import expat-2.2.5-8.el8
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
c63431ee37
commit
3a5027d247
|
|
@ -3,7 +3,7 @@
|
|||
Summary: An XML parser library
|
||||
Name: expat
|
||||
Version: %(echo %{unversion} | sed 's/_/./g')
|
||||
Release: 4%{?dist}.3
|
||||
Release: 8%{?dist}
|
||||
Source: https://github.com/libexpat/libexpat/archive/R_%{unversion}.tar.gz#/expat-%{version}.tar.gz
|
||||
URL: https://libexpat.github.io/
|
||||
License: MIT
|
||||
|
|
@ -93,17 +93,24 @@ make check
|
|||
%{_libdir}/lib*.a
|
||||
|
||||
%changelog
|
||||
* Tue Mar 15 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-4.3
|
||||
- Improve fix for CVE-2022-25236
|
||||
* Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-8
|
||||
- Improve patch for CVE-2022-25236
|
||||
- Related: CVE-2022-25236
|
||||
|
||||
* Mon Mar 07 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-4.2
|
||||
* Fri Mar 04 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-7
|
||||
- Fix patch for CVE-2022-25235
|
||||
- Resolves: CVE-2022-25235
|
||||
|
||||
* Thu Mar 03 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-6
|
||||
- Fix multiple CVEs
|
||||
- CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
|
||||
- CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
|
||||
- CVE-2022-25315 expat: integer overflow in storeRawNames()
|
||||
- Resolves: CVE-2022-25236
|
||||
- Resolves: CVE-2022-25235
|
||||
- Resolves: CVE-2022-25315
|
||||
|
||||
* Wed Feb 16 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-4.1
|
||||
* Fri Feb 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-5
|
||||
- Fix multiple CVEs
|
||||
- CVE-2022-23852 expat: integer overflow in function XML_GetBuffer
|
||||
- CVE-2021-45960 expat: Large number of prefixed XML attributes on a single tag can crash libexpat
|
||||
|
|
|
|||
Loading…
Reference in New Issue