Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7000-1: Expat vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7000-1: Expat vulnerabilities
12 September 2024

Several security issues were fixed in Expat.

Releases
Ubuntu 24.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM

Packages
expat - XML parsing C library

Details
Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-45490)
Shang-Hung Wan discovered that Expat did properly handle the potential
for an integer overflow on 32-bit platforms. An attacker could use this
issue to cause a denial of service or possibly execute arbitrary code.
(CVE-2024-45491, CVE-2024-45492)

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04
expat - 2.6.1-2ubuntu0.1
libexpat1 - 2.6.1-2ubuntu0.1

Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad