Package expat: Information

    Source package: expat
    Version: 2.4.3-alt1
    Build time:  Jan 31, 2022, 06:13 PM in the task #293696
    Category: System/Base
    Report package bug
    License: MIT
    Summary: An XML parser written in C
    Description: 
    Expat is a stream-oriented XML parser written in C.

    List of rpms provided by this srpm:
    expat (x86_64, ppc64le, i586, armh, aarch64)
    expat-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
    libexpat (x86_64, ppc64le, i586, armh, aarch64)
    libexpat-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
    libexpat-devel (x86_64, ppc64le, i586, armh, aarch64)



      1. gcc-c++

    Last changed


    Jan. 18, 2022 Vladimir D. Seleznev 2.4.3-alt1
    - Updated to 2.4.3 (with multiple security fixes).
    - Fixes:
      + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
        can lead to realloc misbehavior;
      + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
      + CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
      + CVE-2022-22823 Integer overflows near memory allocation in function build_model;
      + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
      + CVE-2022-22825 Integer overflows near memory allocation in function lookup;
      + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
      + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
    Dec. 14, 2021 Vladimir D. Seleznev 2.4.1-alt2
    - Fixed cmake macros (closes #41571).
    Dec. 13, 2021 Vladimir D. Seleznev 2.4.1-alt1
    - Updated to 2.4.1.