SUSE-SU-2022:0178-1 -- SLES expat, libexpat-devel, libexpat1ID: oval:org.secpod.oval:def:89047444 | Date: (C)2022-11-04 (M)2024-01-23 |
Class: PATCH | Family: unix |
This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior . - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog . - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c . - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c . - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c . - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c . - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c . - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c .
Platform: |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
expat |
libexpat-devel |
libexpat1 |