This repository has been archived by the owner on Oct 10, 2023. It is now read-only.
0.335.0
cf-buildpacks-eng
released this
17 Nov 19:24
·
34 commits
to main
since this release
Notably, this release addresses:
USN-5638-2 USN-5638-2: Expat vulnerabilities:
- CVE-2022-43680: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
- CVE-2022-43680: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
- CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
-ii libexpat1:amd64 2.2.5-3ubuntu0.7 amd64 XML parsing C library - runtime library
-ii libexpat1-dev:amd64 2.2.5-3ubuntu0.7 amd64 XML parsing C library - development kit
+ii libexpat1:amd64 2.2.5-3ubuntu0.8 amd64 XML parsing C library - runtime library
+ii libexpat1-dev:amd64 2.2.5-3ubuntu0.8 amd64 XML parsing C library - development kit