diff options
| -rw-r--r-- | expat/Changes | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 98d4f53c..d035bad6 100644 --- a/expat/Changes +++ b/expat/Changes @@ -20,6 +20,16 @@ Release x.x.x xxx xxxxxxxx xx xxxx on variable m_groupSize in function doProlog leading to realloc acting as free. Impact is denial of service or more. + #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. Other changes: #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 |