Revisions of expat
buildservice-autocommit
accepted
request 947286
from
Dirk Mueller (dirkmueller)
(revision 9)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 8)
- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480):
Dirk Mueller (dirkmueller)
committed
(revision 7)
- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474): * CVE-2021-45960 -- Fix issues with left shifts by >=29 places resulting in a) realloc acting as free b) realloc allocating too few bytes c) undefined behavior depending on architecture and precise value for XML documents with >=2^27+1 prefixed attributes on a single XML tag a la "<r xmlns:a='[..]' a:a123='[..]' [..] />" where XML_ParserCreateNS is used to create the parser (which needs argument "-n" when running xmlwf). Impact is denial of service, or more. * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow on variable m_groupSize in function doProlog leading to realloc acting as free. Impact is denial of service or more. * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows near memory allocation at multiple places. Mitre assigned a dedicated CVE for each involved internal C function: - CVE-2022-22822 for function addBinding - CVE-2022-22823 for function build_model - CVE-2022-22824 for function defineAttribute - CVE-2022-22825 for function lookup - CVE-2022-22826 for function nextScaffoldPart - CVE-2022-22827 for function storeAtts Impact is denial of service or more.
buildservice-autocommit
accepted
request 942803
from
Dirk Mueller (dirkmueller)
(revision 6)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 5)
- update to 2.4.2: * Link againgst libm for function "isnan" * Include expat_config.h as early as possible * Autotools: Include files with release archives: - buildconf.sh - fuzz/*.c * Autotools: Sync CMake templates * docs: Document that function XML_GetBuffer may return NULL when asking for a buffer of 0 (zero) bytes size * docs: Fix return value docs for both XML_SetBillionLaughsAttackProtection* functions * Version info bumped from 9:1:8 to 9:2:8
Dirk Mueller (dirkmueller)
committed
(revision 4)
buildservice-autocommit
accepted
request 883120
from
Dirk Mueller (dirkmueller)
(revision 3)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 2)
- update to 2.3.0: * When calling XML_ParseBuffer without a prior successful call to XML_GetBuffer as a user, no longer trigger undefined behavior (by adding an integer to a NULL pointer) but rather return XML_STATUS_ERROR and set the error code to (new) code XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) of Clang 11 (but not Clang 9). * xmlwf: Exit status 2 was used for both: - malformed input files (documented) and - invalid command-line arguments (undocumented). case of invalid command-line arguments now has its own exit status 4, resolving the ambiguity. * Other changes
Dirk Mueller (dirkmueller)
committed
(revision 1)
Displaying all 9 revisions