expat-2.1.0-15.el7

エラータID: AXSA:2022-3882:06

Release date: 
Thursday, October 6, 2022 - 12:47
Subject: 
expat-2.1.0-15.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Expat is a C library for parsing XML documents.

Security Fix(es):

* expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Solution: 

Update packages.

CVEs: 
CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Additional Info: 

N/A

Download: 

SRPMS
  1. expat-2.1.0-15.el7.src.rpm
    MD5: ae2f4df9b609133d2d533d4d34560756
    SHA-256: 3dbd8ec639fb913b6f4cf86cb99fede2e3a495774a0d4cc8c05cbca31bc02fea
    Size: 582.19 kB

Asianux Server 7 for x86_64
  1. expat-2.1.0-15.el7.x86_64.rpm
    MD5: 2abaf2cf70ca8b24151406cf14eb86e1
    SHA-256: 9968189ec4f3098f6912dea23d1e603ea365aa71417a585a4a7ae18723665a7b
    Size: 81.86 kB
  2. expat-devel-2.1.0-15.el7.x86_64.rpm
    MD5: bf3c97fa546c2c3ee57fc8078431b88c
    SHA-256: 0ecff1e615174d6504e23c03b892b4b54499ee2b3bfa6f118aa50669e7e148b9
    Size: 57.32 kB
  3. expat-2.1.0-15.el7.i686.rpm
    MD5: f55cfbc429f8bd3f4f9bd89d00a973d8
    SHA-256: 7e7d79486d66d699d336bf732edb2339e3e9b63d8c49617690d2be5b0e03f97f
    Size: 81.65 kB
  4. expat-devel-2.1.0-15.el7.i686.rpm
    MD5: 5f19553b679427a0c6f5bd27bf38c7bf
    SHA-256: 4c47c6a573dc7a468b12d040a09600b9501033ec273b09dd0370b2f8901f433f
    Size: 57.35 kB