Package libexpat: Information
Default inline alert: Version in the repository: 2.5.0-alt1
Binary package: libexpat
Version: 2.4.4-alt1
Architecture: x86_64
Build time: Feb 4, 2022, 08:18 AM in the task #294677
Source package: expat
Category: System/Libraries
Report package bugDownload: libexpat-2.4.4-alt1.x86_64.rpm
Home page: http://www.libexpat.org/
License: MIT
Summary: XML parser library
Description:
Expat is a stream-oriented XML parser written in C. This package provides the Expat parser as a shared library.
Maintainer: Vladimir D. Seleznev
Last changed
Feb. 4, 2022 Vladimir D. Seleznev 2.4.4-alt1
- Updated to 2.4.4 (fixes: CVE-2022-23852 and CVE-2022-23990).
Jan. 18, 2022 Vladimir D. Seleznev 2.4.3-alt1
- Updated to 2.4.3 (with multiple security fixes). - Fixes: + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that can lead to realloc misbehavior; + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog; + CVE-2022-22822 Integer overflows near memory allocation in function addBinding; + CVE-2022-22823 Integer overflows near memory allocation in function build_model; + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute; + CVE-2022-22825 Integer overflows near memory allocation in function lookup; + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart; + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
Dec. 14, 2021 Vladimir D. Seleznev 2.4.1-alt2
- Fixed cmake macros (closes #41571).