From 03f0a34b2dd087d0388307c6a72febd44202bb20 Mon Sep 17 00:00:00 2001 From: GLSAMaker Date: Thu, 29 Sep 2022 14:24:39 +0000 Subject: [ GLSA 202209-24 ] Expat: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/791703 Bug: https://bugs.gentoo.org/830422 Bug: https://bugs.gentoo.org/831918 Bug: https://bugs.gentoo.org/833431 Bug: https://bugs.gentoo.org/870097 Signed-off-by: GLSAMaker Signed-off-by: John Helmert III --- glsa-202209-24.xml | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 glsa-202209-24.xml (limited to 'glsa-202209-24.xml') diff --git a/glsa-202209-24.xml b/glsa-202209-24.xml new file mode 100644 index 00000000..218e97d9 --- /dev/null +++ b/glsa-202209-24.xml @@ -0,0 +1,61 @@ + + + + Expat: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. + expat + 2022-09-29 + 2022-09-29 + 791703 + 830422 + 831918 + 833431 + 870097 + remote + + + 2.4.9 + 2.4.9 + + + +

Expat is a set of XML parsing libraries.

+
+ +

Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details.

+
+ +

Please review the referenced CVE identifiers for details.

+
+ +

There is no known workaround at this time.

+
+ +

All Expat users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/expat-2.4.9" + +
+ + CVE-2021-45960 + CVE-2021-46143 + CVE-2022-22822 + CVE-2022-22823 + CVE-2022-22824 + CVE-2022-22825 + CVE-2022-22826 + CVE-2022-22827 + CVE-2022-23852 + CVE-2022-23990 + CVE-2022-25235 + CVE-2022-25236 + CVE-2022-25313 + CVE-2022-25314 + CVE-2022-25315 + CVE-2022-40674 + + ajak + ajak +
\ No newline at end of file -- cgit v1.2.3-65-gdbad