update: expat #1577

dongsupark · 2024-11-04T12:18:14Z

Name: expat
CVEs: CVE-2024-50602
CVSSs: 5.9 (https://www.cve.org/CVERecord?id=CVE-2024-50602)
Action Needed: TBD, update to >= 2.6.4

Summary: An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

See also https://bugzilla.redhat.com/show_bug.cgi?id=2321987, libexpat/libexpat#915.

refmap.gentoo: https://bugs.gentoo.org/942969

dongsupark added security security concerns advisory security advisory labels Nov 4, 2024

dongsupark added this to Flatcar tactical, release planning, and roadmap Nov 4, 2024

github-project-automation bot moved this to 📝 Needs Triage in Flatcar tactical, release planning, and roadmap Nov 4, 2024

dongsupark moved this from 📝 Needs Triage to 🪵Backlog in Flatcar tactical, release planning, and roadmap Nov 4, 2024

github-actions bot mentioned this issue Nov 22, 2024

Monthly contributions report 2024-10-22 - 2024-11-21 #1585

Closed

dongsupark added the cvss/MEDIUM >= 4 && < 7 assessed CVSS label Nov 26, 2024

krnowak mentioned this issue Nov 27, 2024

Weekly portage-stable package updates 2024-11-25 flatcar/scripts#2475

Merged

2 tasks

krnowak closed this as completed in flatcar/scripts#2475 Dec 12, 2024

github-project-automation bot moved this from 🪵Backlog to Implemented in Flatcar tactical, release planning, and roadmap Dec 12, 2024

github-actions bot mentioned this issue Dec 22, 2024

Monthly contributions report 2024-11-22 - 2024-12-21 #1603

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update: expat #1577

update: expat #1577

dongsupark commented Nov 4, 2024 •

edited

Loading

update: expat #1577

update: expat #1577

Comments

dongsupark commented Nov 4, 2024 • edited Loading

dongsupark commented Nov 4, 2024 •

edited

Loading