diff options
| author | Sebastian Pipping <sebastian@pipping.org> | 2022-01-13 19:56:36 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-13 19:56:36 +0100 |
| commit | 919a2bec5e12e6285031308e6da86f250b21d166 (patch) | |
| tree | 1a09e20612cef979877ca0e15df9ac796d56f54b /expat/Changes | |
| parent | 82c11af9d3dafc1b086a15efecd6ec07b6e13613 (diff) | |
| parent | 8e9f6ea08c0fdded06efcc4c124872bb4c82c89e (diff) | |
| download | libexpat-git-919a2bec5e12e6285031308e6da86f250b21d166.tar.gz | |
Merge pull request #539 from libexpat/prevent-more-integer-overflows
[CVE-2022-22822 to CVE-2022-22827] lib: Prevent more integer overflows
Diffstat (limited to 'expat/Changes')
| -rw-r--r-- | expat/Changes | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 98d4f53c..d035bad6 100644 --- a/expat/Changes +++ b/expat/Changes @@ -20,6 +20,16 @@ Release x.x.x xxx xxxxxxxx xx xxxx on variable m_groupSize in function doProlog leading to realloc acting as free. Impact is denial of service or more. + #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. Other changes: #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 |