ELSA-2022-0951 -- Oracle expatID: oval:org.secpod.oval:def:1505501 | Date: (C)2022-03-23 (M)2024-04-25 |
Class: PATCH | Family: unix |
[2.2.5-4.3] - Improve fix for CVE-2022-25236 - Related: CVE-2022-25236 [2.2.5-4.2] - Fix multiple CVEs - Resolves: CVE-2022-25236 - Resolves: CVE-2022-25235 - Resolves: CVE-2022-25315 [2.2.5-4.1] - Fix multiple CVEs - CVE-2022-23852 expat: integer overflow in function XML_GetBuffer - CVE-2021-45960 expat: Large number of prefixed XML attributes on a single tag can crash libexpat - CVE-2021-46143 expat: Integer overflow in doProlog in xmlparse.c - CVE-2022-22827 Integer overflow in storeAtts in xmlparse.c - CVE-2022-22826 Integer overflow in nextScaffoldPart in xmlparse.c - CVE-2022-22825 Integer overflow in lookup in xmlparse.c - CVE-2022-22824 Integer overflow in defineAttribute in xmlparse.c - CVE-2022-22823 Integer overflow in build_model in xmlparse.c - CVE-2022-22822 Integer overflow in addBinding in xmlparse.c - Resolves: CVE-2022-23852 - Resolves: CVE-2021-45960 - Resolves: CVE-2021-46143 - Resolves: CVE-2022-22827 - Resolves: CVE-2022-22826 - Resolves: CVE-2022-22825 - Resolves: CVE-2022-22824 - Resolves: CVE-2022-22823 - Resolves: CVE-2022-22822