system environment/libraries

expat - An XML parser library

Website: http://www.libexpat.org/
License: MIT
Vendor: Scientific Linux
Description:
This is expat, the C library for parsing XML, written by James Clark. Expat
is a stream oriented XML parser. This means that you register handlers with
the parser prior to starting the parse. These handlers are called when the
parser discovers the associated structures in the document being parsed. A
start tag is an example of the kind of structures for which you may
register handlers.

Packages

expat-2.1.0-15.el7_9.x86_64 [79 KiB] Changelog by Tomas Korbar (2022-10-03):
- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674
expat-2.1.0-15.el7_9.i686 [78 KiB] Changelog by Tomas Korbar (2022-10-03):
- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674
expat-2.1.0-14.el7_9.x86_64 [78 KiB] Changelog by Tomas Korbar (2022-03-21):
- Fix multiple CVEs
- CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
- CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
- CVE-2022-25315 expat: integer overflow in storeRawNames()
- Resolves: CVE-2022-25236
- Resolves: CVE-2022-25235
- Resolves: CVE-2022-25315
expat-2.1.0-14.el7_9.i686 [78 KiB] Changelog by Tomas Korbar (2022-03-21):
- Fix multiple CVEs
- CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
- CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
- CVE-2022-25315 expat: integer overflow in storeRawNames()
- Resolves: CVE-2022-25236
- Resolves: CVE-2022-25235
- Resolves: CVE-2022-25315

Listing created by Repoview-0.6.6-4.el7