[ol9_appstream] expat-devel-2.5.0-1.el9_3.1.aarch64

Name:	expat-devel
Version:	2.5.0
Release:	1.el9_3.1
Architecture:	aarch64
Group:	Unspecified
Size:	195911
License:	MIT
RPM:	expat-devel-2.5.0-1.el9_3.1.aarch64.rpm
Source RPM:	expat-2.5.0-1.el9_3.1.src.rpm
Build Date:	Wed Mar 27 2024
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	https://libexpat.github.io/
Summary:	Libraries and header files to develop applications using expat
Description:	The expat-devel package contains the libraries, include files and documentation to develop XML applications with expat.

Changelog (Show File list) (Show related packages)

Tue Feb 13 2024 Tomas Korbar <tkorbar@redhat.com> - 2.5.0-1.1

- CVE-2023-52425: Fix parsing of large tokens
- CVE-2024-28757: Reject direct parameter entity recursion
- Resolves: RHEL-29698
- Resolves: RHEL-29695

Thu Nov 10 2022 Tomas Korbar <tkorbar@redhat.com> - 2.5.0-1
```
- Rebase to version 2.5.0
- Resolves: CVE-2022-43680
```
Thu Sep 29 2022 Tomas Korbar <tkorbar@redhat.com> - 2.4.9-1
```
- Rebase to version 2.4.9
- Resolves: CVE-2022-40674
```

Tue Apr 26 2022 Tomas Korbar <tkorbar@redhat.com> - 2.4.7-1

- Rebase to version 2.4.7
- Resolves: rhbz#2067201
- Resolves: CVE-2022-25313
- Resolves: CVE-2022-25314
- Resolves: CVE-2022-25236

Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.10-11
```
- Improve fix for CVE-2022-25236
- Related: CVE-2022-25236
```

Mon Feb 28 2022 Tomas Korbar <tkorbar@redhat.com> - 2.2.10-10

- Fix multiple CVEs
- CVE-2022-25236 expat: namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
- CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
- CVE-2022-25315 expat: integer overflow in storeRawNames()
- Resolves: CVE-2022-25236
- Resolves: CVE-2022-25235
- Resolves: CVE-2022-25315