[ubuntu/jammy-updates] expat 2.4.7-1ubuntu0.4 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Sep 17 13:28:14 UTC 2024
expat (2.4.7-1ubuntu0.4) jammy-security; urgency=medium
* SECURITY UPDATE: invalid input length
- CVE-2024-45490-*.patch: adds a check to the XML_ParseBuffer function of
expat/lib/xmlparse.c to identify and error out if a negative length is
provided.
- CVE-2024-45490
* SECURITY UPDATE: integer overflow
- CVE-2024-45491.patch: adds a check to the dtdCopy function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45491
* SECURITY UPDATE: integer overflow
- CVE-2024-45492.patch: adds a check to the nextScaffoldPart function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45492
Date: 2024-09-10 11:35:27.932395+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/expat/2.4.7-1ubuntu0.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list