Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
patchinfo.22462
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.22462
<patchinfo incident="22462"> <issue tracker="bnc" id="1194251">VUL-0: CVE-2021-45960: expat: a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior</issue> <issue tracker="bnc" id="1194362">VUL-0: CVE-2021-46143: expat: integer overflow exists for m_groupSize in doProlog</issue> <issue tracker="bnc" id="1194474">VUL-0: CVE-2022-22822: expat: integer overflow in addBinding in xmlparse.c</issue> <issue tracker="bnc" id="1194476">VUL-0: CVE-2022-22823: expat: integer overflow in build_model in xmlparse.c</issue> <issue tracker="bnc" id="1194477">VUL-0: CVE-2022-22824: expat: integer overflow in defineAttribute in xmlparse.c</issue> <issue tracker="bnc" id="1194478">VUL-0: CVE-2022-22825: expat: integer overflow in lookup in xmlparse.c</issue> <issue tracker="bnc" id="1194479">VUL-0: CVE-2022-22826: expat: integer overflow in nextScaffoldPart in xmlparse.c</issue> <issue tracker="bnc" id="1194480">VUL-0: CVE-2022-22827: expat: integer overflow in storeAtts in xmlparse.c</issue> <issue tracker="cve" id="2021-45960"/> <issue tracker="cve" id="2021-46143"/> <issue tracker="cve" id="2022-22822"/> <issue tracker="cve" id="2022-22823"/> <issue tracker="cve" id="2022-22824"/> <issue tracker="cve" id="2022-22825"/> <issue tracker="cve" id="2022-22826"/> <issue tracker="cve" id="2022-22827"/> <packager>david.anes</packager> <rating>important</rating> <category>security</category> <summary>Security update for expat</summary> <description>This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251). - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362). - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474). - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476). - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477). - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478). - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479). - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor