Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
219
security advisorymoderate severityinteger overflowRocky Linux 9 RLSA-2024:6754 moderate: expat parsing issue
Moderate: expat security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:6754", "synopsis": "Moderate: expat security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for expat.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* libexpat: Negative Length Parsing Vulnerability in libexpat (CVE-2024-45490)\n\n* libexpat: Integer Overflow or Wraparound (CVE-2024-45491)\n\n* libexpat: integer overflow (CVE-2024-45492)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2308615", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "description": ""}, {"ticket": "2308616", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "description": ""}, {"ticket": "2308617", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "description": ""}], "cves": [{"name": "CVE-2024-45490", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-45490", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-45491", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-45491", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-45492", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-45492", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-09-30T14:31:38.136782Z", "rpms": {"Rocky Linux 9":{"nvras": ["expat-0:2.5.0-2.el9_4.1.aarch64.rpm", "expat-0:2.5.0-2.el9_4.1.i686.rpm", "expat-0:2.5.0-2.el9_4.1.ppc64le.rpm", "expat-0:2.5.0-2.el9_4.1.s390x.rpm", "expat-0:2.5.0-2.el9_4.1.src.rpm", "expat-0:2.5.0-2.el9_4.1.x86_64.rpm", "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64.rpm", "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le.rpm", "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x.rpm", "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64.rpm", "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64.rpm", "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le.rpm", "expat-debugsource-0:2.5.0-2.el9_4.1.s390x.rpm", "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64.rpm", "expat-devel-0:2.5.0-2.el9_4.1.aarch64.rpm", "expat-devel-0:2.5.0-2.el9_4.1.i686.rpm", "expat-devel-0:2.5.0-2.el9_4.1.ppc64le.rpm", "expat-devel-0:2.5.0-2.el9_4.1.s390x.rpm", "expat-devel-0:2.5.0-2.el9_4.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Recent security patch for expat in Rocky Linux 9 resolves multiple significant vulnerabilities, strengthening overall system resilience.. Rocky Linux Expats. . LinuxSecurity.com Team
Sep 30, 2024
Rocky Linux
203
security advisorydenial of servicecritical issueMageia 9 MGASA-2024-0072 critical: expat DoS risk updates
It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-52425, CVE-2024-28757) . MGASA-2024-0072 - Updated expat packages fix security vulnerabilities Publication date: 18 Mar 2024 URL: https://advisories.mageia.org/MGASA-2024-0072.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-52425, CVE-2024-28757 It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-52425, CVE-2024-28757) References: - https://bugs.mageia.org/show_bug.cgi?id=32970 - https://ubuntu.com/security/notices/USN-6694-1 - https://www.cve.org/CVERecord?id=CVE-2023-52425 - https://www.cve.org/CVERecord?id=CVE-2024-28757 SRPMS: - 9/core/expat-2.6.2-1.mga9 . Supplier software enhancements tackle weaknesses responsible for service interruptions made public on Mar 18, 2024.. Expat Security Update,Mageia Advisory,Resource Consumption Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 18, 2024
•Critical
Mageia
100
security advisorycritical issueimportant patchopenSUSE 15.4 & 15.5: 2024:0782-1 Important: Python311 Expat Bug
* bsc#1196025 * bsc#1210638 * bsc#1219666 Cross-References: . # Security update for python311 Announcement ID: SUSE-SU-2024:0782-1 Rating: important References: * bsc#1196025 * bsc#1210638 * bsc#1219666 Cross-References: * CVE-2022-25236 * CVE-2023-27043 * CVE-2023-6597 CVSS scores: * CVE-2022-25236 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-25236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2023-27043: Fixed incorrect e-mqil parsing (bsc#1210638). * CVE-2022-25236: Fixed an expat vulnerability by supporting expat > = 2.4.4 (bsc#1212015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-782=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-782=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-782=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * python311-testsuite-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-testsuite-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-3.11.8-150400.9.23.1 *python311-base-32bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-3.11.8-150400.9.23.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-64bit-3.11.8-150400.9.23.1 * python311-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-64bit-3.11.8-150400.9.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * python311-testsuite-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-testsuite-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * openSUSE Leap 15.5 (x86_64) * libpython3_11-1_0-32bit-3.11.8-150400.9.23.1 * python311-base-32bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-3.11.8-150400.9.23.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390xx86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 *python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 *python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 ## References: * https://www.suse.com/security/cve/CVE-2022-25236.html * https://www.suse.com/security/cve/CVE-2023-27043.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1196025 * https://bugzilla.suse.com/show_bug.cgi?id=1210638 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 . Important security update for python311 tackling critical vulnerabilities. Apply patches tosafeguard your system now.. python311 Security Update, openSUSE Patch, Security Advisory, Expat Issue, Python Security. . Severity: Important. LinuxSecurity.com Team
Mar 06, 2024
•Important
SuSE
98
security advisorysecurity updateRed Hat Enterprise LinuxRed Hat Enterprise Linux 9 RHSA-2023-0337-01 Moderate: Expat Issue
An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: expat security update Advisory ID: RHSA-2023:0337-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0337 Issue date: 2023-01-23 CVE Names: CVE-2022-43680 ==================================================================== 1. Summary: An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: Expat is a C library for parsing XML documents. Security Fix(es): * expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, applications using the Expat library must be restarted for the update to take effect. 5. Bugs fixed(https://bugzilla.redhat.com/): 2140059 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): aarch64: expat-debuginfo-2.4.9-1.el9_1.1.aarch64.rpm expat-debugsource-2.4.9-1.el9_1.1.aarch64.rpm expat-devel-2.4.9-1.el9_1.1.aarch64.rpm ppc64le: expat-debuginfo-2.4.9-1.el9_1.1.ppc64le.rpm expat-debugsource-2.4.9-1.el9_1.1.ppc64le.rpm expat-devel-2.4.9-1.el9_1.1.ppc64le.rpm s390x: expat-debuginfo-2.4.9-1.el9_1.1.s390x.rpm expat-debugsource-2.4.9-1.el9_1.1.s390x.rpm expat-devel-2.4.9-1.el9_1.1.s390x.rpm x86_64: expat-debuginfo-2.4.9-1.el9_1.1.i686.rpm expat-debuginfo-2.4.9-1.el9_1.1.x86_64.rpm expat-debugsource-2.4.9-1.el9_1.1.i686.rpm expat-debugsource-2.4.9-1.el9_1.1.x86_64.rpm expat-devel-2.4.9-1.el9_1.1.i686.rpm expat-devel-2.4.9-1.el9_1.1.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 9): Source: expat-2.4.9-1.el9_1.1.src.rpm aarch64: expat-2.4.9-1.el9_1.1.aarch64.rpm expat-debuginfo-2.4.9-1.el9_1.1.aarch64.rpm expat-debugsource-2.4.9-1.el9_1.1.aarch64.rpm ppc64le: expat-2.4.9-1.el9_1.1.ppc64le.rpm expat-debuginfo-2.4.9-1.el9_1.1.ppc64le.rpm expat-debugsource-2.4.9-1.el9_1.1.ppc64le.rpm s390x: expat-2.4.9-1.el9_1.1.s390x.rpm expat-debuginfo-2.4.9-1.el9_1.1.s390x.rpm expat-debugsource-2.4.9-1.el9_1.1.s390x.rpm x86_64: expat-2.4.9-1.el9_1.1.i686.rpm expat-2.4.9-1.el9_1.1.x86_64.rpm expat-debuginfo-2.4.9-1.el9_1.1.i686.rpm expat-debuginfo-2.4.9-1.el9_1.1.x86_64.rpm expat-debugsource-2.4.9-1.el9_1.1.i686.rpm expat-debugsource-2.4.9-1.el9_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-43680 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY863OdzjgjWX9erEAQjjfhAAmVQ9lqY+P9epMjX2K1G0rPdn4BUhcDzM gGf6WEHtk+N+BG1MqMWPh2qzOgtLq5T1bfZM4OR1QMUhw3Te2cALvTt/V7OvnSMb 330OWavyoQyqUf3qv41OmBHokBzMXKaZEgaRQSbUOSb3IswAEBHS5MA/MCpnRH3F +o5tF6WnXBUlCvCk5NwzHwbQOjyAarUjAmsCLP8vZvfwBdJufiloycuU2B/oVGcr LoFJeheY/Cv2N4QZ6RuUBPSITCjt4Cpd2ShHGw0LiBOwKwzVtiZK+F1k1ZEUxofa MGn1F+OanwTLSrkfpm6cPTJ60xhOlKdx55SZHALikV4XAGW3bOCdCsGrUN6joagC yPJjc23YlXrzzjmt8ovTaFnzT44x/HII/auAyc8V4GwL/GH8HdLpcqbad2fNljyR hG5eOYjnMbgVDWlaPOL7M7Ja2aVOFV3kyXYgKwrricEGAWlOTkDawSjWkUysr7wh EVhQSOeZ44qmpfEDotTeGLBTCBmvVwLPFVdBeoc7T9q/RFhRQ4CoMBhIW6kW3m46 YC9IOZfrjcsFDQWjYH79xSmFMHZ/s7De21vz+Pc6yojY5ze+vWdfGNiBsBaiHcej 6DWmQT/XeeZO2Ez50VTbeca/0fyXKtig7mAvWcL7kMMxbNrxBYojT2nfH1qqQF5i ZmksOdNvfHM=m58z -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 23, 2023
Red Hat
217
security advisorycritical fixthunderbird updateOracle Linux 7: ELSA-2022-6998 Critical: Thunderbird Expat Fix
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-6998 https://linux.oracle.com/errata/ELSA-2022-6998.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-102.3.0-4.0.1.el7_9.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/thunderbird-102.3.0-4.0.1.el7_9.src.rpm Related CVEs: CVE-2022-40674 Description of changes: [102.3.0-4.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [102.3.0-4] - Fix for expat CVE-2022-40674 [102.3.0-3] - Update to 102.3.0 build1 _______________________________________________ El-errata mailing list
Oct 27, 2022
•Critical
Oracle
217
security advisoryimportant fixThunderbird updateOracle Linux 8 ELSA-2022-7023: Important Thunderbirds Fix for Expat Attack
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-7023 https://linux.oracle.com/errata/ELSA-2022-7023.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-102.3.0-4.0.1.el8_6.x86_64.rpm aarch64: thunderbird-102.3.0-4.0.1.el8_6.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/thunderbird-102.3.0-4.0.1.el8_6.src.rpm Related CVEs: CVE-2022-40674 Description of changes: [102.3.0-4.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.3.0-4] - Fix for expat CVE-2022-40674 _______________________________________________ El-errata mailing list
Oct 21, 2022
•Important
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!