Skip to content
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.

0.335.0
Compare
Choose a tag to compare
@cf-buildpacks-eng cf-buildpacks-eng released this 17 Nov 19:24
· 34 commits to main since this release
0.335.0
b073b23

Notably, this release addresses:

USN-5638-2 USN-5638-2: Expat vulnerabilities:

  • CVE-2022-43680: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
  • CVE-2022-43680: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
  • CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
-ii  libexpat1:amd64     2.2.5-3ubuntu0.7  amd64  XML parsing C library - runtime library
-ii  libexpat1-dev:amd64 2.2.5-3ubuntu0.7  amd64  XML parsing C library - development kit
+ii  libexpat1:amd64     2.2.5-3ubuntu0.8  amd64  XML parsing C library - runtime library
+ii  libexpat1-dev:amd64 2.2.5-3ubuntu0.8  amd64  XML parsing C library - development kit
Assets 3