The new expat 2.5.0 release shipped today included a CVE fix: > #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. https://github.com/libexpat/libexpat/pull/629/commits/4a32da87e931ba54393d465bb77c40b5c33d343b While our RLBox sandboxing potentially mitigates the severity of this issue for our official releases, we should be cognizant of distros which ship with RLBox disabled where the severity may be higher.
Bug 1797336 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
The new expat 2.5.0 release shipped today included a CVE fix: > #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. https://github.com/libexpat/libexpat/pull/650 While our RLBox sandboxing potentially mitigates the severity of this issue for our official releases, we should be cognizant of distros which ship with RLBox disabled where the severity may be higher.
The new expat 2.5.0 release shipped today included a CVE fix: > #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. https://github.com/libexpat/libexpat/pull/650/files While our RLBox sandboxing potentially mitigates the severity of this issue for our official releases, we should be cognizant of distros which ship with RLBox disabled where the severity may be higher.
The new expat 2.5.0 release shipped today included a CVE fix: > #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. https://github.com/libexpat/libexpat/pull/650/files While our RLBox sandboxing potentially mitigates the severity of this issue for our official releases, we should be cognizant of distros which ship with RLBox disabled where the severity may be higher when determining which course of action to take.
The new expat 2.5.0 release shipped today included a CVE fix: > #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. https://github.com/libexpat/libexpat/pull/650/files While RLBox sandboxing potentially mitigates the severity of this issue for our official releases, we should be cognizant of distros which ship with RLBox disabled where the severity may be higher when determining which course of action to take.