expat-2.1.0-14.el7
エラータID: AXSA:2022-3129:02
Expat is a C library for parsing XML documents.
Security Fix(es):
expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code
execution (CVE-2022-25235)
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values
can lead to arbitrary code execution (CVE-2022-25236)
expat: Integer overflow in storeRawNames() (CVE-2022-25315)
expat: Large number of prefixed XML attributes on a single tag can crash
libexpat (CVE-2021-45960)
expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)
expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)
expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)
expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)
expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)
expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)
expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)
expat: Integer overflow in function XML_GetBuffer (CVE-2022-23852)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2022-25235
CVE-2022-25236
CVE-2022-25315
CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-23852
Update packages.
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
N/A
SRPMS
- expat-2.1.0-14.el7.src.rpm
MD5: 62f40fc477a7aa0d16c7ccd1e25b035a
SHA-256: 49805c3ad1004faef688032c9c016100f2bd9df141fcf4d2628a34885277c3da
Size: 581.19 kB
Asianux Server 7 for x86_64
- expat-2.1.0-14.el7.x86_64.rpm
MD5: efea27c9550d8a690ba4db0e95a774f1
SHA-256: afa78bc355539728d613ab05507d90387083d3fc3ee099977e6bebad2bb71be3
Size: 81.70 kB - expat-devel-2.1.0-14.el7.x86_64.rpm
MD5: e29ad26833678f2f590b8efb4da653f6
SHA-256: 41b6378824fcda31a1dde3784956e84bba354ce4c43d6790cc5bf2364133ae58
Size: 57.19 kB - expat-2.1.0-14.el7.i686.rpm
MD5: 07e509755efe31d748fe70ec41fd58b1
SHA-256: 6b4e1408d17ce222e6df6cd144fae8b2ec0fcc965e7b7b7292c8e663611c05c8
Size: 81.49 kB - expat-devel-2.1.0-14.el7.i686.rpm
MD5: 1db378dd2bff11d47f3c922cc96bc269
SHA-256: 4e7cb6061c1697280f31a2611c9de8f64c5a17613eaee371405eeeaa35ef1026
Size: 57.22 kB
日本語