Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRawNames * expat: Large number of prefixed XML attributes on a single tag can crash libexpat * expat: Integer overflow in doProlog in xmlparse.c * expat: Integer overflow in addBinding in xmlparse.c * expat: Integer overflow in build_model in xmlparse.c * expat: Integer overflow in defineAttribute in xmlparse.c * expat: Integer overflow in lookup in xmlparse.c * expat: Integer overflow in nextScaffoldPart in xmlparse.c * expat: Integer overflow in storeAtts in xmlparse.c * expat: Integer overflow in function XML_GetBuffer For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.