diff options
| author | Sebastian Pipping <sebastian@pipping.org> | 2022-02-12 01:30:47 +0100 |
|---|---|---|
| committer | Sebastian Pipping <sebastian@pipping.org> | 2022-02-16 02:07:31 +0100 |
| commit | e4d7e49782dafed160f0af8af907681dfd35bda7 (patch) | |
| tree | 375519e69bf6d6f8475c2d61e2d0f6aa351c0056 /expat/Changes | |
| parent | 2de077423fb22750ebea599677d523b53cb93b1d (diff) | |
| download | libexpat-git-e4d7e49782dafed160f0af8af907681dfd35bda7.tar.gz | |
Changes: Document CVE-2022-25236
Diffstat (limited to 'expat/Changes')
| -rw-r--r-- | expat/Changes | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 9c1b5c7b..6198e4ff 100644 --- a/expat/Changes +++ b/expat/Changes @@ -2,6 +2,22 @@ NOTE: We are looking for help with a few things: https://github.com/libexpat/libexpat/labels/help%20wanted If you can help, please get in touch. Thanks! +Release X.X.X XXX XXXXXXX XX XXXX + Security fixes: + #561 CVE-2022-25236 -- Passing (one or more) namespace separator + characters in "xmlns[:prefix]" attribute values + made Expat send malformed tag names to the XML + processor on top of Expat which can cause + arbitrary damage (e.g. code execution) depending + on such unexpectable cases are handled inside the XML + processor; validation was not their job but Expat's. + Exploits with code execution are known to exist. + + Special thanks to: + Ivan Fratric + and + Google Project Zero + Release 2.4.4 Sun January 30 2022 Security fixes: #550 CVE-2022-23852 -- Fix signed integer overflow |