Ubuntu Security Notice 5638-4 - USN-5638-1 fixed several vulnerabilities in Expat. This update provides the corresponding update for Ubuntu 14.04 ESM. Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
e8573f45eee357d0e6e1aea46a23678438ed02db697e4eb77adc47dd2c099c25=========================================================================
Ubuntu Security Notice USN-5638-4
February 28, 2023
expat vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Expat could be made to crash or execute arbitrary code.
Software Description:
- expat: XML parsing C library
Details:
USN-5638-1 fixed several vulnerabilities in Expat. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Rhodri James discovered that Expat incorrectly handled memory when
processing certain malformed XML files. An attacker could possibly
use this issue to cause a crash or execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
expat 2.1.0-4ubuntu1.4+esm7
libexpat1 2.1.0-4ubuntu1.4+esm7
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5638-4
https://ubuntu.com/security/notices/USN-5638-1
CVE-2022-40674, CVE-2022-43680
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed