VUL-0: CVE-2024-28757: expat: libexpat: XML Entity Expansion VUL-0: CVE-2024-45490: expat: reject negative len for XML_ParseBuffer VUL-0: CVE-2024-45491: expat: detect integer overflow in dtdCopy VUL-0: CVE-2024-45492: expat: detect integer overflow in function nextScaffoldPart david.anes important security

Security update for expat

This update for expat fixes the following issues: - CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932) - CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931) - CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930) - CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289) expat