[CLSA-2024:1726608017] Fix CVE(s): CVE-2024-45491, CVE-2024-45492

Type:

security

Severity:

Critical

Release date:

2024-09-17 21:20:20 UTC

Description:

   * SECURITY UPDATE: Avoid integer overflow on 32 bits systems
     - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c
     - CVE-2024-45491
   * SECURITY UPDATE: Avoid integer overflow on 32 bits systems
     - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in
       xmlparse.c
     - CVE-2024-45492

Updated packages:

expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb
sha:bb1e7428d52798e0d7823326089a55a1dc39262a
libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb
sha:045029e8f703e4446fd9f97819f6b01a3c3a2212
libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb
sha:efee2421f7b691e476957fb396ff1b73775da17d

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.