Explore top 10 tips to secure your open-source projects now. Read More
×
This update for expat fixes the following issues:
* CVE-2026-32776: NULL pointer dereference when processing empty external
parameter entities inside an entity declaration value (bsc#1259726).
* CVE-2026-32777: denial of service due to infinite loop in DTD content
parsing (bsc#1259711).
* CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an
out-of-memory condition (bsc#1259729).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1166=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1166=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1166=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1166=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-1166=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1166=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1166=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch...
Read the Full Advisory* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libexpat1-debuginfo-2.7.1-150400.3.37.1
* expat-debuginfo-2.7.1-150400.3.37.1
* expat-debugsource-2.7.1-150400.3.37.1
* libexpat1-2.7.1-150400.3.37.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libexpat1-debuginfo-2.7.1-150400.3.37.1
* expat-debuginfo-2.7.1-150400.3.37.1
* expat-debugsource-2.7.1-150400.3.37.1
* libexpat1-2.7.1-150400.3.37.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libexpat1-debuginfo-2.7.1-150400.3.37.1
* expat-debuginfo-2.7.1-150400.3.37.1
* expat-debugsource-2.7.1-150400.3.37.1
* libexpat1-2.7.1-150400.3.37.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libexpat1-debuginfo-2.7.1-150400.3.37.1
* expat-debuginfo-2.7.1-150400.3.37.1
* expat-debugsource-2.7.1-150400.3.37.1
* libexpat1-2.7.1-150400.3.37.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libexpat1-debuginfo-2.7.1-150400.3.37.1
* expat-debuginfo-2.7.1-150400.3.37.1
*...
Read the Full Advisory* bsc#1259711
* bsc#1259726
* bsc#1259729
## References:
* https://www.suse.com/security/cve/CVE-2026-32776.html
* https://www.suse.com/security/cve/CVE-2026-32777.html
* https://www.suse.com/security/cve/CVE-2026-32778.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259711
* https://bugzilla.suse.com/show_bug.cgi?id=1259726
* https://bugzilla.suse.com/show_bug.cgi?id=1259729
Get the latest Linux and open source security news straight to your inbox.