ELA-686-1 expat security update

Debian 9909 Published by

An expat security update has been released for Debian GNU/Linux 10 to address a heap use-after-free vulnerability.



ELA-686-1 expat security update

Package expat
Version 2.1.0-6+deb8u9 (jessie), 2.2.0-2+deb9u6 (stretch)
Related CVEs CVE-2022-40674

Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.

For Debian 8 jessie, these problems have been fixed in version 2.1.0-6+deb8u9.

For Debian 9 stretch, these problems have been fixed in version 2.2.0-2+deb9u6.

We recommend that you upgrade your expat packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-686-1 expat security update

GLSA 202209-07 : Mrxvt: Arbitrary Code Execution

How to Find Kernel Version on Linux Mint 21

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...