Security warning: use-after-free issue in expat

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
User avatar
LigH1L
Fanatic
Fanatic
Posts: 121
Joined: 2013-02-22, 19:08
Location: rural central Germany

Security warning: use-after-free issue in expat

Unread post by LigH1L » 2022-09-28, 08:43

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c

Just in case you ever derived your code from it...

via Fefes Blog
Fun and success!

User avatar
jobbautista9
Keeps coming back
Keeps coming back
Posts: 780
Joined: 2020-11-03, 06:47
Location: Philippines
Contact:

Re: Security warning: use-after-free issue in expat

Unread post by jobbautista9 » 2022-09-28, 12:16

Mozilla is tracking this in bug #1791598, fyi.
Image

merry mimas

XUL add-ons developer. You can find a list of add-ons I manage at http://rw.rs/~job/software.html.

Mima avatar by 絵虎. Pixiv post: https://www.pixiv.net/en/artworks/15431817

Image

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35402
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Security warning: use-after-free issue in expat

Unread post by Moonchild » 2022-09-28, 13:11

"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

Locked