Overview

File _patchinfo of Package patchinfo.42029

<patchinfo incident="42029">
  <issue tracker="cve" id="2024-45492"/>
  <issue tracker="cve" id="2024-45490"/>
  <issue tracker="cve" id="2024-50602"/>
  <issue tracker="cve" id="2024-45491"/>
  <issue tracker="bnc" id="1230037">VUL-0: CVE-2024-45491: mozjs60, mozjs78, mozjs115: embedded expat: detect integer overflow in dtdCopy</issue>
  <issue tracker="bnc" id="1232599">VUL-0: CVE-2024-50602: mozjs52,mozjs78: libexpat: DoS via XML_ResumeParser</issue>
  <issue tracker="bnc" id="1230038">VUL-0: CVE-2024-45492: mozjs60, mozjs78, mozjs115: embedded expat: detect integer overflow in function nextScaffoldPart</issue>
  <issue tracker="bnc" id="1230036">VUL-0: CVE-2024-45490: mozjs60, mozjs78, mozjs115: embedded expat: reject negative len for XML_ParseBuffer</issue>
  <packager>qzhao</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for mozjs52</summary>
  <description>This update for mozjs52 fixes the following issues:

- CVE-2024-45491: Fixed integer overflow in dtdCopy (bsc#1230037)
- CVE-2024-50602: Fixed DoS via XML_ResumeParser (bsc#1232599)
- CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart (bsc#1230038)
- CVE-2024-45490: Fixed negative len for XML_ParseBuffer (bsc#1230036)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places