| Summary: | expat 2.4.7 fixes regressions from 2.4.5 security fixes | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | RPM Packages | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, nicolas.salguero, sysadmin-bugs, tmb |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | expat-2.2.10-1.3.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2022-03-10 17:02:03 CET
David Walser
2022-03-10 17:02:30 CET
Whiteboard:
(none) =>
MGA8TOO Suggested advisory: ======================== The updated packages fix regressions introduced by security fixes for CVE-2022-25313 and CVE-2022-25236. References: https://blog.hartwork.org/posts/expat-2-4-6-released/ https://blog.hartwork.org/posts/expat-2-4-7-released/ https://github.com/libexpat/libexpat/blob/master/expat/Changes https://ubuntu.com/security/notices/USN-5320-1 ======================== Updated packages in core/updates_testing: ======================== expat-2.2.10-1.4.mga8 lib(64)expat1-2.2.10-1.4.mga8 lib(64)expat-devel-2.2.10-1.4.mga8 from SRPM: expat-2.2.10-1.4.mga8.src.rpm Status comment:
Fixed upstream in 2.4.7 =>
(none) No installation issues. I have no idea of how to test to see if the regressions have been fixed, so testing with the standard procedure from https://wiki.mageia.org/en/QA_procedure:Expat $ python testexpat.py Tested OK If that test is sufficient, then this update is OK for 64-bits. CC:
(none) =>
andrewsfarm validating. Advisory in Comment 1. Whiteboard:
(none) =>
MGA8-64-OK
Dave Hodgins
2022-03-13 23:30:35 CET
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2022-0036.html Resolution:
(none) =>
FIXED |