expat-2.4.9-1.el9.1
エラータID: AXSA:2023-4968:02
Release date:
Monday, February 6, 2023 - 04:17
Subject:
expat-2.4.9-1.el9.1
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-43680
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
Solution:
Update packages.
CVEs:
CVE-2022-43680
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
Additional Info:
N/A
Download:
SRPMS
- expat-2.4.9-1.el9.1.src.rpm
MD5: 171579f70ec635005083d64192f631ff
SHA-256: b9d9fa1d44f37e21fe1aaf383d0e506ee39d698c5e27b5347fe54c4b78a8f11d
Size: 7.95 MB
Asianux Server 9 for x86_64
- expat-2.4.9-1.el9.1.x86_64.rpm
MD5: a33762240df308e126ca189a3cd87cf4
SHA-256: cadff565686ee25be89c8a7924ccbfdd3cd9fdddf663ea07653786f2ee78a1f9
Size: 115.74 kB - expat-devel-2.4.9-1.el9.1.x86_64.rpm
MD5: dec2ef250a15b240f24388cb24f45c44
SHA-256: 72a855420a713f54e03b70504120990ff8ef703769fb1f55c5670e7958391226
Size: 52.98 kB - expat-2.4.9-1.el9.1.i686.rpm
MD5: d0331e9a75a777bfda5616988225af79
SHA-256: 92b4a07b1c077e4b2d776f9dc47e658055eea516417f91669f9c1c644036db4c
Size: 118.53 kB - expat-devel-2.4.9-1.el9.1.i686.rpm
MD5: daa2bea3247b47acae2abd131930b1ab
SHA-256: bc8e5b2d116798ad885bc20904bac9da44d144d3f009ffb7e603b9d5cf40a638
Size: 52.99 kB