[CLSA-2022:1660760528] Fix CVE(s): CVE-2022-25235, CVE-2022-23990, CVE-2022-22825, CVE-2022-22824, CVE-2022-23852, CVE-2022-25315, CVE-2022-25236, CVE-2021-46143, CVE-2022-25313, CVE-2021-45960, CVE-2022-22826, CVE-2022-22827, CVE-2022-22822, CVE-2022-22823

Type:

security

Severity:

Critical

Release date:

2022-08-17 18:22:08 UTC

Description:

   * SECURITY UPDATE: Stack exhaustion
     - debian/patches/CVE-2022-25313.patch: prevent
       stack exhaustion in build_model in expat/lib/xmlparse.c.
     - debian/patches/fix-build_model-regression.patch: fix build_model
       regression in expat/lib/xmlparse.c.
     - CVE-2022-25313
   * SECURITY UPDATE: Integer overflow
     - debian/patches/CVE-2022-25315.patch: prevent integer overflow in
       storeRawNames in expat/lib/xmlparse.c.
     - CVE-2022-25315
   * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to
     RFC 3986 URI characters and possibly regressions
     - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI
       validation in expat/doc/reference.html, expat/lib/expat.h.
     - debian/patches/CVE-2022-25236-4.patch: document namespace separator
       effect right in header expat/lib/expat.h.
     - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests.
     - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to
       RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903)
   * fix tests adding XCS definition
     - debian/patches/fix_test_xcs.patch: in tests/runtests.c.
   * SECURITY UPDATE: Realloc misbehavior
     - debian/patches/CVE-2021-45960.patch: detect and prevent troublesome
       left shifts in function storeAtts in lib/xmlparse.c.
     - CVE-2021-45960
   * SECURITY UPDATE: Integer overflow
     - debian/patches/CVE-2021-46143.patch: prevent integer overflow
       on m_groupSize in function doProlog in lib/xmlparse.c.
     - CVE-2021-46143
   * SECURITY UPDATE: Integer overflow
     - debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow
       in multiple places in lib/xmlparse.c.
     - CVE-2022-22822
     - CVE-2022-22823
     - CVE-2022-22824
     - CVE-2022-22825
     - CVE-2022-22826
     - CVE-2022-22827
   * SECURITY UPDATE: Signed integer overflow
     - debian/patches/CVE-2022-23852-*.patch: detect and prevent
       integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and
       adds test to cover it in tests/runtests.c.
     - CVE-2022-23852
   * SECURITY UPDATE: Integer overflow
     - debian/patches/CVE-2022-23990.patch: prevent integer overflow in
       doProlog in lib/xmlparse.c.
     - CVE-2022-23990
   * SECURITY UPDATE: Incomplete validation encoding
     - debian/patches/CVE-2022-25235-*.patch: adds missing validation
       and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c.
     - CVE-2022-25235
   * SECURITY UPDATE: Namespace-separator insertions
     - debian/patches/CVE-2022-25236-*.patch: Protect against malicious
       namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c.
     - CVE-2022-25236
   * debian/patches/fixing_tests.patch: fixing tests in order to it work
     in xenial and oldest releases.

Updated packages:

expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb
sha:fd77e7030215cf639d20351c8ca91702cb02157f
libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb
sha:41d791dc54424146a30212bfc8df456c69e79ed5
libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb
sha:1e303d969aee0a45eb9f1ea00e0a3761c1670d66

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.