Hi,
here's the diff for my NMU.
Cheers,
Moritz
diff -u xmlrpc-c-1.06.27/debian/changelog xmlrpc-c-1.06.27/debian/changelog
--- xmlrpc-c-1.06.27/debian/changelog
+++ xmlrpc-c-1.06.27/debian/changelog
@@ -1,3 +1,10 @@
+xmlrpc-c (1.06.27-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix CVE-2009-3560 and CVE-2009-3720 (Closes: #560942)
+
+ -- Moritz Muehlenhoff <[email protected]> Wed, 28 Jul 2010 22:18:54 -0400
+
xmlrpc-c (1.06.27-1) unstable; urgency=low
* New upstream release
diff -u xmlrpc-c-1.06.27/debian/patches/series xmlrpc-c-1.06.27/debian/patches/series
--- xmlrpc-c-1.06.27/debian/patches/series
+++ xmlrpc-c-1.06.27/debian/patches/series
@@ -2,0 +3,3 @@
+CVE-2009-3560-3720.patch
+
+
only in patch2:
unchanged:
--- xmlrpc-c-1.06.27.orig/debian/patches/CVE-2009-3560-3720.patch
+++ xmlrpc-c-1.06.27/debian/patches/CVE-2009-3560-3720.patch
@@ -0,0 +1,25 @@
+diff -aur xmlrpc-c-1.06.27.orig//lib/expat/xmlparse/xmlparse.c xmlrpc-c-1.06.27/lib/expat/xmlparse/xmlparse.c
+--- xmlrpc-c-1.06.27.orig//lib/expat/xmlparse/xmlparse.c 2007-01-10 20:08:53.000000000 -0500
++++ xmlrpc-c/lib/expat/xmlparse/xmlparse.c 2010-07-28 22:17:13.000000000 -0400
+@@ -2330,6 +2330,9 @@
+ return XML_ERROR_UNCLOSED_TOKEN;
+ case XML_TOK_PARTIAL_CHAR:
+ return XML_ERROR_PARTIAL_CHAR;
++ case -XML_TOK_PROLOG_S:
++ tok = -tok;
++ break;
+ case XML_TOK_NONE:
+ #ifdef XML_DTD
+ if (enc != encoding)
+diff -aur xmlrpc-c-1.06.27.orig//lib/expat/xmltok/xmltok_impl.c xmlrpc-c-1.06.27/lib/expat/xmltok/xmltok_impl.c
+--- xmlrpc-c-1.06.27.orig//lib/expat/xmltok/xmltok_impl.c 2006-07-11 22:00:38.000000000 -0400
++++ xmlrpc-c/lib/expat/xmltok/xmltok_impl.c 2010-07-28 22:16:23.000000000 -0400
+@@ -1737,7 +1737,7 @@
+ const char *end,
+ POSITION *pos)
+ {
+- while (ptr != end) {
++ while (ptr < end) {
+ switch (BYTE_TYPE(enc, ptr)) {
+ #define LEAD_CASE(n) \
+ case BT_LEAD ## n: \
