[ All 3 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]
×

Project expat-2.2.5-13.el8_10

Name expat
Epoch 0
Version 2.2.5
Release 13.el8_10
Website/URL https://libexpat.github.io/
License MIT
Build Time 2024-05-23 14:04:26
Build Host builder-x86-04.inferitos.ru
Summary An XML parser library
Repositories BaseOS
Description This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. A start tag is an example of the kind of structures for which you may register handlers.
Errata
× Full screenshot
Packages link
Package Summary SHA-256 checksum
x86_64
expat-2.2.5-13.el8_10.x86_64 An XML parser library c0cfa5d6236c56e03c98914ff06b55273d51b0f69041fa2bd1481c31617e3183 download
expat-devel-2.2.5-13.el8_10.x86_64 Libraries and header files to develop applications using expat 996f9ff8af9f0af3f030276dd98bd09b7ec45ea53cd0304ed70d32e8d46678ff download
i686
expat-2.2.5-13.el8_10.i686 An XML parser library b6e90d205d234c413ba07fda72c505a9f6fb67b47ecd82429f4f7455754d1999 download
expat-devel-2.2.5-13.el8_10.i686 Libraries and header files to develop applications using expat a092259fee2558b933a0c08676b61fcc536aa4c9634e22ae0e5b8b0d4985c1b1 download
src
expat-2.2.5-13.el8_10.src An XML parser library 3e1fcc47a6ef616c11bcb74e60e4f0306459b0259e3d6b58feb4f86db0205168 download
Changelog link 
* Tue Mar 26 2024 Tomas Korbar <tkorbar@redhat.com - 2.2.5-13
- Fix wrongly exposed variables
- Resolves: RHEL-29321

* Thu Mar 21 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-12
- CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
- Resolves: RHEL-29321

* Tue Jul 25 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 2.2.5-11
- Rebuilt for MSVSphere 8.8

* Mon Nov 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-11
- CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
- Resolves: CVE-2022-43680

* Fri Sep 30 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-10
- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674

* Fri May 06 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-9
- Fix multiple CVEs
- Resolves: CVE-2022-25314
- Resolves: CVE-2022-25313

* Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-8
- Improve patch for CVE-2022-25236
- Related: CVE-2022-25236

* Fri Mar 04 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-7
- Fix patch for CVE-2022-25235
- Resolves: CVE-2022-25235

* Thu Mar 03 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-6
- Fix multiple CVEs
- CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
- CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
- CVE-2022-25315 expat: integer overflow in storeRawNames()
- Resolves: CVE-2022-25236
- Resolves: CVE-2022-25235
- Resolves: CVE-2022-25315

* Mon Feb 14 2022 Tomas Korbar <tkorbar@redhat.com> -  2.2.5-5
- Fix multiple CVEs
- CVE-2022-23852 expat: integer overflow in function XML_GetBuffer
- CVE-2021-45960 expat: Large number of prefixed XML attributes on a single tag can crash libexpat
- CVE-2021-46143 expat: Integer overflow in doProlog in xmlparse.c
- CVE-2022-22827 Integer overflow in storeAtts in xmlparse.c
- CVE-2022-22826 Integer overflow in nextScaffoldPart in xmlparse.c
- CVE-2022-22825 Integer overflow in lookup in xmlparse.c
- CVE-2022-22824 Integer overflow in defineAttribute in xmlparse.c
- CVE-2022-22823 Integer overflow in build_model in xmlparse.c
- CVE-2022-22822 Integer overflow in addBinding in xmlparse.c
- Resolves: CVE-2022-23852
- Resolves: CVE-2021-45960
- Resolves: CVE-2021-46143
- Resolves: CVE-2022-22827
- Resolves: CVE-2022-22826
- Resolves: CVE-2022-22825
- Resolves: CVE-2022-22824
- Resolves: CVE-2022-22823
- Resolves: CVE-2022-22822