ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2024:1726163032

OS: CentOS 8.4 ELS

Public date: 2024-09-12 13:43:54

Project: expat

Version: 2.2.5-13.el8.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/centos8.4els/CLSA-2024-1726163032.html

Changelog

- The release version was raised because it corresponds to version 13 - CVE-2024-45490: reject negative len for XML_ParseBuffer to prevent improper restriction of XML External Entity Reference - CVE-2024-45491: prevent integer overflow in dtdCopy - CVE-2024-45492: prevent integer overflow in nextScaffoldPart

Update

Update command: dnf update expat*

Packages list

expat-2.2.5-13.el8.tuxcare.els1.i686.rpm expat-2.2.5-13.el8.tuxcare.els1.x86_64.rpm expat-devel-2.2.5-13.el8.tuxcare.els1.i686.rpm expat-devel-2.2.5-13.el8.tuxcare.els1.x86_64.rpm expat-static-2.2.5-13.el8.tuxcare.els1.x86_64.rpm

CVEs

CVE-2024-45491

CVE-2024-45492

CVE-2024-45490