Описание
ELSA-2024-1615: expat security update (MODERATE)
[2.2.5-11.0.1.1]
- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]
[2.2.5-11.1]
- CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
- Resolves: RHEL-29321
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
expat
2.2.5-11.0.1.el8_9.1
expat-devel
2.2.5-11.0.1.el8_9.1
Oracle Linux x86_64
expat
2.2.5-11.0.1.el8_9.1
expat-devel
2.2.5-11.0.1.el8_9.1
Связанные CVE
Связанные уязвимости
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumptio ...