Amazon Linux 1 Security Advisory: ALAS-2023-1882
Advisory Release Date: 2023-10-30 23:31 Pacific
Advisory Updated Date: 2023-11-03 17:55 Pacific
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. (CVE-2022-23990)
Affected Packages:
expat
Issue Correction:
Run yum update expat to update your system.
i686:
expat-devel-2.1.0-15.34.amzn1.i686
expat-2.1.0-15.34.amzn1.i686
expat-debuginfo-2.1.0-15.34.amzn1.i686
src:
expat-2.1.0-15.34.amzn1.src
x86_64:
expat-devel-2.1.0-15.34.amzn1.x86_64
expat-2.1.0-15.34.amzn1.x86_64
expat-debuginfo-2.1.0-15.34.amzn1.x86_64