ELSA-2022-9359

ELSA-2022-9359 - expat security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-05-06

Description


[2.0.1-13.0.1]
- Prevent integer overflow in storeRawNames [CVE-2022-25315][Orabug: 34059442]
- Add missing validation of encoding [CVE-2022-25235][Orabug: 34059442]
- Protect against malicious namespace declarations [CVE-2022-25236][Orabug: 34059442]


Related CVEs


CVE-2022-25235
CVE-2022-25236
CVE-2022-25315

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) expat-2.0.1-13.0.1.el6_8.src.rpm2a84c9914913f342beb957fa3d67da13-
expat-2.0.1-13.0.1.el6_8.i686.rpmb6d9dbe17f8b86904e0d0346bee67457-
expat-devel-2.0.1-13.0.1.el6_8.i686.rpm8e6d34407434d4cc0aecc9732fbcdb09-
Oracle Linux 6 (x86_64) expat-2.0.1-13.0.1.el6_8.src.rpm2a84c9914913f342beb957fa3d67da13-
expat-2.0.1-13.0.1.el6_8.i686.rpmb6d9dbe17f8b86904e0d0346bee67457-
expat-2.0.1-13.0.1.el6_8.x86_64.rpm6c03475c2f8588e255f66de64ac2b0f7-
expat-devel-2.0.1-13.0.1.el6_8.i686.rpm8e6d34407434d4cc0aecc9732fbcdb09-
expat-devel-2.0.1-13.0.1.el6_8.x86_64.rpmc21b86065ede98df0084329b1144c9cc-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete