxqjRtImIlME4ACvzKQ
nHTsA45zqBbJna6UXIV9IsKdAjzwBv9GkpGCwvSwcvqs2+C+9LnCHsPsvRJkTeOc
Ev1EJAkLPlgOnLUPadI5umPl//+ICdnrl6emJpKp7Fh8iofGDKD9+WSNIkiAwRr5
dfgDtAKaK4aqgBOk6pY9wcvytpXSK9296OVI6YvieNZ6CzVDFTQTtJvp6VRa9DLd
5dP14MzkYVGgDrRNzWkHSGfH0gVu3T6qYeC/mxwOxJKqbJY6Z20ZnTfDu61l5xBm
qpvEZ0Qu1aGcctvaYGNX0Tmo3QZaAt+OUZL0XfUFrFhKVa/TvuSxn0I/COxqfXWc
2pQDnC5na0GjEI2wlgXC9kVify14LDU7MqX9AhbbnE8QLtADkozQe973CPq21X3B
dCqk8L5zf3i02J1hqfXxLn/y8+svNf2nBb32JD9kJsdvqi0gN6MHKPQoVaxHpjSD
MZ6a6JlreitXMa56amBt/sfoaaUNaGUxuC6uHlHVU7gbtKKBrULTDrvWrPuSoGFB
Ct2Wb/Z58EoCg49YJY11DFgOr8F6XUQQPpuM6qbPXTAKhR5TD2P3iYBA/+aVyOp6
UZ4ZviwrTxJU5ryHKJfQVX7XBYk+v2+u/tabn6Bik2Q9TF7Ma5U=
=QTie
-----END PGP SIGNATURE-----

<span id="changes">Changes:</span>
expat (2.2.0-2+deb9u1) stretch-security; urgency=high

  * Replace the Mozilla CVE-2016-9063 fix with the more complete, upstream
    one.
  * Fix CVE-2017-9233: external entity infinite loop DoS.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Sat, 17 Jun 2017 21:31:56 +0000