[ol8_baseos_latest] expat-2.2.5-15.0.1.el8_10.x86_64

Name:	expat
Version:	2.2.5
Release:	15.0.1.el8_10
Architecture:	x86_64
Group:	Unspecified
Size:	315460
License:	MIT
RPM:	expat-2.2.5-15.0.1.el8_10.x86_64.rpm
Source RPM:	expat-2.2.5-15.0.1.el8_10.src.rpm
Build Date:	Tue Sep 24 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://libexpat.github.io/
Summary:	An XML parser library
Description:	This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. A start tag is an example of the kind of structures for which you may register handlers.

Changelog (Show File list) (Show related packages)

Tue Sep 24 2024 EL Errata <el-errata_ww@oracle.com> - 2.2.5-15.0.1

- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

Wed Sep 11 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-15
```
- Rebuild for test reconfiguration
```

Wed Sep 11 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-14

- Fix multiple CVEs
- Fix CVE-2024-45492 integer overflow
- Fix CVE-2024-45491 Integer Overflow or Wraparound
- Fix CVE-2024-45490 Negative Length Parsing Vulnerability
- Resolves: RHEL-57505
- Resolves: RHEL-57493
- Resolves: RHEL-56751

Tue Mar 26 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-13
```
- Fix wrongly exposed variables
- Resolves: RHEL-29321
```

Thu Mar 21 2024 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-12

- CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
- Resolves: RHEL-29321

Mon Nov 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-11

- CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
- Resolves: CVE-2022-43680

Fri Sep 30 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-10

- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674

Fri May 06 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-9

- Fix multiple CVEs
- Resolves: CVE-2022-25314
- Resolves: CVE-2022-25313

Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-8

- Improve patch for CVE-2022-25236
- Related: CVE-2022-25236

Fri Mar 04 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.5-7
```
- Fix patch for CVE-2022-25235
- Resolves: CVE-2022-25235
```