ELSA-2022-6878

ULN >
Oracle Linux Errata repository >
ELSA-2022-6878

ELSA-2022-6878 - expat security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-10-11

Description

[2.2.5-8.0.1.3]
- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

[2.2.5-8.3]
- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674

Related CVEs

CVE-2022-40674

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	expat-2.2.5-8.0.1.el8_6.3.src.rpm	136b5d88ad9d20fe94c4623fdcbb5ca9	-
	expat-2.2.5-8.0.1.el8_6.3.aarch64.rpm	906a75db5d41e7508de02c74fd5f0479	-
	expat-devel-2.2.5-8.0.1.el8_6.3.aarch64.rpm	a9724695be099d7db2b17788a8930786	-

Oracle Linux 8 (x86_64)	expat-2.2.5-8.0.1.el8_6.3.src.rpm	136b5d88ad9d20fe94c4623fdcbb5ca9	-
	expat-2.2.5-8.0.1.el8_6.3.i686.rpm	d2ac170bdd802dc830c1e270af14ff15	-
	expat-2.2.5-8.0.1.el8_6.3.x86_64.rpm	1476f9125167764c1c131752180edb6e	-
	expat-devel-2.2.5-8.0.1.el8_6.3.i686.rpm	575591760faa7fa1562c2fdc4f38079e	-
	expat-devel-2.2.5-8.0.1.el8_6.3.x86_64.rpm	ac82d373e05cb2ae4b99d62656207419	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691