Attached is the diff for my libxml-parser-perl 2.34-4.1 NMU. -- see shy jo
diff -u libxml-parser-perl-2.34/debian/changelog
libxml-parser-perl-2.34/debian/changelog
--- libxml-parser-perl-2.34/debian/changelog
+++ libxml-parser-perl-2.34/debian/changelog
@@ -1,3 +1,11 @@
+libxml-parser-perl (2.34-4.1) unstable; urgency=high
+
+ * NMU.
+ * Fix buffer overflow in XML::Parser::Expat triggered by deep nesting,
+ reported by and patch provided by Joris van Rantwijk. Closes: #378412
+
+ -- Joey Hess <[EMAIL PROTECTED]> Sat, 5 Aug 2006 14:07:17 -0400
+
libxml-parser-perl (2.34-4) unstable; urgency=low
* Added 'debian/watch'
only in patch2:
unchanged:
--- libxml-parser-perl-2.34.orig/Expat/Expat.xs
+++ libxml-parser-perl-2.34/Expat/Expat.xs
@@ -495,7 +495,7 @@
}
}
- if (cbv->st_serial_stackptr >= cbv->st_serial_stacksize) {
+ if (cbv->st_serial_stackptr + 1 >= cbv->st_serial_stacksize) {
unsigned int newsize = cbv->st_serial_stacksize + 512;
Renew(cbv->st_serial_stack, newsize, unsigned int);
signature.asc
Description: Digital signature
