Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054).
- CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
expat-2.0.1-88.42.15.1
libexpat1-2.0.1-88.42.15.1
SUSE Linux Enterprise Server 11 SP4-LTSS
expat-2.0.1-88.42.15.1
libexpat1-2.0.1-88.42.15.1
libexpat1-32bit-2.0.1-88.42.15.1
Ссылки
- Link for SUSE-SU-2022:14884-1
- E-Mail link for SUSE-SU-2022:14884-1
- SUSE Security Ratings
- SUSE Bug 1195054
- SUSE Bug 1195217
- SUSE CVE CVE-2022-23852 page
- SUSE CVE CVE-2022-23990 page
Описание
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:expat-2.0.1-88.42.15.1
SUSE Linux Enterprise Point of Sale 11 SP3:libexpat1-2.0.1-88.42.15.1
SUSE Linux Enterprise Server 11 SP4-LTSS:expat-2.0.1-88.42.15.1
SUSE Linux Enterprise Server 11 SP4-LTSS:libexpat1-2.0.1-88.42.15.1
Ссылки
- CVE-2022-23852
- SUSE Bug 1195054
- SUSE Bug 1196480
- SUSE Bug 1200038
- SUSE Bug 1200198
Описание
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:expat-2.0.1-88.42.15.1
SUSE Linux Enterprise Point of Sale 11 SP3:libexpat1-2.0.1-88.42.15.1
SUSE Linux Enterprise Server 11 SP4-LTSS:expat-2.0.1-88.42.15.1
SUSE Linux Enterprise Server 11 SP4-LTSS:libexpat1-2.0.1-88.42.15.1
Ссылки
- CVE-2022-23990
- SUSE Bug 1195217
- SUSE Bug 1196480
- SUSE Bug 1200038
- SUSE Bug 1200198