OVMSA-2023-0009 - expat security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2023-05-04 |
Description
[2.0.1-13.0.2]
- Ensure raw tagnames are safe exiting internalEntityParser [CVE-2022-40674][Orabug: 34694174]
[2.0.1-13.0.1]
- Prevent integer overflow in storeRawNames [CVE-2022-25315][Orabug: 34059442]
- Add missing validation of encoding [CVE-2022-25235][Orabug: 34059442]
- Protect against malicious namespace declarations [CVE-2022-25236][Orabug: 34059442]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | expat-2.0.1-13.0.2.el6_8.src.rpm | ec039ae6d1732456c11089615a1bae5772f4b93e01b87c135847742be6bf1c03 | - | ovm3_x86_64_ELS |
| expat-2.0.1-13.0.2.el6_8.x86_64.rpm | 50ba489ddb088b38e48587e9a7c04020b5034538f58ac538f4ba2589e4669407 | - | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
