Oval Definition:oval:org.opensuse.security:def:93304
Revision Date:2022-07-06Version:1
Title: (Important)
Description:

This update for expat fixes the following issues:

- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025). - Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784). - CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026). - CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168). - CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169). - CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
Family:unixClass:patch
Status:Reference(s):1179748
1181483
1196025
1196026
1196168
1196169
1196171
1196784
CVE-2020-27828
CVE-2021-3272
CVE-2022-25235
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
SUSE-SU-2021:0488-1
Platform(s):Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure is installed
  • AND libexpat1-2.4.4-150400.3.6.9 is installed
    • Definition Synopsis
  • SUSE Manager Server 4.0 is installed
  • AND Package Information
  • libjasper-devel-2.0.14-3.19.1 is installed
  • OR libjasper4-2.0.14-3.19.1 is installed
    • BACK