Release date:
2024-12-25 12:08:53 UTC
Description:
* SECURITY UPDATE: Crash in XML_ResumeParser function
- debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an
unstarted parser (XML_ERROR_NOT_STARTED). Fix XML_StopParser to be
explicit about XML_PARSING and handle default case. Cover
XML_StopParser's new handling of status XML_INITIALIZED, Fix crash
with NULL pointer dereference in normal_updatePosition
- CVE-2024-50602
Updated packages:
-
expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb
sha:d7d04cfc1bdb4b5c4b504c8fb02264b91b107e3d
-
libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb
sha:7f136fd7c4c191f8280b4a8002d7bbb9c5a6cce2
-
libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb
sha:9ab90871b6b8b9f2d45e1a11569d8de7b006169b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
