Download
| Alert*
|
oval:org.secpod.oval:def:2600531
Expat is a C library for parsing XML documents. oval:org.secpod.oval:def:1507414 [2.5.0-1.1] - CVE-2023-52425: Fix parsing of large tokens - CVE-2024-28757: Reject direct parameter entity recursion - Resolves: RHEL-29698 - Resolves: RHEL-29695 oval:org.secpod.oval:def:3302674 Security update for expat oval:org.secpod.oval:def:708829 expat: XML parsing C library Expat could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:89051733 This update for expat fixes the following issues: * CVE-2023-52425: Fixed a DoS caused by processing large tokens. * CVE-2024-28757: Fixed an XML Entity Expansion oval:org.secpod.oval:def:98756 expat: XML parsing C library Expat could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:509158 Expat is a C library for parsing XML documents. Security Fix: expat: parsing large tokens can trigger a denial of service expat: XML Entity Expansion oval:org.secpod.oval:def:509165 Expat is a C library for parsing XML documents. Security Fix: expat: parsing large tokens can trigger a denial of service For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References sec ... oval:org.secpod.oval:def:3302526 Security update for python310 oval:org.secpod.oval:def:2108560 Oracle Solaris 11 - ( CVE-2023-52425 ) oval:org.secpod.oval:def:99737 The host is missing a patch containing a security fixes, which affects the following package(s): Python oval:org.secpod.oval:def:1507477 [115.10.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.10.0-2] - Update to 115.10.0 build2 [115.10.0-1] - Update to 115.10.0 build1 - Revert expat CVE-2023-52425 fix oval:org.secpod.oval:def:89051918 This update for python36 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number . * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb . * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.Temporary ... oval:org.secpod.oval:def:1507412 [115.9.0-1.0.1] - Add Oracle prefs [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:89051718 This update for python310 fixes the following issues: * CVE-2024-0450: Fixed "quoted-overlap" in zipfile module is python310 * CVE-2023-52425: Fixed denial of service caused by processing large tokens in expat module in python310 * CVE-2023-6597: Fixed tempfile.TemporaryDirectory fails on removing ... oval:org.secpod.oval:def:1507552 [3.6.8-62.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-62] - Security fix for CVE-2024-0450 Resolves: RHEL-33683 [3.6.8-61] - Security fix for CVE-2023-6597 Resolves: RHEL-33671 [3.6.8-60] - Fix build with expat with fixed CVE-2023-52425 Related: RHEL-33671 oval:org.secpod.oval:def:1507475 [115.10.0-2.0.1] - Add Oracle prefs [115.10.0] - Add OpenELA debranding [115.10.0-2] - Update to 115.10.0 build2 [115.10.0-1] - Update to 115.10.0 build1 - Revert expat CVE-2023-52425 fix oval:org.secpod.oval:def:1507410 [115.9.0-1.0.1] - Add Oracle prefs [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:127386 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:1507415 [115.9.1-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115 ... oval:org.secpod.oval:def:89051891 This update for python fixes the following issues: * CVE-2023-52425: Fixed using the system libexpat . * CVE-2023-27043: Modifed fix for unicode string handling in email.utils.parseaddr . * CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq . Bug fixes: * Switch off tests. ONLY ... oval:org.secpod.oval:def:127273 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:127550 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:4501556 Expat is a C library for parsing XML documents. Security Fix: * expat: parsing large tokens can trigger a denial of service For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References s ... oval:org.secpod.oval:def:89051906 This update for python3 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number . * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb . oval:org.secpod.oval:def:1507485 [115.10.0-2.0.1] - Add Oracle prefs - Add OpenELA debranding [115.10.0-2] - Update to 115.10.0 build2 [115.10.0-1] - Update to 115.10.0 build1 - Revert expat CVE-2023-52425 fix oval:org.secpod.oval:def:1507441 [2.2.5-11.0.1.1] - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314] [2.2.5-11.1] - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service - Resolves: RHEL-29321 oval:org.secpod.oval:def:2501358 Expat is a C library for parsing XML documents. oval:org.secpod.oval:def:1507408 [115.9.1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.9.1] - Add debranding patches - Add OpenELA default preferences [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-5242 ... oval:org.secpod.oval:def:127415 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:89051843 This update for python311 fixes the following issues: * CVE-2024-0450: Fixed "quoted-overlap" issue inside the zipfile module . * CVE-2023-6597: Fixed removing tempfile.TemporaryDirectory in some edge cases related to symlinks . * CVE-2023-52425: Fixed denial of service caused by processing large t ... oval:org.secpod.oval:def:89051700 This update for python39 fixes the following issues: * CVE-2023-52425: Fixed denial of service caused by processing large tokens in expat . * CVE-2023-6597: Fixed symlink race condition in tempfile.TemporaryDirectory . * CVE-2024-0450: Fixed "quoted-overlap" in zipfile module . The following non-se ... oval:org.secpod.oval:def:89051887 This update for python3 fixes the following issues: * CVE-2023-52425: Fixed etree XMLPullParser tests for Expat greater than=2.6.0 with reparse deferral . oval:org.secpod.oval:def:3302541 Security update for python310 oval:org.secpod.oval:def:1507406 [115.9.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 oval:org.secpod.oval:def:127279 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:1507407 [115.9.1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.9.1] - Add debranding patches - Add OpenELA default preferences [115.9.1-1] - Update to 115.9.1 [115.9.0-2] - Update to 115.9.0 build2 [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-5242 ... |
