OpenWrt 22.03 expat - CVE-2022-43680/CVE-2022-40674
Peter Naulls
peter at chocky.org
Tue Nov 8 11:26:39 PST 2022
The 2.4.9 version of expat in OpenWrt 22.03 contains the following CVEs:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
Suggest either update to 2.5.0 (as per master) or application of the upstream
patches, etc:
https://github.com/libexpat/libexpat/pull/616
https://github.com/libexpat/libexpat/pull/650
More information about the openwrt-devel
mailing list