3 matches found
CLSA-2026-1776440644 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...
CLSA-2026-1776776980 Fix CVE(s): CVE-2023-52425
SECURITY UPDATE: quadratic re-parsing DoS with large tokens - debian/patches/CVE-2023-52425.patch: add callProcessor wrapper with reparse deferral heuristic in expat/lib/xmlparse.c, add XMLSetReparseDeferralEnabled API in expat/lib/expat.h. - CVE-2023-52425...
CLSA-2026-1776441540 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...