search

flatcar / Flatcar

Flatcar project repository for issue tracking, project documentation, etc.
https://www.flatcar.org/
Apache License 2.0
727 stars 31 forks source link

update: expat #1528

Closed dongsupark closed 1 month ago

dongsupark commented 2 months ago

Name: expat CVEs: CVE-2024-45490 CVSSs: 9.8 Action Needed: update to >= 2.6.3

Summary: An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

refmap.gentoo: https://bugs.gentoo.org/938894

dongsupark commented 1 month ago

Cvss score 9.8, critical.

krnowak commented 1 month ago

Backports for other channels: