Advisory: CLSA-2022:1664192553
OS: Ubuntu 16.04 ELS
Public date: 2022-09-26 00:00:00
Project: expat
Version: 2.1.0-7ubuntu0.16.04.5+tuxcare.els2
Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1664192553.html
* SECURITY UPDATE: Unsafe exiting internalEntityParser - debian/patches/CVE-2022-40674.patch: Ensure raw tagnames are safe exiting internalEntityParser - CVE-2022-40674 * tests were activated * some leaks fixed: - debian/patches/fix-leak-xmlparse.patch: tidy up attribute prefix bindings on error (fixes #17) - debian/patches/fix-tests-leak.patch: free the external entity parser in external_entity_loader_set_encoding() - debian/patches/fix-tests-leak2.patch: free the content model in dummy_element_decl_handler() - debian/patches/dispose-test-stuff.patch: removes some of the memory leaks discovered by AddressSanitizer in the test suite (Issue #23)
Update command: apt-get update apt-get --only-upgrade install expat*
expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb