ELSA-2023-0103

ULN >
Oracle Linux Errata repository >
ELSA-2023-0103

ELSA-2023-0103 - expat security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-01-12

Description

[2.2.5-10.0.1]
- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

[2.2.5-10.1]
- CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
- Resolves: CVE-2022-43680

Related CVEs

CVE-2022-43680

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	expat-2.2.5-10.0.1.el8_7.1.src.rpm	fd8029b6fac9cedea9b6ca9f8028e96e	-
	expat-2.2.5-10.0.1.el8_7.1.aarch64.rpm	81fd68bac9c9371a38c7ea2846af4c3b	-
	expat-devel-2.2.5-10.0.1.el8_7.1.aarch64.rpm	6980db3cbede7cf948d664dcbff9b5ec	-

Oracle Linux 8 (x86_64)	expat-2.2.5-10.0.1.el8_7.1.src.rpm	fd8029b6fac9cedea9b6ca9f8028e96e	-
	expat-2.2.5-10.0.1.el8_7.1.i686.rpm	fa2f98f0cc27c64bf7fe1f0a6ed5a57d	-
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	1847b8b4646678e00f12096887a8ef90	-
	expat-devel-2.2.5-10.0.1.el8_7.1.i686.rpm	e15eb1dc46569c822e81ea8968ac638f	-
	expat-devel-2.2.5-10.0.1.el8_7.1.x86_64.rpm	097cce877608cf7fa9900d871b03e48d	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691