https://github.com/libexpat/libexpat/issues/1076 notes:
Hi!
Just a quick note that there is another unfixed vulnerability in Expat on my
desk by now:
- It's been reported on September 25th by a human (not fuzzing)
- The impact is denial of service
- To be more concrete: A crafted file of size ~2 MiB can cause 25–100 seconds
processing time, depending on the used hardware.
My own priorities are elsewhere at the moment. Please reach out if:
- you want to help finding a true fix and
- you are okay with signing a freeform NDA (to keep the vulnerability details
confidential until a fix has made its way into Git master).
It's not going to be as complex as resolving recursion for Expat 2.7.0 but
the path forward for a fix is not clear yet.
Best, Sebastian
PS: Comments are intentionally closed, please reach out via the e-mail in my
profile, instead.
[note that I'm just passing this along - if you want to help, contact Sebastian
via the link to his profile from the github issue, not me.]
