Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 275 articles for you...
217

Oracle Linux 10 ELSA-2026-22715 expat Important Denial of Service

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-22715 http://linux.oracle.com/errata/ELSA-2026-22715.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.7.3-1.el10_2.1.x86_64.rpm expat-devel-2.7.3-1.el10_2.1.x86_64.rpm aarch64: expat-2.7.3-1.el10_2.1.aarch64.rpm expat-devel-2.7.3-1.el10_2.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/expat-2.7.3-1.el10_2.1.src.rpm Related CVEs: CVE-2026-45186 Description of changes: [2.7.3-57] - expat: backport CVE-2026-45186 fix (attribute collision check DoS) [2.7.3-56] - Rebase to 2.7.3 and add VCS tag * Thu Jun 05 2025 This email address is being protected from spambots. You need JavaScript enabled to view it. - https://issues.redhat.com/browse/RHELMISC-13073 * Fri Mar 28 2025 Tomas Korbar - Fix behavior change caused by fix for CVE-2024-8176 * Fri Mar 14 2025 Tomas Korbar - Fix CVE-2024-8176 * Thu Nov 07 2024 Tomas Korbar - Rebase to 2.6.4 * Tue Oct 29 2024 Troy Dawson - Bump release for October 2024 mass rebuild: * Wed Jul 03 2024 Tomas Korbar - Rebase to 2.6.2 * Mon Jun 24 2024 Troy Dawson - Bump release for June 2024 mass rebuild * Fri Jun 21 2024 František Hrdina - Update of fmf plans and gating for c10s _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 10 updates expat to address CVE-2026-45186 denoting an important fix for a denial of service issue.. Oracle Linux, expat update, security advisory, important fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
172

Ubuntu 16.04 Expat Important Denial of Service CVE-2026-41080 USN-8520-1

Expat could be made to crash if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-8520-1 July 09, 2026 expat vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Expat could be made to crash if it received specially crafted input. Software Description: - expat: XML parsing C library Details: It was discovered that Expat used insufficient entropy when generating hash salt values for its internal hash table. An attacker could use this to craft an XML document that triggers hash flooding, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS libexpat1 2.1.0-7ubuntu0.16.04.5+esm12 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8520-1 CVE-2026-41080 . Update Ubuntu 16.04 LTS to fix Expat denial of service issue due to improper input handling. Critical security patch needed.. Ubuntu Expat Denial of Service Update, Security Notice, XML Parsing C Library, Ubuntu Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 Important Ubuntu
217

Oracle Linux 9 Advisory ELSA-2026-23230 Expat Important CVE-2026-45186

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-23230 http://linux.oracle.com/errata/ELSA-2026-23230.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.5.0-6.el9_8.1.i686.rpm expat-2.5.0-6.el9_8.1.x86_64.rpm expat-devel-2.5.0-6.el9_8.1.i686.rpm expat-devel-2.5.0-6.el9_8.1.x86_64.rpm aarch64: expat-2.5.0-6.el9_8.1.aarch64.rpm expat-devel-2.5.0-6.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/expat-2.5.0-6.el9_8.1.src.rpm Related CVEs: CVE-2026-45186 Description of changes: [2.5.0-6.1] - Fix CVE-2026-45186 - Resolves: RHEL-177988 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Advisory ELSA-2026-23230 reveals updates for expat addressing CVE-2026-45186 threats.. Oracle Linux Update, Expat Security Fix, Security Advisory ELSA-2026, CVE-2026-45186 Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 Important Oracle
203

Mageia 9 Expat Important Denial of Service CVE-2026-45186 Advisory

Security update. Publication date: 12 Jun 2026 URL: https://advisories.mageia.org/MGASA-2026-0204.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-45186 Description: CVE-2026-45186 the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. References: - https://bugs.mageia.org/show_bug.cgi?id=35522 - https://www.openwall.com/lists/oss-security/2026/05/11/16 - https://blog.hartwork.org/posts/expat-2-8-1-released/ - https://github.com/libexpat/libexpat/blob/R_2_8_1/expat/Changes - https://www.cve.org/CVERecord?id=CVE-2026-45186 SRPMS: - 9/core/expat-2.7.5-1.1.mga9 . Mageia security advisory for expat revealing a denial of service issue through crafted XML input. Essential update for users.. Mageia, expat, security advisory, XML input, denial of service. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 Important Mageia
217

Oracle Linux 8 ELSA-2026-22721 expat Important Buffer Overflow

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-22721 http://linux.oracle.com/errata/ELSA-2026-22721.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.5.0-2.el8_10.i686.rpm expat-2.5.0-2.el8_10.x86_64.rpm expat-devel-2.5.0-2.el8_10.i686.rpm expat-devel-2.5.0-2.el8_10.x86_64.rpm aarch64: expat-2.5.0-2.el8_10.aarch64.rpm expat-devel-2.5.0-2.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/expat-2.5.0-2.el8_10.src.rpm Related CVEs: CVE-2026-45186 Description of changes: [2.5.0-2] - Fix CVE-2026-45186 - Resolves: RHEL-177979 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Advisory ELSA-2026-22721 addresses the Important expat update for Oracle Linux 8.. Oracle Linux, expat update, security fix, ELSA-2026-22721, Important advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2026 Important Oracle
89

Fedora 43 expat Update Critical XML Parser Rebase CVE 2026-89f45c355d

Rebase to version 2.8.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-89f45c355d 2026-05-21 01:26:51.960413+00:00 -------------------------------------------------------------------------------- Name : expat Product : Fedora 43 Version : 2.8.1 Release : 1.fc43 URL : https://libexpat.github.io/ Summary : An XML parser library Description : This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. A start tag is an example of the kind of structures for which you may register handlers. -------------------------------------------------------------------------------- Update Information: Rebase to version 2.8.1 -------------------------------------------------------------------------------- ChangeLog: * Tue May 12 2026 Tomas Korbar - 2.8.1-1 - Rebase to version 2.8.1 * Mon Mar 23 2026 Tomas Korbar - 2.7.5-1 - Rebase to 2.7.5 * Mon Feb 9 2026 Miro Hron\u010dok - 2.7.4-1 - Update to 2.7.4 - Enable versioned symbols - Fixes: rhbz#2435633 * Fri Jan 16 2026 Fedora Release Engineering - 2.7.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448482 - expat-2.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448482 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-89f45c355d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPGkey. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 43 expat library update addresses critical improvements and fixes for XML parsing. Detailed info inside.. Fedora expat update XML parser security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 21, 2026 Critical Fedora
202

openSUSE Tumbleweed expat Moderate Security Issues 2026-10787-1

An update that solves 2 vulnerabilities can now be installed.. # expat-2.8.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10787-1 Rating: moderate Cross-References: * CVE-2026-41080 * CVE-2026-45186 CVSS scores: * CVE-2026-41080 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-41080 ( SUSE ): 2 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45186 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the expat-2.8.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * expat 2.8.1-1.1 * libexpat-devel 2.8.1-1.1 * libexpat-devel-32bit 2.8.1-1.1 * libexpat1 2.8.1-1.1 * libexpat1-32bit 2.8.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41080.html * https://www.suse.com/security/cve/CVE-2026-45186.html . Update for openSUSE fixes multiple security issues in expat package, ensuring system integrity.. openSUSE expat update security moderate issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 17, 2026 Important OpenSUSE
89

Fedora 44 expat Update 2.8.1 Rebase Notification 2026-4ef690dc30

Rebase to version 2.8.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-4ef690dc30 2026-05-15 02:33:10.357482+00:00 -------------------------------------------------------------------------------- Name : expat Product : Fedora 44 Version : 2.8.1 Release : 1.fc44 URL : https://libexpat.github.io/ Summary : An XML parser library Description : This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. A start tag is an example of the kind of structures for which you may register handlers. -------------------------------------------------------------------------------- Update Information: Rebase to version 2.8.1 -------------------------------------------------------------------------------- ChangeLog: * Tue May 12 2026 Tomas Korbar - 2.8.1-1 - Rebase to version 2.8.1 * Mon Mar 23 2026 Tomas Korbar - 2.7.5-1 - Rebase to 2.7.5 * Mon Feb 9 2026 Miro Hron\u010dok - 2.7.4-1 - Update to 2.7.4 - Enable versioned symbols - Fixes: rhbz#2435633 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448482 - expat-2.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448482 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-4ef690dc30' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 44 updates expat to version 2.8.1, improving XML parsing functionality and performance. Learn more now!. Fedora expat update XML parser. . Severity: Informational. LinuxSecurity.com Team

Calendar%202 May 15, 2026 Informational Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200