[osgeo4w-dev] Re: [osgeo4w] #116: Apply patch against crash in UTF-8 parser in Expat (CVE-2009-2625)

OSGeo4W trac_osgeo4w at osgeo.org
Mon Apr 5 13:02:12 EDT 2010

#116: Apply patch against crash in UTF-8 parser in Expat (CVE-2009-2625)
Reporter:  rouault  |        Owner:  osgeo4w-dev at lists.osgeo.org
    Type:  defect   |       Status:  new                        
Priority:  major    |    Component:  Package                    
 Version:           |   Resolution:                             
Keywords:  expat    |  
Comment (by rouault):

 I'll usually trust Linux distro and security researchers for places to
 patch. Actually, When looking at http://svn.debian.org/wsvn/debian-xml-
 sgml/packages/expat/trunk/debian/patches/, I see there's also an extra
 patch for another expat CVE that should be applied. So the 2 are :
   * http://svn.debian.org/wsvn/debian-xml-
   * http://svn.debian.org/wsvn/debian-xml-

Ticket URL: <http://trac.osgeo.org/osgeo4w/ticket/116#comment:2>
OSGeo4W <http://trac.osgeo.org/osgeo4w>
OSGeo4W is the Windows installer for the OSGeo stack.

More information about the osgeo4w-dev mailing list