Package "libexpat1-dev"
Name: |
libexpat1-dev
|
Description: |
XML parsing C library - development kit
|
Latest version: |
2.4.7-1ubuntu0.4 |
Release: |
jammy (22.04) |
Level: |
updates |
Repository: |
main |
Head package: |
expat |
Homepage: |
https://libexpat.github.io/ |
Links
Download "libexpat1-dev"
Other versions of "libexpat1-dev" in Jammy
Changelog
expat (2.4.7-1ubuntu0.4) jammy-security; urgency=medium
* SECURITY UPDATE: invalid input length
- CVE-2024-45490-*.patch: adds a check to the XML_ParseBuffer function of
expat/lib/xmlparse.c to identify and error out if a negative length is
provided.
- CVE-2024-45490
* SECURITY UPDATE: integer overflow
- CVE-2024-45491.patch: adds a check to the dtdCopy function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45491
* SECURITY UPDATE: integer overflow
- CVE-2024-45492.patch: adds a check to the nextScaffoldPart function of
expat/lib/xmlparse.c to detect and prevent an integer overflow.
- CVE-2024-45492
-- Ian Constantin <email address hidden> Tue, 10 Sep 2024 13:17:45 +0300
|
Source diff to previous version |
CVE-2024-45490 |
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. |
CVE-2024-45491 |
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT |
CVE-2024-45492 |
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (wh |
|
expat (2.4.7-1ubuntu0.3) jammy-security; urgency=medium
* SECURITY UPDATE: denial-of-service
- debian/patches/CVE-2023-52425.patch: Speed up parsing of big tokens.
- CVE-2023-52425
* SECURITY UPDATE: denial-of-service
- debian/patches/CVE-2024-28757.patch: Detect billion laughs attack with
isolated external parser.
- CVE-2024-28757
-- Fabian Toepfer <email address hidden> Wed, 13 Mar 2024 14:28:54 +0100
|
Source diff to previous version |
CVE-2023-52425 |
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for w |
CVE-2024-28757 |
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCrea |
|
expat (2.4.7-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free
- debian/patches/CVE-2022-43680-1.patch: adds tests to cover
DTD destruction in XML_ExternalEntityParserCreate in
expat/tests/runtests.c.
- debian/patches/CVE-2022-43680-2.patch: fix overeager DTD
destruction in XML_ExternalEntityParserCreate in
expat/lib/xmlparse.c.
- CVE-2022-43680
-- David Fernandez Gonzalez <email address hidden> Fri, 18 Nov 2022 12:21:42 +0100
|
Source diff to previous version |
CVE-2022-43680 |
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memo |
|
expat (2.4.7-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Use-after-free in doContent
- debian/patches/CVE-2022-40674.patch: ensure storeRawNames()
is always called in func internalEntityProcessor if handling
unbalanced tags in expat/lib/xmlparse.c.
- CVE-2022-40674
-- David Fernandez Gonzalez <email address hidden> Tue, 15 Nov 2022 16:01:53 +0100
|
CVE-2022-40674 |
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. |
|
About
-
Send Feedback to @ubuntu_updates