[osgeo4w] #116: Apply patch against crash in UTF-8 parser in Expat (CVE-2009-2625)

#116: Apply patch against crash in UTF-8 parser in Expat (CVE-2009-2625)
--------------------+-------------------------------------------------------
Reporter:  rouault  |       Owner:  [hidden email]
    Type:  defect   |      Status:  new                        
Priority:  major    |   Component:  Package                    
 Version:           |    Keywords:  expat                      
--------------------+-------------------------------------------------------
 A security hole has been discovered in Expat 2.0.1 that make it crash on
 invalid UTF8 sequences. The fix is in upstream
 Expat(http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.15&r2=1.13)
 and has been backported to Linux distros :
 https://bugs.gentoo.org/show_bug.cgi?id=280615,
 http://svn.debian.org/wsvn/debian-xml-
 sgml/packages/expat/trunk/debian/patches/551936_CVE_2009_2625.dpatch

--
Ticket URL: <http://trac.osgeo.org/osgeo4w/ticket/116>
OSGeo4W <http://trac.osgeo.org/osgeo4w>
OSGeo4W is the Windows installer for the OSGeo stack.
_______________________________________________
osgeo4w-dev mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/osgeo4w-dev