Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: expat #1577

Open
dongsupark opened this issue Nov 4, 2024 · 0 comments · May be fixed by flatcar/scripts#2475
Open

update: expat #1577

dongsupark opened this issue Nov 4, 2024 · 0 comments · May be fixed by flatcar/scripts#2475
Labels
advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS security security concerns

Comments

@dongsupark
Copy link
Member

dongsupark commented Nov 4, 2024

Name: expat
CVEs: CVE-2024-50602
CVSSs: 5.9 (https://www.cve.org/CVERecord?id=CVE-2024-50602)
Action Needed: TBD, update to >= 2.6.4

Summary: An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

See also https://bugzilla.redhat.com/show_bug.cgi?id=2321987, libexpat/libexpat#915.

refmap.gentoo: https://bugs.gentoo.org/942969

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS security security concerns
Projects
Development

Successfully merging a pull request may close this issue.

1 participant