diff options
author | Sebastian Pipping <sebastian@pipping.org> | 2022-01-05 18:23:15 +0100 |
---|---|---|
committer | Sebastian Pipping <sebastian@pipping.org> | 2022-01-05 18:23:42 +0100 |
commit | f82a72271c2c613202e0fb0bd1eeacfa36a8161b (patch) | |
tree | 97baaebff1106b7ea8701aff533725ce237b342f | |
parent | 0adcb34c49bee5b19bd29b16a578c510c23597ea (diff) | |
download | libexpat-git-f82a72271c2c613202e0fb0bd1eeacfa36a8161b.tar.gz |
Changes: Document CVE-2021-45960issue-531-troublesome-shifts
-rw-r--r-- | expat/Changes | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 2cfb5ecd..bd620a7d 100644 --- a/expat/Changes +++ b/expat/Changes @@ -3,6 +3,20 @@ NOTE: We are looking for help with a few things: If you can help, please get in touch. Thanks! Release x.x.x xxx xxxxxxxx xx xxxx + Security fixes: + #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "<r xmlns:a='[..]' a:a123='[..]' [..] />" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + Other changes: #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 #527 #528 Address compiler warnings @@ -10,6 +24,11 @@ Release x.x.x xxx xxxxxxxx xx xxxx Infrastructure: #536 CI: Check for realistic minimum CMake version + Special thanks to: + Tyson Smith + and + GCC Farm Project + Release 2.4.2 Sun December 19 2021 Other changes: #509 #510 Link againgst libm for function "isnan" |