Description:
- CVE-2022-25236: Fix insertion of namespace-separator characters into
namespace URIs
- CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to
arbitrary code execution
- CVE-2022-25315: Fix integer overflow in storeRawNames()
- CVE-2022-22822: Fix integer overflow in addBinding()
- CVE-2022-22823: Fix integer overflow in build_model()
- CVE-2022-22824: Fix integer overflow in defineAttribute()
- CVE-2022-22825: Fix integer overflow in lookup()
- CVE-2022-22826: Fix integer overflow in nextScaffoldPart()
- CVE-2022-22827: Fix integer overflow in storeAtts()
- CVE-2022-23852: Fix integer overflow in XML_GetBuffer()
- CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog()
- CVE-2021-45960: Fix troublesome left shifts in storeAtts()
- CVE-2022-23990: Fix integer overflow in doProlog()
- CVE-2022-25313: Fix stack exhaustion in build_model()
- CVE-2022-25314: Fix integer overflow in copyString()
Updated packages:
-
expat-static-2.2.5-4.el8.tuxcare.els1.x86_64.rpm
sha:3a2a9ee8ae3b449336d8cd53b6240b0e7e9a1d41
-
expat-2.2.5-4.el8.tuxcare.els1.x86_64.rpm
sha:2ca78fbcf43a998d0c859e8e3a04dc91854c63cf
-
expat-devel-2.2.5-4.el8.tuxcare.els1.i686.rpm
sha:8c8db830ff4b5ff3a79e51ef38fbef31f79d57e6
-
expat-devel-2.2.5-4.el8.tuxcare.els1.x86_64.rpm
sha:f4306fe518d12dd5cc13267b47de6b882c05c7ab
-
expat-2.2.5-4.el8.tuxcare.els1.i686.rpm
sha:cee59d5cca02d71cd52f86343d79a8058c582a22
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
