6 matches found
expat: Fix of 3 CVEs
CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...
CLSA-2026-1777304792 expat: Fix of 3 CVEs
CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...
expat: a use-after-free in the doContent function in xmlparse.c
A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...
Fedora 31 : expat (2019-613edfe68b)
This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...
Fedora 30 : expat (2019-9505c6b555)
This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...
expat2 -- Fix extraction of namespace prefixes from XML names
expat project reports: Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype...