SUSE-SU-2022:0178-1 -- SLES expat, libexpat-devel, libexpat1| ID: oval:org.secpod.oval:def:89047444 | Date: (C)2022-11-04 (M)2024-01-23 |
| Class: PATCH | Family: unix |
This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior . - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog . - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c . - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c . - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c . - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c . - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c . - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c .
| Platform: |
| SUSE Linux Enterprise Server 15 SP3 |
| SUSE Linux Enterprise Desktop 15 SP3 |
| Product: |
| expat |
| libexpat-devel |
| libexpat1 |
