OVMSA-2023-0009 - expat security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-05-04 |
Description
[2.0.1-13.0.2]
- Ensure raw tagnames are safe exiting internalEntityParser [CVE-2022-40674][Orabug: 34694174]
[2.0.1-13.0.1]
- Prevent integer overflow in storeRawNames [CVE-2022-25315][Orabug: 34059442]
- Add missing validation of encoding [CVE-2022-25235][Orabug: 34059442]
- Protect against malicious namespace declarations [CVE-2022-25236][Orabug: 34059442]
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3 (x86_64) | expat-2.0.1-13.0.2.el6_8.src.rpm | b2a8097f9874be68cd772fd84d32c671 | - |
| expat-2.0.1-13.0.2.el6_8.x86_64.rpm | 1f0fe0207f28cae82cf2fa1e38b11f1e | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
