diff options
author | Sebastian Pipping <sebastian@pipping.org> | 2022-01-07 23:17:01 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-07 23:17:01 +0100 |
commit | 9dc50735f737eaf6890ad3fd4903db62b03a9ac4 (patch) | |
tree | 97baaebff1106b7ea8701aff533725ce237b342f /expat/Changes | |
parent | 5cde0d78fc454ebc4b5631926e976a764e0bace6 (diff) | |
parent | f82a72271c2c613202e0fb0bd1eeacfa36a8161b (diff) | |
download | libexpat-git-9dc50735f737eaf6890ad3fd4903db62b03a9ac4.tar.gz |
Merge pull request #534 from libexpat/issue-531-troublesome-shifts
[CVE-2021-45960] lib: Detect and prevent troublesome left shifts in function storeAtts (fixes #531)
Diffstat (limited to 'expat/Changes')
-rw-r--r-- | expat/Changes | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 2cfb5ecd..bd620a7d 100644 --- a/expat/Changes +++ b/expat/Changes @@ -3,6 +3,20 @@ NOTE: We are looking for help with a few things: If you can help, please get in touch. Thanks! Release x.x.x xxx xxxxxxxx xx xxxx + Security fixes: + #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "<r xmlns:a='[..]' a:a123='[..]' [..] />" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + Other changes: #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 #527 #528 Address compiler warnings @@ -10,6 +24,11 @@ Release x.x.x xxx xxxxxxxx xx xxxx Infrastructure: #536 CI: Check for realistic minimum CMake version + Special thanks to: + Tyson Smith + and + GCC Farm Project + Release 2.4.2 Sun December 19 2021 Other changes: #509 #510 Link againgst libm for function "isnan" |