[ol8_baseos_latest] expat-devel-2.2.5-16.0.1.el8_10.aarch64

The expat-devel package contains the libraries, include files and documentation
to develop XML applications with expat.

Changelog (Show File list) (Show related packages)

• Tue Nov 12 2024 EL Errata <el-errata_ww@oracle.com> - 2.2.5-16.0.1

  - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

• Fri Nov 08 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-16

  - Fix CVE-2024-50602
  - Resolves: RHEL-65062

• Wed Sep 11 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-15

  - Rebuild for test reconfiguration

• Wed Sep 11 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-14

  - Fix multiple CVEs
  - Fix CVE-2024-45492 integer overflow
  - Fix CVE-2024-45491 Integer Overflow or Wraparound
  - Fix CVE-2024-45490 Negative Length Parsing Vulnerability
  - Resolves: RHEL-57505
  - Resolves: RHEL-57493
  - Resolves: RHEL-56751

• Tue Mar 26 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-13

  - Fix wrongly exposed variables
  - Resolves: RHEL-29321

• Thu Mar 21 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-12

  - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
  - Resolves: RHEL-29321

• Mon Nov 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-11

  - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
  - Resolves: CVE-2022-43680

• Fri Sep 30 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-10

  - Ensure raw tagnames are safe exiting internalEntityParser
  - Resolves: CVE-2022-40674

• Fri May 06 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-9

  - Fix multiple CVEs
  - Resolves: CVE-2022-25314
  - Resolves: CVE-2022-25313

• Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-8

  - Improve patch for CVE-2022-25236
  - Related: CVE-2022-25236