diff options
-rw-r--r-- | expat/Changes | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/expat/Changes b/expat/Changes index 5ff5da5e..ec1f7604 100644 --- a/expat/Changes +++ b/expat/Changes @@ -10,12 +10,18 @@ Release x.x.x xxx xxxxxxx xx xxxx for when XML_CONTEXT_BYTES is defined to >0 (which is both common and default). Impact is denial of service or more. + #551 CVE-2022-23990 -- Fix unsigned integer overflow in function + doProlog triggered by large content in element type + declarations when there is an element declaration handler + present (from a prior call to XML_SetElementDeclHandler). + Impact is denial of service or more. Bug fixes: #544 #545 xmlwf: Fix a memory leak on output file opening error Special thanks to: hwt0415 + Roland Illig Samanta Navarro and Clang LeakSan and the Clang team |