Opened 3 months ago

Closed 2 months ago

Last modified 2 months ago

#5553 closed enhancement (fixed)

expat-2.6.3

Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 12.3
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Joe Locash, 3 months ago

Priority: normalhigh

Release 2.6.3 Wed September 4 2024

Security fixes:

  • CVE-2024-45490 -- Calling function XML_ParseBuffer with len < 0 without noticing and then calling XML_GetBuffer will have XML_ParseBuffer fail to recognize the problem and XML_GetBuffer corrupt memory. With the fix, XML_ParseBuffer now complains with error XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse has been doing since Expat 2.2.1, and now documented. Impact is denial of service to potentially artitrary code execution.
  • CVE-2024-45491 -- Internal function dtdCopy can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution.
  • CVE-2024-45492 -- Internal function nextScaffoldPart can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution.

Other changes:

  • Autotools: Sync CMake templates with CMake 3.28
  • Autotools: Always provide path to find(1) for portability
  • Autotools: Ensure that the m4 directory always exists.
  • Autotools: Simplify handling of SIZEOF_VOID_P
  • Autotools: Support non-GNU sed
  • Autotools|CMake: Fix main() to main(void)
  • Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
  • Autotools|CMake: Stop requiring dos2unix
  • CMake: Fix check for symbols size_t and off_t
  • docs|tests: Convert README to Markdown and update
  • Windows: Drop support for Visual Studio <=15.0/2017
  • Drop needless XML_DTD guards around is_param access
  • Fix typo in a code comment
  • Version info bumped from 10:2:9 (libexpat*.so.1.9.2) to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de for what these numbers do

comment:2 by Bruce Dubbs, 2 months ago

Resolution: fixed
Status: newclosed

Fixed at commit 75c9760329.

Update to tzdata-2024b.
Update to systemd-256.5.
Update to setuptools-74.1.2.
Update to python3-3.12.6.
Update to openssl-3.3.2.
Update to man-db-2.13.0.
Update to linux-6.10.8. 
Update to libpipeline-1.5.8. 
Update to expat-2.6.3. 
Update to bc-7.0.1. 

comment:3 by Douglas R. Reno, 2 months ago

SA-12.2-006 issued

NVD has marked all three of the vulnerabilities as Critical. Anyone using Expat should upgrade their system immediately because of CVE-2024-45490

Note: See TracTickets for help on using tickets.