| Package | expat |
|---|---|
| Version | 2.2.0-2+deb9u10 (stretch), 2.2.6-2+deb10u9 (buster) |
| Related CVEs | CVE-2024-50602 |
An issue has been found in expat, an XML parsing C library. The issue is related to a crash within XML_ResumeParser() because XML_StopParser() can stop/suspend an unstarted parser.
For Debian 10 buster, these problems have been fixed in version 2.2.6-2+deb10u9.
For Debian 9 stretch, these problems have been fixed in version 2.2.0-2+deb9u10.
We recommend that you upgrade your expat packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.