From: Sebastian Pipping <sebastian@pipping.org>
Date: Wed, 14 Jun 2017 12:09:58 +0000 (+0200)
Subject: Changes: Add CVE-2017-9233 info to change log
X-Git-Tag: R_2_2_1~9^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=01bbdedb665bc4522e0eb3d15701812bb2cb2092;p=libexpat

Changes: Add CVE-2017-9233 info to change log
---

diff --git a/expat/Changes b/expat/Changes
index b48133fd..50c2711b 100644
--- a/expat/Changes
+++ b/expat/Changes
@@ -4,6 +4,9 @@ NOTE: We are looking for help with a few things:
 
 Release 2.2.1 ??????????
         Security fixes:
+                  CVE-2017-9233 -- External entity infinite loop DoS
+                    Details: https://libexpat.github.io/doc/cve-2017-9233/
+                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
                   CVE-2016-9063 -- Detect integer overflow; commit
                     d4f735b88d9932bd5039df2335eefdd0723dbe20
                     (Fixed version of existing downstream patches!)