SUSE-SU-2022:14878-1 -- SLES expat, libexpat1ID: oval:org.secpod.oval:def:89045924 | Date: (C)2022-02-17 (M)2024-01-23 |
Class: PATCH | Family: unix |
This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior . - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog . - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c . - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c . - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c . - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c . - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c . - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c .
Platform: |
SUSE Linux Enterprise Server 11 SP4 |