expat security update

🗓️ 28 Jun 2022 10:52:05Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 27 Views

Update for expat affects Rocky Linux 8. Fix stack exhaustion and integer overflow vulnerabilitie

Reporter	Title	Published	Views	Family All 275
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-25313	4 Nov 202217:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On due to Expat vulnerabilities	11 Apr 202202:48	–	ibm
IBM Security Bulletins	Security Bulletin: Due to use of Expat IBM Tivoli Network Manager is vulnerable to arbitrary code execution (multiple vulnerabilities)	4 Jul 202212:59	–	ibm
IBM Security Bulletins	Security Bulletin: Expat vulnerabilities affect IBM Netezza Analytics for NPS	3 Jun 202214:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak	25 Aug 202202:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found in IBM DB2 which is shipped with IBM® Intelligent Operations Center(CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314, CVE-2022-25315)	7 Sep 202212:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics	10 Aug 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product	13 Oct 202213:56	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (CVE-2022-22389, CVE-2022-25313, CVE-2022-25236, CVE-2022-25314, CVE-2022-25315, CVE-2022-25235 and CVE-2022-22390)	1 Mar 202306:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server	30 Jun 202218:46	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	8	aarch64	expat	0:2.2.5-8.el8_6.2	expat-0:2.2.5-8.el8_6.2.aarch64.rpm
Rocky Linux	8	i686	expat	0:2.2.5-8.el8_6.2	expat-0:2.2.5-8.el8_6.2.i686.rpm
Rocky Linux	8	x86_64	expat	0:2.2.5-8.el8_6.2	expat-0:2.2.5-8.el8_6.2.x86_64.rpm
Rocky Linux	8	aarch64	expat-debuginfo	0:2.2.5-8.el8_6.2	expat-debuginfo-0:2.2.5-8.el8_6.2.aarch64.rpm
Rocky Linux	8	i686	expat-debuginfo	0:2.2.5-8.el8_6.2	expat-debuginfo-0:2.2.5-8.el8_6.2.i686.rpm
Rocky Linux	8	x86_64	expat-debuginfo	0:2.2.5-8.el8_6.2	expat-debuginfo-0:2.2.5-8.el8_6.2.x86_64.rpm
Rocky Linux	8	aarch64	expat-debugsource	0:2.2.5-8.el8_6.2	expat-debugsource-0:2.2.5-8.el8_6.2.aarch64.rpm
Rocky Linux	8	i686	expat-debugsource	0:2.2.5-8.el8_6.2	expat-debugsource-0:2.2.5-8.el8_6.2.i686.rpm
Rocky Linux	8	x86_64	expat-debugsource	0:2.2.5-8.el8_6.2	expat-debugsource-0:2.2.5-8.el8_6.2.x86_64.rpm
Rocky Linux	8	aarch64	expat-devel	0:2.2.5-8.el8_6.2	expat-devel-0:2.2.5-8.el8_6.2.aarch64.rpm

28 Jun 2022 10:52Current

8.7High risk

Vulners AI Score8.7

CVSS 25

CVSS 3.17.5

EPSS0.04654

SSVC

expat security update rocky linux 8 stack exhaustion integer overflow cvss cve xml parsing security fix