Revisions of expat
Stefan Weiberg (suntorytimed)
committed
(revision 4)
- Security fixes: * (CVE-2022-25236, bsc#1196784) [>=2.4.5] Fix to CVE-2022-25236 breaks biboumi, ClairMeta, jxmlease, libwbxml, openleadr-python, rnv, xmltodict - Added expat-CVE-2022-25236-relax-fix.patch - Security fixes: * (CVE-2022-25236, bsc#1196025) Expat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs - Added expat-CVE-2022-25236.patch * (CVE-2022-25235, bsc#1196026) xmltok_impl.c in Expat before 2.4.5 does not check whether a UTF-8 character is valid in a certain context. - Added expat-CVE-2022-25235.patch * (CVE-2022-25313, bsc#1196168) Stack exhaustion in build_model() via uncontrolled recursion - Added expat-CVE-2022-25313.patch - The fix upstream introduced a regression that was later amended in 2.4.6 version + Added expat-CVE-2022-25313-fix-regression.patch * (CVE-2022-25314, bsc#1196169) Integer overflow in copyString - Added expat-CVE-2022-25314.patch * (CVE-2022-25315, bsc#1196171) Integer overflow in storeRawNames - Added expat-CVE-2022-25315.patch
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 3)
- Update to latest version 2.4.4 in SLE-15-SP4 [jsc#SLE-21253] - update to 2.4.4 (bsc#1195217, bsc#1195054): * Security fixes: - CVE-2022-23852 -- Fix signed integer overflow (undefined behavior) in function XML_GetBuffer that is also called by function XML_Parse internally) for when XML_CONTEXT_BYTES is defined to >0 (which is both common and default). Impact is denial of service or more. - CVE-2022-23990 -- Fix unsigned integer overflow in function doProlog triggered by large content in element type declarations when there is an element declaration handler present (from a prior call to XML_SetElementDeclHandler). Impact is denial of service or more. * Bug fixes: - xmlwf: Fix a memory leak on output file opening error * Other changes: - Version info bumped from 9:3:8 to 9:4:8; see https://verbump.de/ for what these numbers do * Drop unused file valid-xhtml10.png - update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): * CVE-2021-45960 -- Fix issues with left shifts by >=29 places resulting in a) realloc acting as free b) realloc allocating too few bytes c) undefined behavior depending on architecture and precise value
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 2)
- Update to 2.4.1 in SLE-15-SP4 [jsc#SLE-21253] * Remove expat-CVE-2018-20843.patch upstream - Update to 2.4.1: * Bug fixes: - Autotools: Fix installed header expat_config.h for multilib systems; regression introduced in 2.4.0 by pull request #486 * Other changes: - Version info bumped from 9:0:8 to 9:1:8; see https://verbump.de/ for what these numbers do - Update to 2.4.0: [CVE-2013-0340 "Billion Laughs"] * Security fixes: - CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks (denial-of-service; flavors targeting CPU time or RAM or both, leveraging general entities or parameter entities or both) by tracking and limiting the input amplification factor (<amplification> := (<direct> + <indirect>) / <direct>). By conservative default, amplification up to a factor of 100.0 is tolerated and rejection only starts after 8 MiB of output bytes (=<direct> + <indirect>) have been processed. The fix adds the following to the API: - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to signals this specific condition. - Two new API functions .. - XML_SetBillionLaughsAttackProtectionMaximumAmplification and - XML_SetBillionLaughsAttackProtectionActivationThreshold .. to further tighten billion laughs protection parameters when desired. Please see file "doc/reference.html" for details. If you ever need to increase the defaults for non-attack XML
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 1)
initialize package
Displaying all 4 revisions