Bug#1002994: expat: CVE-2021-45960: A large number of prefixed XML attributes on a single tag can crash libexpat (troublesome left shifts by >=29 bits in function storeAtts)

Hi Laszlo, Thank you so much! Regards, Carlos Rodriguez-Fernandez Principal Software Engineer www.healthtrio.com > On Mar 8, 2022, at 9:37 AM, László Böszörményi (GCS) wrote: > > Hi Carlos, > > On Tue, Mar 8, 2022 at 4:51 PM Carlos Rodriguez > wrote: >> I see that the commit >>

Bug#1002994: expat: CVE-2021-45960: A large number of prefixed XML attributes on a single tag can crash libexpat (troublesome left shifts by >=29 bits in function storeAtts)

Hi Carlos, On Tue, Mar 8, 2022 at 4:51 PM Carlos Rodriguez wrote: > I see that the commit > https://github.com/libexpat/libexpat/commit/0adcb34c49bee5b19bd29b16a578c510c23597ea > is present in the branches corresponding to the expat version >=2.4.3. At > the same time, I see that Debian

Bug#1002994: expat: CVE-2021-45960: A large number of prefixed XML attributes on a single tag can crash libexpat (troublesome left shifts by >=29 bits in function storeAtts)

Hello Laszlo, I see that the commit https://github.com/libexpat/libexpat/commit/0adcb34c49bee5b19bd29b16a578c510c23597ea is present in the branches corresponding to the expat version >=2.4.3. At the same time, I see that Debian reported the issue fixed in

Bug#1002994: expat: CVE-2021-45960: A large number of prefixed XML attributes on a single tag can crash libexpat (troublesome left shifts by >=29 bits in function storeAtts)

Source: expat Version: 2.4.2-1 Severity: important Tags: security upstream Forwarded: https://github.com/libexpat/libexpat/issues/531 X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 2.2.10-2 Control: found -1 2.2.6-2+deb10u1 Control: found -1 2.2.6-2 Hi, The following