Debian 10261 Published by

An expat security update has been released for Debian GNU/Linux 8 Extended LTS to address several vulnerabilities.



ELA-574-1 expat security update

Package expat
Version 2.1.0-6+deb8u8
Related CVEs CVE-2022-23852 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25315

Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.

For Debian 8 jessie, these problems have been fixed in version 2.1.0-6+deb8u8.

We recommend that you upgrade your expat packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-574-1 expat security update