Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
patchinfo.22958
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.22958
<patchinfo incident="22958"> <issue tracker="cve" id="2022-25314"/> <issue tracker="cve" id="2022-25313"/> <issue tracker="cve" id="2022-25236"/> <issue tracker="cve" id="2022-25235"/> <issue tracker="cve" id="2022-25315"/> <issue tracker="bnc" id="1196168">VUL-0: CVE-2022-25313: expat: Stack exhaustion in build_model() via uncontrolled recursion</issue> <issue tracker="bnc" id="1196025">VUL-0: CVE-2022-25236: expat: xmlparse.c in Expat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.</issue> <issue tracker="bnc" id="1196169">VUL-0: CVE-2022-25314: expat: Integer overflow in copyString</issue> <issue tracker="bnc" id="1196171">VUL-0: CVE-2022-25315: expat: Integer overflow in storeRawNames</issue> <issue tracker="bnc" id="1196026">VUL-0: CVE-2022-25235: expat: xmltok_impl.c in Expat before 2.4.5 does not check whether a UTF-8 character is valid in a certain context.</issue> <issue tracker="bnc" id="1196784">expat: [>=2.4.5] Fix to CVE-2022-25236 breaks biboumi, ClairMeta, jxmlease, libwbxml, openleadr-python, rnv, xmltodict</issue> <packager>david.anes</packager> <rating>important</rating> <category>security</category> <summary>Security update for expat</summary> <description>This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025). - Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784). - CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026). - CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168). - CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169). - CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor