OpenWrt 22.03 expat - CVE-2022-43680/CVE-2022-40674

Tue, 08 Nov 2022 11:39:25 -0800 


The 2.4.9 version of expat in OpenWrt 22.03 contains the following CVEs:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674


Suggest either update to 2.5.0 (as per master) or application of the upstream 
patches, etc:


https://github.com/libexpat/libexpat/pull/616
https://github.com/libexpat/libexpat/pull/650





_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel






















					Reply via email to