## This update for expat fixes the following issues: Version update to 2.7.1: * Bug fixes: * Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0); affected API functions are: * XML_GetCurrentByteCount * XML_GetCurrentByteIndex * XML_GetCurrentColumnNumber * XML_GetCurrentLineNumber * XML_GetInputContext * Other changes: #976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}" with Automake that were missing from 2.7.0 release tarballs #983 #984 Fix printf format specifiers for 32bit Emscripten #992 docs: Promote OpenSSF Best Practices self-certification #978 tests/benchmark: Resolve mistaken double close #986 Address compiler warnings #990 #993 Version info bumped from 11:1:10 (libexpat _.so.1.10.1)
* bsc#1219559
* bsc#1219561
* bsc#1221289
* bsc#1229930
* bsc#1229931
* bsc#1229932
* bsc#1232579
* bsc#1232601
* bsc#1239618
* jsc#SLE-21253
Cross-
* CVE-2013-0340
* CVE-2019-15903
* CVE-2023-52425
* CVE-2023-52426
* CVE-2024-28757
* CVE-2024-45490
* CVE-2024-45491
* CVE-2024-45492
* CVE-2024-50602
* CVE-2024-8176
CVSS scores:
* CVE-2019-15903 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-15903 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-15903 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2019-15903 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Get the latest Linux and open source security news straight to your inbox.