Commit Graph

20 Commits

Author SHA1 Message Date
Tomas Korbar
d83af87ffc Fix parsing of large tokens 2024-03-21 01:32:53 +00:00
Tomas Korbar
e4844ef25b Fix enhanced TMT testing for centos-stream
Resolves: rhbz#2182334
2023-03-28 14:46:51 +02:00
Tomas Korbar
85397ce7fe Enable enhanced TMT testing for centos-stream
Resolves: rhbz#2182334
2023-03-28 12:55:00 +02:00
Tomas Korbar
44271faf92 Rebase to version 2.5.0
Resolves: CVE-2022-43680
2022-11-10 14:41:51 +01:00
Tomas Korbar
368d60e123 Rebase to version 2.4.9
Resolves: CVE-2022-40674
2022-09-29 16:43:56 +02:00
Tomas Korbar
0947457fd1 Rebase to version 2.4.7
Resolves: rhbz#2067201
Resolves: CVE-2022-25313
Resolves: CVE-2022-25314
Resolves: CVE-2022-25236
2022-04-26 10:34:22 +02:00
Tomas Korbar
f23fd2fa9c Improve fix for CVE-2022-25236
Related: CVE-2022-25236
2022-03-14 10:29:27 +01:00
Tomas Korbar
6c4005223e Fix multiple CVEs
CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
CVE-2022-25315 expat: integer overflow in storeRawNames()
Resolves: CVE-2022-25236
Resolves: CVE-2022-25235
Resolves: CVE-2022-25315
2022-03-02 12:27:09 +01:00
Tomas Korbar
66503cfe5b CVE-2022-23852 expat: integer overflow in function XML_GetBuffer
Resolves: CVE-2022-23852
2022-02-10 14:17:38 +01:00
Tomas Korbar
21e8e5c32d CVE-2021-45960 expat: Large number of prefixed XML attributes on a single tag can crash libexpat
Resolves: CVE-2021-45960
2022-02-10 13:59:03 +01:00
Tomas Korbar
d183ecbb95 CVE-2021-46143 expat: Integer overflow in doProlog in xmlparse.c
Resolves: CVE-2021-46143
2022-02-09 15:04:56 +01:00
Tomas Korbar
4ccf989c09 CVE-2022-22827 Integer overflow in storeAtts in xmlparse.c
CVE-2022-22826 Integer overflow in nextScaffoldPart in xmlparse.c
CVE-2022-22825 Integer overflow in lookup in xmlparse.c
CVE-2022-22824 Integer overflow in defineAttribute in xmlparse.c
CVE-2022-22823 Integer overflow in build_model in xmlparse.c
CVE-2022-22822 Integer overflow in addBinding in xmlparse.c
Resolves: CVE-2022-22827
Resolves: CVE-2022-22826
Resolves: CVE-2022-22825
Resolves: CVE-2022-22824
Resolves: CVE-2022-22823
Resolves: CVE-2022-22822
2022-02-09 13:27:16 +01:00
Tomas Korbar
020338314d CVE-2022-23990 expat: integer overflow in the doProlog function
Resolve: rhbz#2050503
2022-02-07 12:39:27 +01:00
Mohan Boddu
799d8d6c63 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 19:57:57 +00:00
Joe Orton
7a7f76f2db Batch update to add gating.yaml. 2021-08-06 10:03:10 +01:00
Mohan Boddu
72deca4da7 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-04-15 23:15:46 +00:00
DistroBaker
273c7af3c8 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/expat.git#8411329151aeaf7912f302d6d03e94a46b419bf0
2021-02-03 13:28:37 +01:00
Troy Dawson
7f2193629c RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/expat#3a708d8fdaea815d3c4207d2eb49dbb5358d73bc
2020-11-16 12:55:59 -08:00
Petr Šabata
7d51ef12ab RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/expat#2c7d944e47db8b7f227d7dc512972aadd9080e88
2020-10-15 00:10:40 +02:00
Release Configuration Management
123b2197e5 New branch setup 2020-10-08 11:53:55 +00:00